r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eb76c0b3adf4098ad8a9d1e38250758f
99610ddb2b4ec6d04250ac244f966951695d4f00
01ed8c191c175471aee23cbc196d558e5bf5209f166806fc97db08eb06544bab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01ED8C191C175471AEE23CBC196D558E5BF5209F166806FC97DB08EB06544BAB"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18371
Expires: Sun, 20 Nov 2022 04:29:56 GMT
Date: Sat, 19 Nov 2022 23:23:45 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f732c50f6a2482aeea20552e0370c2d0
6f33119d5c38e92a0a62f3a46766ff86014e4d68
a47e38c199c5fecd5594544a3889e1cfca5547d85f19056f06eaeeadf17f4fe9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3659
Cache-Control: max-age=130107
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 23:23:45 GMT
Etag: "6378b071-1d7"
Expires: Mon, 21 Nov 2022 11:32:12 GMT
Last-Modified: Sat, 19 Nov 2022 10:31:13 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
att-104662.square.site/
199.34.228.40302 Found 366 B IP 199.34.228.40:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 510eaf247024c14df94b2832630cc301
63adc8a287ff752d2ebce22b713116e4b809dc69
566f6dd07442dec7b30e3a22562cc0a9c8297bf6e763e88484da725a81f26488
Analyzer Verdict Alert openphish AT&T Inc.
phishtank Other
fortinet Phishing
GET / HTTP/1.1
Host: att-104662.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Sat, 19 Nov 2022 23:23:45 GMT
Location: https://att-104662.square.site
Set-Cookie: publishedsite-xsrf=eyJpdiI6IkdHc2Z2MDRBYzNuR2hjdjNkSnRyalE9PSIsInZhbHVlIjoiK1drNFpXZDBDWlo2Mmp0bGtNUFRLY2ptYTE1M1dMcU1tRERwVnlJc0VyOG96SUJQQWhRdzdJblA4elBVR0ZXcDZBSVlieURQR1dkNHNOYWx4a0FXQVwvaGFzQjNibVVcL0dxMmVQcFg4cDVGN3BBRU9JN3RzNnpJVmhmZURKTGc0cSIsIm1hYyI6ImUzNTk5MzIxZDdhODk3ZWQ2NzRkOTY2MDg5ODQ2NGEzOWUwZTY5ZDM5YjNmMThiYTViZDI1YTU0YjQ3MDM2YjAifQ%3D%3D; expires=Sat, 03-Dec-2022 23:23:45 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6InVteko3OGdZZnN4MkdEU0xKQWNTVlE9PSIsInZhbHVlIjoiT09zdjBseDVMc2g3TEtiMWxlR3oxR0N6cHlVVVFvd0pTZmlOMUNLR2RSM2Zib295SW1yYld6N3Ewc1ZCSDlXY3NhNUlPQmltYzJzd0RSdTZMbVBZWUd4bWc4cHEyNnVFNkE4NnlHVzJpQlpyc2xjQjlqYmFxNDNmcVM4eHVWVVYiLCJtYWMiOiIxOWViZTI1NTg4NTBlZTdhODU3OGE3ODJmYzA5MTMxNTlhZTU5NGZlNTU4MjA4YTY3ZmRiY2IyMzA2ZGNmMzdhIn0%3D; expires=Sat, 03-Dec-2022 23:23:45 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6ImR6R1wvK3B3MGFIVFRPWWpKb2pEMW5BPT0iLCJ2YWx1ZSI6IjJnczI0clJhMXZQWkhZQjFlRWlieE4wM1dhbmJ1VFhCeFBHVGRobUE4MjJCNW9zWDNvSGFobVFyV3JMTEZ0M2dNSnkyUnJoRFZoQ2NFS0grbXh2QitkTmhDRTlrUnBjSVlIVHhEXC9wbFJTM2ROdUt6Ylwvbndzdm81Smw4cjQ2M3IiLCJtYWMiOiJiODA2MTA4OThlZGYwNTJmZWQyNjEzNTZiNzcyZWFjNDI2N2E5NWY3NmEyMjU0NDhjNjE5NGUzYjgzZTI5YWU5In0%3D; expires=Sat, 03-Dec-2022 23:23:45 GMT; Max-Age=1209600; path=/; httponly
X-Host: blu68.sf2p.intern.weebly.net
X-Revision: 07e15dd8e8b20167834891d59a8feb86a10a247d
X-Request-ID: 7412935cab9d2b293d848f3f6e183921
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 19 Nov 2022 22:44:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2327
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cee7787feebac18f9eca273e56e3741
3a7dac544172921e24c2a1701beef5079b21d01b
79ff4a450c749d64e116c00ca3b00d40e968906c5c3881d6eeb2dc6374a4c858
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79FF4A450C749D64E116C00CA3B00D40E968906C5C3881D6EEB2DC6374A4C858"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5541
Expires: Sun, 20 Nov 2022 00:56:06 GMT
Date: Sat, 19 Nov 2022 23:23:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: AE0hULi9dY9FcU0dsGwg7IDxhdk9eV+TcVckBGxwNgxLp2bmguNOslBZygTyUY+oQQRZ8TArmbg=
x-amz-request-id: GBBS7GAHG88KMZDY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 19 Nov 2022 22:41:28 GMT
age: 2537
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 23:23:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 19 Nov 2022 22:44:49 GMT
cache-control: public,max-age=3600
age: 2336
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash ee1572180d97a9f405fbc51f279aad87
e0f7ca874ef6221d4dfbae9c157120a9269fb933
b435e04a207c34309a49d66d32fe2d816fd0d1fad1d17b734d3b2efc61ef4601
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "B435E04A207C34309A49D66D32FE2D816FD0D1FAD1D17B734D3B2EFC61EF4601"
Last-Modified: Sat, 19 Nov 2022 22:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3557
Expires: Sun, 20 Nov 2022 00:23:02 GMT
Date: Sat, 19 Nov 2022 23:23:45 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 060d538b33e370fcd033339830d33a42
4a37d427988358eb318e18e2678c3484ef4a5ebd
efa33f92547243814b5bd3bca4f94d26055d590a4431611b3ba251a8d774bfbb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5369
Cache-Control: max-age=126755
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 23:23:46 GMT
Etag: "63789cac-1d7"
Expires: Mon, 21 Nov 2022 10:36:21 GMT
Last-Modified: Sat, 19 Nov 2022 09:06:52 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.161.6.128101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.6.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RrwUUu/+Wo1ssoH+J7Zj+w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: g9ucaZwgcozQNB7t+Yi1jze7nug=
att-104662.square.site/
199.34.228.39200 OK 9.2 kB IP 199.34.228.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (20942)
Hash 0349dc1af2049d155d8a5625bfb83140
604b959fde7b623cb120532c01fdbbf604c9db19
0bb6422a69b82f4ea117a7906c7ec8da8774a817971af18d97a936e11e376805
Analyzer Verdict Alert openphish AT&T Inc.
phishtank Other
fortinet Phishing
GET / HTTP/1.1
Host: att-104662.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sat, 19 Nov 2022 23:23:46 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6IjNmYmQ2SWJVTGM5T0lRdGhFakdTUEE9PSIsInZhbHVlIjoiME92YWlDV0RQdVFOUnhVRk5vc25NTEs5N01HWXZYUm9mWGhuN0hzY2J5N1JtSGlYUE16d0doQVp1K0F5VG54N3hDZ2RJZmp6NzUwXC9zK2xaeVVWVlRNcjhoTE5lYVwvVUx5bm9cL1JDdXZxQ3F3WTFGQWFQTW9vSTM3a25VbzVMcWkiLCJtYWMiOiJhYWUyNDU0NjU5NDg4ZjM0ZTVjMjY1NTU0NjdjNzc4Y2YwMjNhOTk5MjYwMjIzN2I4MmRhNmZjZTk5ZmQ1ODRiIn0%3D; expires=Sat, 03-Dec-2022 23:23:46 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IlF3cGk0WFNjUnVDVDROaFFRRFBIR2c9PSIsInZhbHVlIjoiR1VWM0pZek5mUlpMZWI1azU3S2JmdnlDSTd2Mythdlp3N01MMlBlYktmdmt5cHcxb0dDOXJTZlJVZmQrZlRmc1NqRG9VdEljSkEwVHpuazlGbzNjZ3pqWDhvSzlINnVWbUNCeHkxam93T1QxK2Z3dW9TWTN4eG83enVlVjJwOEIiLCJtYWMiOiI5ZjFlYTFlZWNlMzNlNzM5MTg1MGRiMzYwMzUzOThiNDM5ODk0ODRkYmM1YTBhMzc5NThkZWVjNThhMGY4MDI5In0%3D; expires=Sat, 03-Dec-2022 23:23:46 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6InlKN1wvS1Y2Sk95NmtRT2haWnI2NmhRPT0iLCJ2YWx1ZSI6Im8yZnlyYUgzaDV1cnhENnpmYVwvd0VrOHR4M01rYlhMQzFEV3BnNUVoeGJcL21nbm1JY0lcL05WTVN0emNieUR6MERhTFwvZDNJUDBRVTh1NGhjNTczMkFFWEVTdThzb1UybURtVlRSUTVKMU1pNVZHellpU21NN2h1ZldJU2p3blUzZiIsIm1hYyI6IjZhZWZlYTMzOWY4YzUzMDY1ZjkwOWE4MDM4NzZlYjU1OGM0NmIzZTgxOGRiOWI1YmZkZjU1MDhjNGE5YTIwNzMifQ%3D%3D; expires=Sat, 03-Dec-2022 23:23:46 GMT; Max-Age=1209600; path=/; httponly
X-Host: blu137.sf2p.intern.weebly.net
X-Revision: 07e15dd8e8b20167834891d59a8feb86a10a247d
X-Request-ID: dbf757402623f2e2015eddba686a7ee7
Content-Encoding: gzip
cdn3.editmysite.com/app/website/css/site.1212ec71ad4b7ff5f443.css
151.101.85.46200 OK 24 kB URL HTTP/2 cdn3.editmysite.com/app/website/css/site.1212ec71ad4b7ff5f443.css
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (64930), with no line terminators
Hash 95f18bd4635781a99daed1dd3de8adc1
ac08c18cc726deed47eb6b8f68ec3b5239a2fd91
ef25fa02ff6fba3fa3c90616e1ddbea7d9695867b40a81889074051552b7fff5
GET /app/website/css/site.1212ec71ad4b7ff5f443.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-104662.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Wed, 09 Nov 2022 21:23:11 GMT
x-rgw-object-type: Normal
etag: W/"c22f38a806467cd0cdff32ec647019f0"
x-amz-request-id: tx00000000000002d07c203-00636c1aa2-c67eadd-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 64414abb58e4acfdd0b6e55daa9d9489195edb4b
x-request-id: 463ecf92fd5e50a7617749451e59789e
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 19 Nov 2022 23:23:46 GMT
via: 1.1 varnish
age: 434383
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1668900227.588723,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23817
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
151.101.85.46200 OK 5.0 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (11882), with no line terminators
Hash 20a4e66f534b80396d40bbc4291b2172
d7c962996f2715d94483be2bf9b644c7185d7ec7
0f19e8ad1c9bd5ae2ae5141f31b4e491bb460558da0ac51cd402964e716880ac
GET /app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-104662.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Mar 2022 18:09:33 GMT
x-rgw-object-type: Normal
etag: W/"40372ca3b0cfa19f4e5d664243108364"
x-amz-request-id: tx00000000000005ce1aaac-0062434bb9-a9f1ce7-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 19 Nov 2022 23:23:46 GMT
via: 1.1 varnish
age: 424965
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 5
x-timer: S1668900227.606941,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4998
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.21.226:0
Hash 4d92764cec19ef27fff515829355cfb1
bbabee997dddbb23647de8367b15c4473cf31ba2
2cc381a459c0271b15f88cf11eae865ea5feea7aed4c32bf1cbe87125e1c5692
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 23:23:46 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "047D7DB13AE5B3342080B6E551D389636CE2E52A"
Expires: Sun, 20 Nov 2022 10:00:00 GMT
Last-Modified: Sat, 19 Nov 2022 22:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1289
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ccb21068d4b4ed-OSL
cdn3.editmysite.com/app/checkout/assets/checkout/css/wcko.577957259b9178e25575.css
151.101.85.46200 OK 23 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/css/wcko.577957259b9178e25575.css
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (64270), with no line terminators
Hash d4a7cac8be5683713ff6e8d0784011f2
e2a97aa958426f4a35d0428ba833ced0c6cc6042
286ee096d03d0f9e94833359780ff046c322ba1ea9be4a432a1ae6a89970ecb5
GET /app/checkout/assets/checkout/css/wcko.577957259b9178e25575.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-104662.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Wed, 09 Nov 2022 21:41:51 GMT
x-rgw-object-type: Normal
etag: W/"2a31fcbf4eb69762b720ec1ef08544e0"
x-amz-request-id: tx00000000000002d0bf7b3-00636c1f88-c67eadd-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 19 Nov 2022 23:23:46 GMT
via: 1.1 varnish
age: 869842
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1668900227.606998,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22873
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/runtime.47bdfe4fa940063b20b7.js
151.101.85.46200 OK 25 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/runtime.47bdfe4fa940063b20b7.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (51043)
Hash df45f547be4f1917d661159bd780b8a5
b72a2564baf8f11d9ff7eefd2babedd83ecd9476
b3f396de1a07206948262637f6086647412a37b4551d121b503aef74b458ee68
GET /app/website/js/runtime.47bdfe4fa940063b20b7.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-104662.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Nov 2022 20:03:26 GMT
x-rgw-object-type: Normal
etag: W/"f88383e6db60c7e26da5fe080a5f3fd7"
x-amz-request-id: tx0000000000000353d6eba-006377e573-c695612-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/runtime.47bdfe4fa940063b20b7.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 497a086f426059c53b790be78088f7d2162c0d2a
x-request-id: 200f9864ade9afec5489647bd9be4635
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 19 Nov 2022 23:23:46 GMT
via: 1.1 varnish
age: 98301
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 5
x-timer: S1668900227.606977,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25006
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/vue-modules.9bc3531c7b14b533b653.js
151.101.85.46200 OK 72 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/vue-modules.9bc3531c7b14b533b653.js
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (27432)
Hash f4b29141d74cfc31ae87b2379bf827c6
d3cecf2609cbc423e0a59e9cad96c96595fc550c
77ba93a6fbe46719dede0298898f4d896c073a42d0c093179615edf38f1fd0e5
GET /app/website/js/vue-modules.9bc3531c7b14b533b653.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-104662.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Mon, 24 Oct 2022 20:40:22 GMT
x-rgw-object-type: Normal
etag: W/"be42f69ec175a01b6e195526f58dae71"
x-amz-request-id: tx00000000000002109ab7c-006356f891-c695612-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/vue-modules.9bc3531c7b14b533b653.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 1d15aad34e0d20a973977ec67b3bf5090814a6cf
x-request-id: f2d07942d6e3e48efaf38632576a5abf
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 19 Nov 2022 23:23:46 GMT
via: 1.1 varnish
age: 1457096
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 5
x-timer: S1668900227.607094,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 72192
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/languages/en.d69f032602a9a8656bf8.js
151.101.85.46200 OK 151 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/languages/en.d69f032602a9a8656bf8.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 151 kB (151425 bytes)
Hash 614f055b0efefbf483b909e5dd20bd4b
2721e7fe99f743ec65a6782d0778e3a23cb17b5c
f602fdff3225656b0f2b2c829c952f284590b4fa25de447146a9208335a849ea
GET /app/website/js/languages/en.d69f032602a9a8656bf8.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-104662.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Thu, 03 Nov 2022 23:25:35 GMT
x-rgw-object-type: Normal
etag: W/"88da55c6ac5b86a27462f8794b300ba2"
x-amz-request-id: tx0000000000000278488a3-0063644e55-c6aed46-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/languages/en.d69f032602a9a8656bf8.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 5b106465564fd8cfdc25e96fbccd2ff9dcb7a0ec
x-request-id: d06a245b8fc77a19a7522567339564c9
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 19 Nov 2022 23:23:46 GMT
via: 1.1 varnish
age: 1381974
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668900227.607062,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 151425
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/imports.en.02917f3fa3eb04bd35d3dcd8bc00afd4.js
151.101.85.46200 OK 3.6 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/imports.en.02917f3fa3eb04bd35d3dcd8bc00afd4.js
IP 151.101.85.46:0
File type JSON data\012- , ASCII text, with very long lines (16751), with no line terminators
Hash b7b4cb8b39d6d19f4d67f1073b0460c3
9210579c998fb9e9f264a717133f3a5378bddfaf
ca86271e640ad8977faea6c1413f9e83622a7ea77811d2ad7f7b92bbad2fc4d6
GET /app/checkout/assets/checkout/imports.en.02917f3fa3eb04bd35d3dcd8bc00afd4.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://att-104662.square.site/
Origin: https://att-104662.square.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Nov 2022 22:37:45 GMT
x-rgw-object-type: Normal
etag: W/"02917f3fa3eb04bd35d3dcd8bc00afd4"
x-amz-request-id: tx00000000000003555a4f4-0063780a1b-c695612-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/imports.en.02917f3fa3eb04bd35d3dcd8bc00afd4.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 19 Nov 2022 23:23:46 GMT
via: 1.1 varnish
age: 88870
x-served-by: cache-bma1652-BMA
x-cache: HIT
x-cache-hits: 7
x-timer: S1668900227.863803,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3552
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/85063.4a5f4f2ef1f45319a533.js
151.101.85.46200 OK 4.2 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/85063.4a5f4f2ef1f45319a533.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (5600)
Hash ad7cd9fbaebde8f5a14c3018fcb70e75
9c45169fefc18dbd36f9f61579741699a05b7ea2
8b9b81ba8f5245f221774d13b347297ddc32171f7fac1c2f1b1cb7e75f607bc8
GET /app/website/js/85063.4a5f4f2ef1f45319a533.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-104662.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Wed, 09 Nov 2022 21:23:12 GMT
x-rgw-object-type: Normal
etag: W/"1233b4be6686cd7f8fc25566a2da46f8"
x-amz-request-id: tx00000000000002ce4da13-00636c1aa4-c6aed46-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/85063.4a5f4f2ef1f45319a533.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: a80e6919be55cb6d5160dc63fd6f209d3a8ccad7
x-request-id: c16b37732d8fcb81fc4ff89ac1d91648
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 19 Nov 2022 23:23:47 GMT
via: 1.1 varnish
age: 871127
x-served-by: cache-bma1652-BMA
x-cache: HIT
x-cache-hits: 221
x-timer: S1668900227.297663,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4206
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/49709.7ac0bc41dca5d5f042cb.js
151.101.85.46200 OK 4.9 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/49709.7ac0bc41dca5d5f042cb.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (5899)
Hash 62f49c0180c53efbea827ed1ce0a8b1a
1b55417884f0b5c40da414b56b4c3d1dd65c1e9f
50ba498fe505ea18cff8862e5f4624c2b4baafd4e3177a27639e958d56ee27d7
GET /app/website/js/49709.7ac0bc41dca5d5f042cb.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-104662.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Wed, 09 Nov 2022 19:52:55 GMT
x-rgw-object-type: Normal
etag: W/"91eeefb3ee374b6c0a75ca0939e5f588"
x-amz-request-id: tx00000000000002dc0bc63-00636c056f-c696eea-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/49709.7ac0bc41dca5d5f042cb.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 37c657a6c52703f3b77167c4636391f878524013
x-request-id: 4f472e2a0896e6afcd48de979fcfef14
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 19 Nov 2022 23:23:47 GMT
via: 1.1 varnish
age: 876510
x-served-by: cache-bma1652-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1668900227.300769,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4896
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/88857.6f8b9c8dde377d406145.js
151.101.85.46200 OK 3.5 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/88857.6f8b9c8dde377d406145.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (4211)
Hash 43385965dfa668d82a3f01c5f846a4b2
c12071982b90b1e8e0e5e455e2ad7d33d933f4b0
5202431be6badb463edaf83761e6727d3c98023bdf667847ffbad7a7123d92d3
GET /app/website/js/88857.6f8b9c8dde377d406145.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-104662.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Wed, 09 Nov 2022 19:52:56 GMT
x-rgw-object-type: Normal
etag: W/"eaa527bc6e865c8ec8556d88a6c7d74b"
x-amz-request-id: tx00000000000002e1009a0-00636c0571-c695612-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/88857.6f8b9c8dde377d406145.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 9c7bcfe2ef2e4b83933d0afe101b3d428a6ee7aa
x-request-id: aa595aeec8c0cd41999a32be5e87ee16
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 19 Nov 2022 23:23:47 GMT
via: 1.1 varnish
age: 876509
x-served-by: cache-bma1652-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1668900227.301849,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3474
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/css/home-page.cacc001bb12b4afd12a1.css
151.101.85.46200 OK 389 B URL HTTP/2 cdn3.editmysite.com/app/website/css/home-page.cacc001bb12b4afd12a1.css
IP 151.101.85.46:0
File type ASCII text, with very long lines (847), with no line terminators
Hash fe1c187550e5ecb1b1250e7b34b82b00
5a5449d35c048742e443ee702b1a8fc98a571206
406c3d6a5bb8ba446bc59bef496edffe98ebf6a57a0ed69d0cdf89f69e0503d1
GET /app/website/css/home-page.cacc001bb12b4afd12a1.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-104662.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Wed, 09 Nov 2022 21:23:10 GMT
x-rgw-object-type: Normal
etag: W/"c0ef9bfb0aadb830db99deb8847af42c"
x-amz-request-id: tx00000000000002de3b56d-00636c1aa9-c699baa-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 64414abb58e4acfdd0b6e55daa9d9489195edb4b
x-request-id: 3ed442cdc39e7eb1fa8c2ea59f076174
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 19 Nov 2022 23:23:47 GMT
via: 1.1 varnish
age: 434457
x-served-by: cache-bma1652-BMA
x-cache: HIT
x-cache-hits: 3
x-timer: S1668900227.301996,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 389
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/home-page.e95991f3e0fa8effc638.js
151.101.85.46200 OK 7.5 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/home-page.e95991f3e0fa8effc638.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (24482)
Hash fa242141d7fdf69250d1a7bcabedadcd
4c712ac2ea1d65ec9c8f4483231e70ddaa12c359
d8ef0f3596563f81053f882aa0383cb61c01f1a356fea5e0414cadd4d93a27e7
GET /app/website/js/home-page.e95991f3e0fa8effc638.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-104662.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Wed, 09 Nov 2022 19:52:57 GMT
x-rgw-object-type: Normal
etag: W/"d1c1e444a923b562669f4519889e976d"
x-amz-request-id: tx00000000000002dc0ca7f-00636c057e-c696eea-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/home-page.e95991f3e0fa8effc638.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 9c7bcfe2ef2e4b83933d0afe101b3d428a6ee7aa
x-request-id: 5db269f502de3971546e1e64dd65cdeb
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 19 Nov 2022 23:23:47 GMT
via: 1.1 varnish
age: 876509
x-served-by: cache-bma1652-BMA
x-cache: HIT
x-cache-hits: 5
x-timer: S1668900227.302752,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7481
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 802fe2cdcd2344471f8d3f7bc85ef97b
63e489ffa5f997f174d4f95eb979bd0fed911cc6
da1761d0a54a6faaaa4953c1c9b27fd162c7c46dea1eec9a9e78ddd15fcd5771
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158170
Date: Sat, 19 Nov 2022 23:23:47 GMT
Etag: "637915a1-1d7"
Expires: Mon, 21 Nov 2022 19:19:57 GMT
Last-Modified: Sat, 19 Nov 2022 17:42:57 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fNMxqYNmg1rFT3UgiF3WjdHB5l1NO1KDQa7z1zIYu7vT50fCFPzKhg==
Age: 5820
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 802fe2cdcd2344471f8d3f7bc85ef97b
63e489ffa5f997f174d4f95eb979bd0fed911cc6
da1761d0a54a6faaaa4953c1c9b27fd162c7c46dea1eec9a9e78ddd15fcd5771
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 19 Nov 2022 23:23:47 GMT
Last-Modified: Sat, 19 Nov 2022 22:24:05 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: f5z6quRxOAmvGcOPIpUuNoF9sRR4xmZ_unMMj4lDAmo-_724T6UhmQ==
Age: 3582
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
35.82.13.103200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 35.82.13.103:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://att-104662.square.site/
Origin: https://att-104662.square.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 23:23:47 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://att-104662.square.site
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2301
Expires: Sun, 20 Nov 2022 00:02:08 GMT
Date: Sat, 19 Nov 2022 23:23:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2301
Expires: Sun, 20 Nov 2022 00:02:08 GMT
Date: Sat, 19 Nov 2022 23:23:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2301
Expires: Sun, 20 Nov 2022 00:02:08 GMT
Date: Sat, 19 Nov 2022 23:23:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b07f2a3-725f-4aa2-afa2-375328b55ea8.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b07f2a3-725f-4aa2-afa2-375328b55ea8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4454f87c40e9b7c5de9853c1ec6f0671
119aac07a88e7c358bf353335f3a81039ca9943b
e909f823611609282c643c58ccc7b267dcfc09970e58b66742dc8baf7cda5bf4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b07f2a3-725f-4aa2-afa2-375328b55ea8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5699
x-amzn-requestid: ea538aed-2b5a-4940-b49f-b4703a556956
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3i6KHnQoAMFu3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b74-2f756f9a27ddc4b001cdaff2;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:32:36 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: w4JqPNmzHlUl4EMM2osU4Z5dtroFWOB0DL5ylePs6XBbIdxpsPItnQ==
via: 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:44 GMT
etag: "119aac07a88e7c358bf353335f3a81039ca9943b"
content-type: image/jpeg
age: 6123
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F655b8993-0bce-4e6f-91dc-bf1be7821320.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F655b8993-0bce-4e6f-91dc-bf1be7821320.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ab1011435c84b1d143e3daccdc3cf271
b82d5e707f1a4538531a43acc89ca6f9aef854a3
0ef1ed157670d2d6bce29f1205a0478f48b404e0ef7a4e430dec932f6bec14da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F655b8993-0bce-4e6f-91dc-bf1be7821320.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11861
x-amzn-requestid: 2915027b-f1ea-4f75-89c3-6a5bbd69ad31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jXDH_loAMFgeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c2c-3f0acb680850e4de2225b6fd;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nkE_EIP6MzoADA7hH_3BF82XOs1LXhWoPWH2buOnoKVLhl_ybr_zdQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 22:20:59 GMT
age: 3768
etag: "b82d5e707f1a4538531a43acc89ca6f9aef854a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l3euSue3hLTcBU1OSLRCDuBDeXXM2mAIz0LhADeJV-30r-dW_TFV0w==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:48:38 GMT
age: 5709
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc7bd20d-d931-4bf4-b779-4d11f018d81f.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc7bd20d-d931-4bf4-b779-4d11f018d81f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 623ee888c7c89b3b1fbc7454032403e9
6c237808a186c2ac0d7084fb386b0862d188dabb
a7e8212bb8c2c738a61f1f7ecf730ee09e751334f3cdb5ed447913b69561f5b8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc7bd20d-d931-4bf4-b779-4d11f018d81f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8756
x-amzn-requestid: c80806cc-6125-4e82-971e-1c93d7bb5ce9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3izgHavoAMFicA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b49-51a4c2ba1d646c1c7633d99a;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:31:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bsukMDSn70wVNA0iIBkOUGae0uTFHvOowG90XsuEqTUVoYg8IReLzQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 22:07:40 GMT
age: 4567
etag: "6c237808a186c2ac0d7084fb386b0862d188dabb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84f65b21-5dd5-42d9-9985-0823fc534495.webp
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84f65b21-5dd5-42d9-9985-0823fc534495.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25aa851caa96376b563f0322e8621292
71a917b184ec9ad1bb370724f4e4c707468e865e
7ffbeca58e1a4cc8f26f1a832376ae97d17c973efef9a1f4bebb44536da5ae1c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84f65b21-5dd5-42d9-9985-0823fc534495.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4292
x-amzn-requestid: 5b50eebe-81f9-43fa-b259-eb9be43ff3be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3i0SH1uoAMFdUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b4e-7322c4461f94c93c29542312;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:31:58 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: pcLZxnbI_hWCZstg2gZwNR3-v6d4Y1szI-Kg_RMXsgneiIRXBZHWkA==
via: 1.1 3c22982dfb94f708939a6ef528c5e55c.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 22:19:52 GMT
etag: "71a917b184ec9ad1bb370724f4e4c707468e865e"
content-type: image/jpeg
age: 3835
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1fe6564-e0ba-4c81-b868-04fa596cddaa.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1fe6564-e0ba-4c81-b868-04fa596cddaa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a8f1dddf91a53f8f28d70565d1a3458b
9d026c2c53629648cfda4a324eadae6e33de0d55
c352216d126382d7b588ff6e5a3ed6ab12d92dc5e58216cc5883c27bf612a7d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1fe6564-e0ba-4c81-b868-04fa596cddaa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7968
x-amzn-requestid: 0dc9cfbf-7e72-45a7-9496-49a5cf1a4465
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jZmEwboAMF1tQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c3d-1f40770e29ad853b31a3aa23;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UM4MVSwb8F1uv2jbbdeh8bhV3KJNhqiN9wJj1Yua8h4x762uD8UKyQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:44 GMT
age: 6123
etag: "9d026c2c53629648cfda4a324eadae6e33de0d55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
att-104662.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
199.34.228.39200 OK 894 B URL HTTP/1.1 att-104662.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
IP 199.34.228.39:0
File type JSON data\012- , ASCII text, with very long lines (894), with no line terminators
Hash de54321278067191f73779fe3f2468de
51d52e67a088301b9b248eb3fae2d5c8ce6ffd49
9f82a8aac9f9857f942f3df64d69fb22571edf783220b7a0a2d7ef4352ec221a
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig] HTTP/1.1
Host: att-104662.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6IlF3cGk0WFNjUnVDVDROaFFRRFBIR2c9PSIsInZhbHVlIjoiR1VWM0pZek5mUlpMZWI1azU3S2JmdnlDSTd2Mythdlp3N01MMlBlYktmdmt5cHcxb0dDOXJTZlJVZmQrZlRmc1NqRG9VdEljSkEwVHpuazlGbzNjZ3pqWDhvSzlINnVWbUNCeHkxam93T1QxK2Z3dW9TWTN4eG83enVlVjJwOEIiLCJtYWMiOiI5ZjFlYTFlZWNlMzNlNzM5MTg1MGRiMzYwMzUzOThiNDM5ODk0ODRkYmM1YTBhMzc5NThkZWVjNThhMGY4MDI5In0=
Content-Length: 78
Origin: https://att-104662.square.site
Connection: keep-alive
Referer: https://att-104662.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IjNmYmQ2SWJVTGM5T0lRdGhFakdTUEE9PSIsInZhbHVlIjoiME92YWlDV0RQdVFOUnhVRk5vc25NTEs5N01HWXZYUm9mWGhuN0hzY2J5N1JtSGlYUE16d0doQVp1K0F5VG54N3hDZ2RJZmp6NzUwXC9zK2xaeVVWVlRNcjhoTE5lYVwvVUx5bm9cL1JDdXZxQ3F3WTFGQWFQTW9vSTM3a25VbzVMcWkiLCJtYWMiOiJhYWUyNDU0NjU5NDg4ZjM0ZTVjMjY1NTU0NjdjNzc4Y2YwMjNhOTk5MjYwMjIzN2I4MmRhNmZjZTk5ZmQ1ODRiIn0%3D; XSRF-TOKEN=eyJpdiI6IlF3cGk0WFNjUnVDVDROaFFRRFBIR2c9PSIsInZhbHVlIjoiR1VWM0pZek5mUlpMZWI1azU3S2JmdnlDSTd2Mythdlp3N01MMlBlYktmdmt5cHcxb0dDOXJTZlJVZmQrZlRmc1NqRG9VdEljSkEwVHpuazlGbzNjZ3pqWDhvSzlINnVWbUNCeHkxam93T1QxK2Z3dW9TWTN4eG83enVlVjJwOEIiLCJtYWMiOiI5ZjFlYTFlZWNlMzNlNzM5MTg1MGRiMzYwMzUzOThiNDM5ODk0ODRkYmM1YTBhMzc5NThkZWVjNThhMGY4MDI5In0%3D; PublishedSiteSession=eyJpdiI6InlKN1wvS1Y2Sk95NmtRT2haWnI2NmhRPT0iLCJ2YWx1ZSI6Im8yZnlyYUgzaDV1cnhENnpmYVwvd0VrOHR4M01rYlhMQzFEV3BnNUVoeGJcL21nbm1JY0lcL05WTVN0emNieUR6MERhTFwvZDNJUDBRVTh1NGhjNTczMkFFWEVTdThzb1UybURtVlRSUTVKMU1pNVZHellpU21NN2h1ZldJU2p3blUzZiIsIm1hYyI6IjZhZWZlYTMzOWY4YzUzMDY1ZjkwOWE4MDM4NzZlYjU1OGM0NmIzZTgxOGRiOWI1YmZkZjU1MDhjNGE5YTIwNzMifQ%3D%3D; _snow_ses.169c=*; _snow_id.169c=ab763076-6eb8-4612-ada3-5844ca14c55b.1668900227.1.1668900227.1668900227.a643f6ab-a388-424e-b3ff-d19fd42d7e8e; _dd_s=rum=1&id=b5c101ba-c080-4099-ab6a-a6b349388421&created=1668900227306&expire=1668901127306
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 23:23:47 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn144.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 894
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
35.188.42.15200 OK 2 B URL HTTP/1.1 sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
IP 35.188.42.15:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://att-104662.square.site/
Content-Type: text/plain;charset=UTF-8
Origin: https://att-104662.square.site
Content-Length: 429
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 23:23:47 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://att-104662.square.site
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
35.82.13.103200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 35.82.13.103:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1988
Origin: https://att-104662.square.site
Connection: keep-alive
Referer: https://att-104662.square.site/
Cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 23:23:47 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c; Expires=Sun, 19 Nov 2023 23:23:47 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://att-104662.square.site
access-control-allow-credentials: true
X-Firefox-Spdy: h2
att-104662.square.site/app/website/cms/api/v1/users/143908978/customers/coordinates
199.34.228.39200 OK 70 B URL HTTP/1.1 att-104662.square.site/app/website/cms/api/v1/users/143908978/customers/coordinates
IP 199.34.228.39:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9752b06c768724a72741cf9388713596
3c05993fc47e53d1edaa9c03779565a7753f3a61
1d97b677c782c9ae57c8b4dcb6afd88a8068ea3cd133a00cf1050dfe0b4d835c
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET /app/website/cms/api/v1/users/143908978/customers/coordinates HTTP/1.1
Host: att-104662.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IlF3cGk0WFNjUnVDVDROaFFRRFBIR2c9PSIsInZhbHVlIjoiR1VWM0pZek5mUlpMZWI1azU3S2JmdnlDSTd2Mythdlp3N01MMlBlYktmdmt5cHcxb0dDOXJTZlJVZmQrZlRmc1NqRG9VdEljSkEwVHpuazlGbzNjZ3pqWDhvSzlINnVWbUNCeHkxam93T1QxK2Z3dW9TWTN4eG83enVlVjJwOEIiLCJtYWMiOiI5ZjFlYTFlZWNlMzNlNzM5MTg1MGRiMzYwMzUzOThiNDM5ODk0ODRkYmM1YTBhMzc5NThkZWVjNThhMGY4MDI5In0=
Connection: keep-alive
Referer: https://att-104662.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IjNmYmQ2SWJVTGM5T0lRdGhFakdTUEE9PSIsInZhbHVlIjoiME92YWlDV0RQdVFOUnhVRk5vc25NTEs5N01HWXZYUm9mWGhuN0hzY2J5N1JtSGlYUE16d0doQVp1K0F5VG54N3hDZ2RJZmp6NzUwXC9zK2xaeVVWVlRNcjhoTE5lYVwvVUx5bm9cL1JDdXZxQ3F3WTFGQWFQTW9vSTM3a25VbzVMcWkiLCJtYWMiOiJhYWUyNDU0NjU5NDg4ZjM0ZTVjMjY1NTU0NjdjNzc4Y2YwMjNhOTk5MjYwMjIzN2I4MmRhNmZjZTk5ZmQ1ODRiIn0%3D; XSRF-TOKEN=eyJpdiI6IlF3cGk0WFNjUnVDVDROaFFRRFBIR2c9PSIsInZhbHVlIjoiR1VWM0pZek5mUlpMZWI1azU3S2JmdnlDSTd2Mythdlp3N01MMlBlYktmdmt5cHcxb0dDOXJTZlJVZmQrZlRmc1NqRG9VdEljSkEwVHpuazlGbzNjZ3pqWDhvSzlINnVWbUNCeHkxam93T1QxK2Z3dW9TWTN4eG83enVlVjJwOEIiLCJtYWMiOiI5ZjFlYTFlZWNlMzNlNzM5MTg1MGRiMzYwMzUzOThiNDM5ODk0ODRkYmM1YTBhMzc5NThkZWVjNThhMGY4MDI5In0%3D; PublishedSiteSession=eyJpdiI6InlKN1wvS1Y2Sk95NmtRT2haWnI2NmhRPT0iLCJ2YWx1ZSI6Im8yZnlyYUgzaDV1cnhENnpmYVwvd0VrOHR4M01rYlhMQzFEV3BnNUVoeGJcL21nbm1JY0lcL05WTVN0emNieUR6MERhTFwvZDNJUDBRVTh1NGhjNTczMkFFWEVTdThzb1UybURtVlRSUTVKMU1pNVZHellpU21NN2h1ZldJU2p3blUzZiIsIm1hYyI6IjZhZWZlYTMzOWY4YzUzMDY1ZjkwOWE4MDM4NzZlYjU1OGM0NmIzZTgxOGRiOWI1YmZkZjU1MDhjNGE5YTIwNzMifQ%3D%3D; _snow_ses.169c=*; _snow_id.169c=ab763076-6eb8-4612-ada3-5844ca14c55b.1668900227.1.1668900227.1668900227.a643f6ab-a388-424e-b3ff-d19fd42d7e8e; _dd_s=rum=1&id=b5c101ba-c080-4099-ab6a-a6b349388421&created=1668900227306&expire=1668901127306
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sat, 19 Nov 2022 23:23:48 GMT
Set-Cookie: websitespring-xsrf=eyJpdiI6ImpuNHp0N291UUMwUXhwRHZTXC9wVHZ3PT0iLCJ2YWx1ZSI6InYrXC9qRGkyYXRkcXYzaHhCa1o1OXUxMENHOElSS3BJRWJoYTdGT1UxaWhRVFpMeFhDZ2NJNU53d3pJVFMzVjJmVFF4V3Vmb3pKN25PWWRoZzJtdnZjdTdNdXNxK0NNWnk4NnFkVHZYdU9sTWkrU0NlMGJXSmJCMFZmNHBnNE5GRyIsIm1hYyI6IjlkZmJjMmJlMzAwYmFhMmJiY2MxMzg3Yzc3YzNlNjA2ZGZhNDE5ODU5YjdiZDMxZDYxMTQ5ZjQxY2U2OWQxZWMifQ%3D%3D; expires=Sat, 03-Dec-2022 23:23:48 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6Img0TVF4b2U0RVhqNktCWjlcL1VscHpBPT0iLCJ2YWx1ZSI6Ik9ZOUdBbUdcL1lPOUhHc1R1ZkpcL3lFNjRucnlqMFZyTVV5SGxReDc1bEFhN292aVp3ckRyNTE0WjhDbEIzR1doMTlISDFaczZaNE0rOW9wU3dzN2JwTTkrUDY2RFVNdmZ4RDA4UFNDem1qZlJwOEc5S1h4VGNYVVhZb2tcL1oxXC91QyIsIm1hYyI6IjVkMDFkYjk1OGE3ZGY1Y2NkYWIxZTU0ODQ4ZDY4OWNlZjQ3YzMxMjE4OTBiM2FmMzk5YmVkZDQ1OTY4NzBmNDcifQ%3D%3D; expires=Sat, 03-Dec-2022 23:23:48 GMT; Max-Age=1209600; path=/
X-Host: grn41.sf2p.intern.weebly.net
X-Revision: 07e15dd8e8b20167834891d59a8feb86a10a247d
X-Request-ID: 147c18919b7d6d944f57851169e20b78
Content-Encoding: gzip
att-104662.square.site/uploads/b/9483ad20-67a4-11ed-9ac0-ddf81ef2e21a/icon_180x180_ios_NDE0Mj.png?width=180
199.34.228.39200 OK 618 B URL HTTP/1.1 att-104662.square.site/uploads/b/9483ad20-67a4-11ed-9ac0-ddf81ef2e21a/icon_180x180_ios_NDE0Mj.png?width=180
IP 199.34.228.39:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0fca3821cc22806c4ee4200e628027ca
023880c98e67f02331f67945b30d687eb07d526a
53d23bd4d67eb877f60c6444be7d2db8b7c0d894b1fdfd714c3463f85686c333
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET /uploads/b/9483ad20-67a4-11ed-9ac0-ddf81ef2e21a/icon_180x180_ios_NDE0Mj.png?width=180 HTTP/1.1
Host: att-104662.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-104662.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IjNmYmQ2SWJVTGM5T0lRdGhFakdTUEE9PSIsInZhbHVlIjoiME92YWlDV0RQdVFOUnhVRk5vc25NTEs5N01HWXZYUm9mWGhuN0hzY2J5N1JtSGlYUE16d0doQVp1K0F5VG54N3hDZ2RJZmp6NzUwXC9zK2xaeVVWVlRNcjhoTE5lYVwvVUx5bm9cL1JDdXZxQ3F3WTFGQWFQTW9vSTM3a25VbzVMcWkiLCJtYWMiOiJhYWUyNDU0NjU5NDg4ZjM0ZTVjMjY1NTU0NjdjNzc4Y2YwMjNhOTk5MjYwMjIzN2I4MmRhNmZjZTk5ZmQ1ODRiIn0%3D; XSRF-TOKEN=eyJpdiI6IlF3cGk0WFNjUnVDVDROaFFRRFBIR2c9PSIsInZhbHVlIjoiR1VWM0pZek5mUlpMZWI1azU3S2JmdnlDSTd2Mythdlp3N01MMlBlYktmdmt5cHcxb0dDOXJTZlJVZmQrZlRmc1NqRG9VdEljSkEwVHpuazlGbzNjZ3pqWDhvSzlINnVWbUNCeHkxam93T1QxK2Z3dW9TWTN4eG83enVlVjJwOEIiLCJtYWMiOiI5ZjFlYTFlZWNlMzNlNzM5MTg1MGRiMzYwMzUzOThiNDM5ODk0ODRkYmM1YTBhMzc5NThkZWVjNThhMGY4MDI5In0%3D; PublishedSiteSession=eyJpdiI6InlKN1wvS1Y2Sk95NmtRT2haWnI2NmhRPT0iLCJ2YWx1ZSI6Im8yZnlyYUgzaDV1cnhENnpmYVwvd0VrOHR4M01rYlhMQzFEV3BnNUVoeGJcL21nbm1JY0lcL05WTVN0emNieUR6MERhTFwvZDNJUDBRVTh1NGhjNTczMkFFWEVTdThzb1UybURtVlRSUTVKMU1pNVZHellpU21NN2h1ZldJU2p3blUzZiIsIm1hYyI6IjZhZWZlYTMzOWY4YzUzMDY1ZjkwOWE4MDM4NzZlYjU1OGM0NmIzZTgxOGRiOWI1YmZkZjU1MDhjNGE5YTIwNzMifQ%3D%3D; _snow_ses.169c=*; _snow_id.169c=ab763076-6eb8-4612-ada3-5844ca14c55b.1668900227.1.1668900227.1668900227.a643f6ab-a388-424e-b3ff-d19fd42d7e8e; _dd_s=rum=1&id=b5c101ba-c080-4099-ab6a-a6b349388421&created=1668900227306&expire=1668901127306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 23:23:48 GMT
Content-Type: image/webp
Content-Length: 618
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "/2nJruhejxnNWPbRmWrgXtk/BKN/yIhTCz91GMNChpk"
Fastly-Io-Info: ifsz=1204 idim=180x180 ifmt=png ofsz=618 odim=180x180 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx0000000000000342d867f-0063783638-c6aed46-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: ze59f
X-Storage-Object: e59f093f99316f01afa70e44634fa696e85a1edddbbd233126ea5883ed0f3c54
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-sjc10070-SJC, cache-pao17474-PAO
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1668900228.057192,VS0,VE34
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu70.sf2p.intern.weebly.net
att-104662.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
199.34.228.39200 OK 201 B URL HTTP/1.1 att-104662.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
IP 199.34.228.39:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bbf985fd86ef8add09a38860a98def2f
2804fa968da1e1b8be4b6f150438e45f4150d3c0
236153652c6f09415db4ee8f8b9a98827da5987a001a136d94d87f401ef6f160
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments] HTTP/1.1
Host: att-104662.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6IlF3cGk0WFNjUnVDVDROaFFRRFBIR2c9PSIsInZhbHVlIjoiR1VWM0pZek5mUlpMZWI1azU3S2JmdnlDSTd2Mythdlp3N01MMlBlYktmdmt5cHcxb0dDOXJTZlJVZmQrZlRmc1NqRG9VdEljSkEwVHpuazlGbzNjZ3pqWDhvSzlINnVWbUNCeHkxam93T1QxK2Z3dW9TWTN4eG83enVlVjJwOEIiLCJtYWMiOiI5ZjFlYTFlZWNlMzNlNzM5MTg1MGRiMzYwMzUzOThiNDM5ODk0ODRkYmM1YTBhMzc5NThkZWVjNThhMGY4MDI5In0=
Content-Length: 83
Origin: https://att-104662.square.site
Connection: keep-alive
Referer: https://att-104662.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IjNmYmQ2SWJVTGM5T0lRdGhFakdTUEE9PSIsInZhbHVlIjoiME92YWlDV0RQdVFOUnhVRk5vc25NTEs5N01HWXZYUm9mWGhuN0hzY2J5N1JtSGlYUE16d0doQVp1K0F5VG54N3hDZ2RJZmp6NzUwXC9zK2xaeVVWVlRNcjhoTE5lYVwvVUx5bm9cL1JDdXZxQ3F3WTFGQWFQTW9vSTM3a25VbzVMcWkiLCJtYWMiOiJhYWUyNDU0NjU5NDg4ZjM0ZTVjMjY1NTU0NjdjNzc4Y2YwMjNhOTk5MjYwMjIzN2I4MmRhNmZjZTk5ZmQ1ODRiIn0%3D; XSRF-TOKEN=eyJpdiI6IlF3cGk0WFNjUnVDVDROaFFRRFBIR2c9PSIsInZhbHVlIjoiR1VWM0pZek5mUlpMZWI1azU3S2JmdnlDSTd2Mythdlp3N01MMlBlYktmdmt5cHcxb0dDOXJTZlJVZmQrZlRmc1NqRG9VdEljSkEwVHpuazlGbzNjZ3pqWDhvSzlINnVWbUNCeHkxam93T1QxK2Z3dW9TWTN4eG83enVlVjJwOEIiLCJtYWMiOiI5ZjFlYTFlZWNlMzNlNzM5MTg1MGRiMzYwMzUzOThiNDM5ODk0ODRkYmM1YTBhMzc5NThkZWVjNThhMGY4MDI5In0%3D; PublishedSiteSession=eyJpdiI6InlKN1wvS1Y2Sk95NmtRT2haWnI2NmhRPT0iLCJ2YWx1ZSI6Im8yZnlyYUgzaDV1cnhENnpmYVwvd0VrOHR4M01rYlhMQzFEV3BnNUVoeGJcL21nbm1JY0lcL05WTVN0emNieUR6MERhTFwvZDNJUDBRVTh1NGhjNTczMkFFWEVTdThzb1UybURtVlRSUTVKMU1pNVZHellpU21NN2h1ZldJU2p3blUzZiIsIm1hYyI6IjZhZWZlYTMzOWY4YzUzMDY1ZjkwOWE4MDM4NzZlYjU1OGM0NmIzZTgxOGRiOWI1YmZkZjU1MDhjNGE5YTIwNzMifQ%3D%3D; _snow_ses.169c=*; _snow_id.169c=ab763076-6eb8-4612-ada3-5844ca14c55b.1668900227.1.1668900227.1668900227.a643f6ab-a388-424e-b3ff-d19fd42d7e8e; _dd_s=rum=1&id=b5c101ba-c080-4099-ab6a-a6b349388421&created=1668900227306&expire=1668901127306
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 23:23:48 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu78.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 201
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
att-104662.square.site/square.ico
199.34.228.39200 OK 6.5 kB URL HTTP/1.1 att-104662.square.site/square.ico
IP 199.34.228.39:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash d810985ef4dc1c0bd5811e36d13c8ca3
2b45bb77c68c937af6a2d9854dc82301526473aa
770e0889aefd823056c7cdbb066a445be0f0754c1b4d4cba877e120fdbcb63e6
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET /square.ico HTTP/1.1
Host: att-104662.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-104662.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IjNmYmQ2SWJVTGM5T0lRdGhFakdTUEE9PSIsInZhbHVlIjoiME92YWlDV0RQdVFOUnhVRk5vc25NTEs5N01HWXZYUm9mWGhuN0hzY2J5N1JtSGlYUE16d0doQVp1K0F5VG54N3hDZ2RJZmp6NzUwXC9zK2xaeVVWVlRNcjhoTE5lYVwvVUx5bm9cL1JDdXZxQ3F3WTFGQWFQTW9vSTM3a25VbzVMcWkiLCJtYWMiOiJhYWUyNDU0NjU5NDg4ZjM0ZTVjMjY1NTU0NjdjNzc4Y2YwMjNhOTk5MjYwMjIzN2I4MmRhNmZjZTk5ZmQ1ODRiIn0%3D; XSRF-TOKEN=eyJpdiI6IlF3cGk0WFNjUnVDVDROaFFRRFBIR2c9PSIsInZhbHVlIjoiR1VWM0pZek5mUlpMZWI1azU3S2JmdnlDSTd2Mythdlp3N01MMlBlYktmdmt5cHcxb0dDOXJTZlJVZmQrZlRmc1NqRG9VdEljSkEwVHpuazlGbzNjZ3pqWDhvSzlINnVWbUNCeHkxam93T1QxK2Z3dW9TWTN4eG83enVlVjJwOEIiLCJtYWMiOiI5ZjFlYTFlZWNlMzNlNzM5MTg1MGRiMzYwMzUzOThiNDM5ODk0ODRkYmM1YTBhMzc5NThkZWVjNThhMGY4MDI5In0%3D; PublishedSiteSession=eyJpdiI6InlKN1wvS1Y2Sk95NmtRT2haWnI2NmhRPT0iLCJ2YWx1ZSI6Im8yZnlyYUgzaDV1cnhENnpmYVwvd0VrOHR4M01rYlhMQzFEV3BnNUVoeGJcL21nbm1JY0lcL05WTVN0emNieUR6MERhTFwvZDNJUDBRVTh1NGhjNTczMkFFWEVTdThzb1UybURtVlRSUTVKMU1pNVZHellpU21NN2h1ZldJU2p3blUzZiIsIm1hYyI6IjZhZWZlYTMzOWY4YzUzMDY1ZjkwOWE4MDM4NzZlYjU1OGM0NmIzZTgxOGRiOWI1YmZkZjU1MDhjNGE5YTIwNzMifQ%3D%3D; _snow_ses.169c=*; _snow_id.169c=ab763076-6eb8-4612-ada3-5844ca14c55b.1668900227.1.1668900227.1668900227.a643f6ab-a388-424e-b3ff-d19fd42d7e8e; _dd_s=rum=1&id=b5c101ba-c080-4099-ab6a-a6b349388421&created=1668900227306&expire=1668901127306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 23:23:48 GMT
Content-Type: image/x-icon
Content-Length: 6518
Connection: keep-alive
Last-Modified: Tue, 02 Apr 2019 14:51:59 GMT
x-rgw-object-type: Normal
ETag: "d810985ef4dc1c0bd5811e36d13c8ca3"
x-amz-request-id: tx000000000000001af9993-00628473f6-b9fbc29-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn41.sf2p.intern.weebly.net
X-Revision: 07e15dd8e8b20167834891d59a8feb86a10a247d
X-Request-ID: 0a7adb864a6f4fe1d60228735ab784c8
cdn5.editmysite.com/app/store/api/v23/editor/users/143908978/sites/751742417772565611/store-locations?page=1&per_page=100&include=address&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1
151.101.85.46200 OK 1.3 kB URL HTTP/2 cdn5.editmysite.com/app/store/api/v23/editor/users/143908978/sites/751742417772565611/store-locations?page=1&per_page=100&include=address&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1
IP 151.101.85.46:0
File type JSON data\012- , ASCII text, with very long lines (3718), with no line terminators
Hash b6e035ae08d98a8019c55da9056d956c
23c8f72c5730b6d978bcc075956815397bb04bcb
64c6ebdf99c3339cc0ac9d51a16b42da9f73d94cdf8fd17bb5a0c02a890312f5
GET /app/store/api/v23/editor/users/143908978/sites/751742417772565611/store-locations?page=1&per_page=100&include=address&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1 HTTP/1.1
Host: cdn5.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://att-104662.square.site
Connection: keep-alive
Referer: https://att-104662.square.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json
cache-control: s-maxage=604800
etag: W/"89efa9b82d4ae8d36c4c031a861545bf"
access-control-allow-methods: GET, HEAD
fullcache: h
x-revision: 8835f2a91b9ac3a2580155ae2c07023514c61667
x-request-id: 2a0ff02b34fadf6a09122811272ec48d
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 19 Nov 2022 23:23:48 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1652-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668900228.163323,VS0,VE190
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1332
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/wsnbn/snowday262.js
151.101.85.46200 OK 5.3 kB URL HTTP/2 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (11059)
Hash 21327be56a0983e9d8f07bbfbe8c8e3b
8924962591f26478862458419a13ee99a0ce12e8
b76acd27b9827bda0c0a84cae0f200cfd56c740a73b7dc4cc4ed51766e3b6117
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-104662.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 00:31:12 GMT
etag: "636af4d0-124fe"
expires: Thu, 24 Nov 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: grn91.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 19 Nov 2022 23:23:46 GMT
age: 830704
x-served-by: cache-sjc10061-SJC, cache-bma1620-BMA
x-cache: HIT, HIT
x-cache-hits: 49, 9073
x-timer: S1668900227.612755,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25752
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/static/fonts/Inter/inter-v12-latin-regular.woff2
151.101.85.46200 OK 17 kB URL HTTP/2 cdn3.editmysite.com/app/website/static/fonts/Inter/inter-v12-latin-regular.woff2
IP 151.101.85.46:0
File type Web Open Font Format (Version 2), TrueType, length 16708, version 1.0\012- data
Hash 68c477c4c76baab3a8d1ef6a55aa986f
4af50379e13514558dd53d123db8ea101ec5e24c
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
GET /app/website/static/fonts/Inter/inter-v12-latin-regular.woff2 HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://att-104662.square.site
Connection: keep-alive
Referer: https://cdn3.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: font/woff2
last-modified: Fri, 26 Aug 2022 21:17:05 GMT
x-rgw-object-type: Normal
etag: "68c477c4c76baab3a8d1ef6a55aa986f"
x-amz-request-id: tx00000000000002043f368-006357651e-c67eadd-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 94858a412c06fa6ad25d1f91ea0049567a504098
x-request-id: 8bec8cb1ddb8458f18eedb023c38b852
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 19 Nov 2022 23:23:48 GMT
via: 1.1 varnish
age: 2228326
x-served-by: cache-bma1652-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668900229.616583,VS0,VE1
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16708
X-Firefox-Spdy: h2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
35.82.13.103200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 35.82.13.103:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 2428
Origin: https://att-104662.square.site
Connection: keep-alive
Referer: https://att-104662.square.site/
Cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 23:23:48 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c; Expires=Sun, 19 Nov 2023 23:23:48 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://att-104662.square.site
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8d98fb94eece995e65a1ae984fd5500e
6dbd0958fd6b86cf04c1611e41021ac6ac179cf3
4b6aafb496a72f6f8ddf80366486e0ef24b956b8e3cf9352ec37503266be8584
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5785
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 23:23:48 GMT
Last-Modified: Sat, 19 Nov 2022 21:47:23 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
35.82.13.103200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 35.82.13.103:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1886
Origin: https://att-104662.square.site
Connection: keep-alive
Referer: https://att-104662.square.site/
Cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 23:23:48 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c; Expires=Sun, 19 Nov 2023 23:23:48 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://att-104662.square.site
access-control-allow-credentials: true
X-Firefox-Spdy: h2
att-104662.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
199.34.228.39200 OK 182 B URL HTTP/1.1 att-104662.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
IP 199.34.228.39:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6f6b6b81dd3714cd388808342e960a10
f34bc92a2c7a4dfe56bd6f069ad601e6a61e3b61
2eb22bb7b96aaee11236fcf99e822ede29d3a2ddf2d6f019bb70005b5a1540ef
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder] HTTP/1.1
Host: att-104662.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6Img0TVF4b2U0RVhqNktCWjlcL1VscHpBPT0iLCJ2YWx1ZSI6Ik9ZOUdBbUdcL1lPOUhHc1R1ZkpcL3lFNjRucnlqMFZyTVV5SGxReDc1bEFhN292aVp3ckRyNTE0WjhDbEIzR1doMTlISDFaczZaNE0rOW9wU3dzN2JwTTkrUDY2RFVNdmZ4RDA4UFNDem1qZlJwOEc5S1h4VGNYVVhZb2tcL1oxXC91QyIsIm1hYyI6IjVkMDFkYjk1OGE3ZGY1Y2NkYWIxZTU0ODQ4ZDY4OWNlZjQ3YzMxMjE4OTBiM2FmMzk5YmVkZDQ1OTY4NzBmNDcifQ==
Content-Length: 89
Origin: https://att-104662.square.site
Connection: keep-alive
Referer: https://att-104662.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IjNmYmQ2SWJVTGM5T0lRdGhFakdTUEE9PSIsInZhbHVlIjoiME92YWlDV0RQdVFOUnhVRk5vc25NTEs5N01HWXZYUm9mWGhuN0hzY2J5N1JtSGlYUE16d0doQVp1K0F5VG54N3hDZ2RJZmp6NzUwXC9zK2xaeVVWVlRNcjhoTE5lYVwvVUx5bm9cL1JDdXZxQ3F3WTFGQWFQTW9vSTM3a25VbzVMcWkiLCJtYWMiOiJhYWUyNDU0NjU5NDg4ZjM0ZTVjMjY1NTU0NjdjNzc4Y2YwMjNhOTk5MjYwMjIzN2I4MmRhNmZjZTk5ZmQ1ODRiIn0%3D; XSRF-TOKEN=eyJpdiI6Img0TVF4b2U0RVhqNktCWjlcL1VscHpBPT0iLCJ2YWx1ZSI6Ik9ZOUdBbUdcL1lPOUhHc1R1ZkpcL3lFNjRucnlqMFZyTVV5SGxReDc1bEFhN292aVp3ckRyNTE0WjhDbEIzR1doMTlISDFaczZaNE0rOW9wU3dzN2JwTTkrUDY2RFVNdmZ4RDA4UFNDem1qZlJwOEc5S1h4VGNYVVhZb2tcL1oxXC91QyIsIm1hYyI6IjVkMDFkYjk1OGE3ZGY1Y2NkYWIxZTU0ODQ4ZDY4OWNlZjQ3YzMxMjE4OTBiM2FmMzk5YmVkZDQ1OTY4NzBmNDcifQ%3D%3D; PublishedSiteSession=eyJpdiI6InlKN1wvS1Y2Sk95NmtRT2haWnI2NmhRPT0iLCJ2YWx1ZSI6Im8yZnlyYUgzaDV1cnhENnpmYVwvd0VrOHR4M01rYlhMQzFEV3BnNUVoeGJcL21nbm1JY0lcL05WTVN0emNieUR6MERhTFwvZDNJUDBRVTh1NGhjNTczMkFFWEVTdThzb1UybURtVlRSUTVKMU1pNVZHellpU21NN2h1ZldJU2p3blUzZiIsIm1hYyI6IjZhZWZlYTMzOWY4YzUzMDY1ZjkwOWE4MDM4NzZlYjU1OGM0NmIzZTgxOGRiOWI1YmZkZjU1MDhjNGE5YTIwNzMifQ%3D%3D; _snow_ses.169c=*; _snow_id.169c=ab763076-6eb8-4612-ada3-5844ca14c55b.1668900227.1.1668900229.1668900227.a643f6ab-a388-424e-b3ff-d19fd42d7e8e; _dd_s=rum=1&id=b5c101ba-c080-4099-ab6a-a6b349388421&created=1668900227306&expire=1668901127306; websitespring-xsrf=eyJpdiI6ImpuNHp0N291UUMwUXhwRHZTXC9wVHZ3PT0iLCJ2YWx1ZSI6InYrXC9qRGkyYXRkcXYzaHhCa1o1OXUxMENHOElSS3BJRWJoYTdGT1UxaWhRVFpMeFhDZ2NJNU53d3pJVFMzVjJmVFF4V3Vmb3pKN25PWWRoZzJtdnZjdTdNdXNxK0NNWnk4NnFkVHZYdU9sTWkrU0NlMGJXSmJCMFZmNHBnNE5GRyIsIm1hYyI6IjlkZmJjMmJlMzAwYmFhMmJiY2MxMzg3Yzc3YzNlNjA2ZGZhNDE5ODU5YjdiZDMxZDYxMTQ5ZjQxY2U2OWQxZWMifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 23:23:48 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu123.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 182
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
att-104662.square.site/uploads/b/ca902f9ec9428f15449e07810d8f2b78fdadd66049ba63dd5a70e4cf09b1b1d1/CURRENTLY_1668819372.png?width=400
199.34.228.39200 OK 5.1 kB URL HTTP/1.1 att-104662.square.site/uploads/b/ca902f9ec9428f15449e07810d8f2b78fdadd66049ba63dd5a70e4cf09b1b1d1/CURRENTLY_1668819372.png?width=400
IP 199.34.228.39:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 515659da3ba10f691eb84b94235a8c63
14a6bf8ad725f9a89aba6ec9e145d95042b70fb7
7ed443255c00aa370d31226d919fe612d9ffc8a0e01daa9a52e4aae58e23f6c4
GET /uploads/b/ca902f9ec9428f15449e07810d8f2b78fdadd66049ba63dd5a70e4cf09b1b1d1/CURRENTLY_1668819372.png?width=400 HTTP/1.1
Host: att-104662.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-104662.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IjNmYmQ2SWJVTGM5T0lRdGhFakdTUEE9PSIsInZhbHVlIjoiME92YWlDV0RQdVFOUnhVRk5vc25NTEs5N01HWXZYUm9mWGhuN0hzY2J5N1JtSGlYUE16d0doQVp1K0F5VG54N3hDZ2RJZmp6NzUwXC9zK2xaeVVWVlRNcjhoTE5lYVwvVUx5bm9cL1JDdXZxQ3F3WTFGQWFQTW9vSTM3a25VbzVMcWkiLCJtYWMiOiJhYWUyNDU0NjU5NDg4ZjM0ZTVjMjY1NTU0NjdjNzc4Y2YwMjNhOTk5MjYwMjIzN2I4MmRhNmZjZTk5ZmQ1ODRiIn0%3D; XSRF-TOKEN=eyJpdiI6Img0TVF4b2U0RVhqNktCWjlcL1VscHpBPT0iLCJ2YWx1ZSI6Ik9ZOUdBbUdcL1lPOUhHc1R1ZkpcL3lFNjRucnlqMFZyTVV5SGxReDc1bEFhN292aVp3ckRyNTE0WjhDbEIzR1doMTlISDFaczZaNE0rOW9wU3dzN2JwTTkrUDY2RFVNdmZ4RDA4UFNDem1qZlJwOEc5S1h4VGNYVVhZb2tcL1oxXC91QyIsIm1hYyI6IjVkMDFkYjk1OGE3ZGY1Y2NkYWIxZTU0ODQ4ZDY4OWNlZjQ3YzMxMjE4OTBiM2FmMzk5YmVkZDQ1OTY4NzBmNDcifQ%3D%3D; PublishedSiteSession=eyJpdiI6InlKN1wvS1Y2Sk95NmtRT2haWnI2NmhRPT0iLCJ2YWx1ZSI6Im8yZnlyYUgzaDV1cnhENnpmYVwvd0VrOHR4M01rYlhMQzFEV3BnNUVoeGJcL21nbm1JY0lcL05WTVN0emNieUR6MERhTFwvZDNJUDBRVTh1NGhjNTczMkFFWEVTdThzb1UybURtVlRSUTVKMU1pNVZHellpU21NN2h1ZldJU2p3blUzZiIsIm1hYyI6IjZhZWZlYTMzOWY4YzUzMDY1ZjkwOWE4MDM4NzZlYjU1OGM0NmIzZTgxOGRiOWI1YmZkZjU1MDhjNGE5YTIwNzMifQ%3D%3D; _snow_ses.169c=*; _snow_id.169c=ab763076-6eb8-4612-ada3-5844ca14c55b.1668900227.1.1668900229.1668900227.a643f6ab-a388-424e-b3ff-d19fd42d7e8e; _dd_s=rum=1&id=b5c101ba-c080-4099-ab6a-a6b349388421&created=1668900227306&expire=1668901127306; websitespring-xsrf=eyJpdiI6ImpuNHp0N291UUMwUXhwRHZTXC9wVHZ3PT0iLCJ2YWx1ZSI6InYrXC9qRGkyYXRkcXYzaHhCa1o1OXUxMENHOElSS3BJRWJoYTdGT1UxaWhRVFpMeFhDZ2NJNU53d3pJVFMzVjJmVFF4V3Vmb3pKN25PWWRoZzJtdnZjdTdNdXNxK0NNWnk4NnFkVHZYdU9sTWkrU0NlMGJXSmJCMFZmNHBnNE5GRyIsIm1hYyI6IjlkZmJjMmJlMzAwYmFhMmJiY2MxMzg3Yzc3YzNlNjA2ZGZhNDE5ODU5YjdiZDMxZDYxMTQ5ZjQxY2U2OWQxZWMifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 23:23:48 GMT
Content-Type: image/webp
Content-Length: 5148
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "cwYdM3OH7gCtXLBAptLHUgJ9uZomOj/7109MRR/xNkw"
Fastly-Io-Info: ifsz=6045 idim=391x129 ifmt=png ofsz=5148 odim=391x129 ofmt=webp
Fastly-Stats: io=1
Fastly-Transform-Stats: tus=10236 cr=1.17
X-Amz-Request-Id: tx00000000000002d1f5949-00636af196-c669cc6-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: z0298
X-Storage-Object: 0298f72012c38397647c5517ac80177761fdfda418bdf65c100fb45fe3b278d1
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 1297
X-Served-By: cache-sjc10027-SJC, cache-pao17450-PAO
X-Cache: MISS, HIT
X-Cache-Hits: 0, 2
X-Timer: S1668900229.931579,VS0,VE0
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn57.sf2p.intern.weebly.net
att-104662.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
199.34.228.39200 OK 79 B URL HTTP/1.1 att-104662.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
IP 199.34.228.39:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 26e70d9925604cbe0c7e866fc54d87f4
ef5b3fb91cf2534cbf57806d14b21f0a5ae5c259
c0e7b562566962eced45cdf3319b692c55f3df7c3c6d39436a9d21bae2d2e049
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable] HTTP/1.1
Host: att-104662.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6Img0TVF4b2U0RVhqNktCWjlcL1VscHpBPT0iLCJ2YWx1ZSI6Ik9ZOUdBbUdcL1lPOUhHc1R1ZkpcL3lFNjRucnlqMFZyTVV5SGxReDc1bEFhN292aVp3ckRyNTE0WjhDbEIzR1doMTlISDFaczZaNE0rOW9wU3dzN2JwTTkrUDY2RFVNdmZ4RDA4UFNDem1qZlJwOEc5S1h4VGNYVVhZb2tcL1oxXC91QyIsIm1hYyI6IjVkMDFkYjk1OGE3ZGY1Y2NkYWIxZTU0ODQ4ZDY4OWNlZjQ3YzMxMjE4OTBiM2FmMzk5YmVkZDQ1OTY4NzBmNDcifQ==
Content-Length: 77
Origin: https://att-104662.square.site
Connection: keep-alive
Referer: https://att-104662.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IjNmYmQ2SWJVTGM5T0lRdGhFakdTUEE9PSIsInZhbHVlIjoiME92YWlDV0RQdVFOUnhVRk5vc25NTEs5N01HWXZYUm9mWGhuN0hzY2J5N1JtSGlYUE16d0doQVp1K0F5VG54N3hDZ2RJZmp6NzUwXC9zK2xaeVVWVlRNcjhoTE5lYVwvVUx5bm9cL1JDdXZxQ3F3WTFGQWFQTW9vSTM3a25VbzVMcWkiLCJtYWMiOiJhYWUyNDU0NjU5NDg4ZjM0ZTVjMjY1NTU0NjdjNzc4Y2YwMjNhOTk5MjYwMjIzN2I4MmRhNmZjZTk5ZmQ1ODRiIn0%3D; XSRF-TOKEN=eyJpdiI6Img0TVF4b2U0RVhqNktCWjlcL1VscHpBPT0iLCJ2YWx1ZSI6Ik9ZOUdBbUdcL1lPOUhHc1R1ZkpcL3lFNjRucnlqMFZyTVV5SGxReDc1bEFhN292aVp3ckRyNTE0WjhDbEIzR1doMTlISDFaczZaNE0rOW9wU3dzN2JwTTkrUDY2RFVNdmZ4RDA4UFNDem1qZlJwOEc5S1h4VGNYVVhZb2tcL1oxXC91QyIsIm1hYyI6IjVkMDFkYjk1OGE3ZGY1Y2NkYWIxZTU0ODQ4ZDY4OWNlZjQ3YzMxMjE4OTBiM2FmMzk5YmVkZDQ1OTY4NzBmNDcifQ%3D%3D; PublishedSiteSession=eyJpdiI6InlKN1wvS1Y2Sk95NmtRT2haWnI2NmhRPT0iLCJ2YWx1ZSI6Im8yZnlyYUgzaDV1cnhENnpmYVwvd0VrOHR4M01rYlhMQzFEV3BnNUVoeGJcL21nbm1JY0lcL05WTVN0emNieUR6MERhTFwvZDNJUDBRVTh1NGhjNTczMkFFWEVTdThzb1UybURtVlRSUTVKMU1pNVZHellpU21NN2h1ZldJU2p3blUzZiIsIm1hYyI6IjZhZWZlYTMzOWY4YzUzMDY1ZjkwOWE4MDM4NzZlYjU1OGM0NmIzZTgxOGRiOWI1YmZkZjU1MDhjNGE5YTIwNzMifQ%3D%3D; _snow_ses.169c=*; _snow_id.169c=ab763076-6eb8-4612-ada3-5844ca14c55b.1668900227.1.1668900229.1668900227.a643f6ab-a388-424e-b3ff-d19fd42d7e8e; _dd_s=rum=1&id=b5c101ba-c080-4099-ab6a-a6b349388421&created=1668900227306&expire=1668901127306; websitespring-xsrf=eyJpdiI6ImpuNHp0N291UUMwUXhwRHZTXC9wVHZ3PT0iLCJ2YWx1ZSI6InYrXC9qRGkyYXRkcXYzaHhCa1o1OXUxMENHOElSS3BJRWJoYTdGT1UxaWhRVFpMeFhDZ2NJNU53d3pJVFMzVjJmVFF4V3Vmb3pKN25PWWRoZzJtdnZjdTdNdXNxK0NNWnk4NnFkVHZYdU9sTWkrU0NlMGJXSmJCMFZmNHBnNE5GRyIsIm1hYyI6IjlkZmJjMmJlMzAwYmFhMmJiY2MxMzg3Yzc3YzNlNjA2ZGZhNDE5ODU5YjdiZDMxZDYxMTQ5ZjQxY2U2OWQxZWMifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 23:23:48 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu28.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 79
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-07e15dd&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=bc44ec8f-6347-4930-bacc-57b276a5b7ca&batch_time=1668900228603
3.233.153.117202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-07e15dd&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=bc44ec8f-6347-4930-bacc-57b276a5b7ca&batch_time=1668900228603
IP 3.233.153.117:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 669a446400cf72bf02bb268e5bbc7710
cdcd6a20ea681a1cfbf5a72e4a1a60d044731c09
afcb4d6efd8ae93245333c654901ba81b93f3a50ca83598381d40f88096ab9b2
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-07e15dd&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=bc44ec8f-6347-4930-bacc-57b276a5b7ca&batch_time=1668900228603 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15798
Origin: https://att-104662.square.site
Connection: keep-alive
Referer: https://att-104662.square.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Sat, 19 Nov 2022 23:23:49 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-07e15dd&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=6db48da1-668f-4cbe-b8d2-e8e1a9785ea1&batch_time=1668900228682
3.233.153.117202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-07e15dd&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=6db48da1-668f-4cbe-b8d2-e8e1a9785ea1&batch_time=1668900228682
IP 3.233.153.117:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6e335ce66946e037875380afe33df2ac
ac2f6a26ea67ac8a0b712b7698e69fa4e5eae95e
e138ebfc90690b249a982a620c0314987585ffb957427e465b57479c83de6d1b
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-07e15dd&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=6db48da1-668f-4cbe-b8d2-e8e1a9785ea1&batch_time=1668900228682 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 16115
Origin: https://att-104662.square.site
Connection: keep-alive
Referer: https://att-104662.square.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Sat, 19 Nov 2022 23:23:49 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
att-104662.square.site/app/website/square.ico
199.34.228.39200 OK 6.5 kB URL HTTP/1.1 att-104662.square.site/app/website/square.ico
IP 199.34.228.39:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash d810985ef4dc1c0bd5811e36d13c8ca3
2b45bb77c68c937af6a2d9854dc82301526473aa
770e0889aefd823056c7cdbb066a445be0f0754c1b4d4cba877e120fdbcb63e6
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET /app/website/square.ico HTTP/1.1
Host: att-104662.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-104662.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IjNmYmQ2SWJVTGM5T0lRdGhFakdTUEE9PSIsInZhbHVlIjoiME92YWlDV0RQdVFOUnhVRk5vc25NTEs5N01HWXZYUm9mWGhuN0hzY2J5N1JtSGlYUE16d0doQVp1K0F5VG54N3hDZ2RJZmp6NzUwXC9zK2xaeVVWVlRNcjhoTE5lYVwvVUx5bm9cL1JDdXZxQ3F3WTFGQWFQTW9vSTM3a25VbzVMcWkiLCJtYWMiOiJhYWUyNDU0NjU5NDg4ZjM0ZTVjMjY1NTU0NjdjNzc4Y2YwMjNhOTk5MjYwMjIzN2I4MmRhNmZjZTk5ZmQ1ODRiIn0%3D; XSRF-TOKEN=eyJpdiI6Img0TVF4b2U0RVhqNktCWjlcL1VscHpBPT0iLCJ2YWx1ZSI6Ik9ZOUdBbUdcL1lPOUhHc1R1ZkpcL3lFNjRucnlqMFZyTVV5SGxReDc1bEFhN292aVp3ckRyNTE0WjhDbEIzR1doMTlISDFaczZaNE0rOW9wU3dzN2JwTTkrUDY2RFVNdmZ4RDA4UFNDem1qZlJwOEc5S1h4VGNYVVhZb2tcL1oxXC91QyIsIm1hYyI6IjVkMDFkYjk1OGE3ZGY1Y2NkYWIxZTU0ODQ4ZDY4OWNlZjQ3YzMxMjE4OTBiM2FmMzk5YmVkZDQ1OTY4NzBmNDcifQ%3D%3D; PublishedSiteSession=eyJpdiI6InlKN1wvS1Y2Sk95NmtRT2haWnI2NmhRPT0iLCJ2YWx1ZSI6Im8yZnlyYUgzaDV1cnhENnpmYVwvd0VrOHR4M01rYlhMQzFEV3BnNUVoeGJcL21nbm1JY0lcL05WTVN0emNieUR6MERhTFwvZDNJUDBRVTh1NGhjNTczMkFFWEVTdThzb1UybURtVlRSUTVKMU1pNVZHellpU21NN2h1ZldJU2p3blUzZiIsIm1hYyI6IjZhZWZlYTMzOWY4YzUzMDY1ZjkwOWE4MDM4NzZlYjU1OGM0NmIzZTgxOGRiOWI1YmZkZjU1MDhjNGE5YTIwNzMifQ%3D%3D; _snow_ses.169c=*; _snow_id.169c=ab763076-6eb8-4612-ada3-5844ca14c55b.1668900227.1.1668900229.1668900227.a643f6ab-a388-424e-b3ff-d19fd42d7e8e; _dd_s=rum=1&id=b5c101ba-c080-4099-ab6a-a6b349388421&created=1668900227306&expire=1668901127306; websitespring-xsrf=eyJpdiI6ImpuNHp0N291UUMwUXhwRHZTXC9wVHZ3PT0iLCJ2YWx1ZSI6InYrXC9qRGkyYXRkcXYzaHhCa1o1OXUxMENHOElSS3BJRWJoYTdGT1UxaWhRVFpMeFhDZ2NJNU53d3pJVFMzVjJmVFF4V3Vmb3pKN25PWWRoZzJtdnZjdTdNdXNxK0NNWnk4NnFkVHZYdU9sTWkrU0NlMGJXSmJCMFZmNHBnNE5GRyIsIm1hYyI6IjlkZmJjMmJlMzAwYmFhMmJiY2MxMzg3Yzc3YzNlNjA2ZGZhNDE5ODU5YjdiZDMxZDYxMTQ5ZjQxY2U2OWQxZWMifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 23:23:49 GMT
Content-Type: image/x-icon
Content-Length: 6518
Connection: keep-alive
Last-Modified: Tue, 02 Apr 2019 14:51:59 GMT
x-rgw-object-type: Normal
ETag: "d810985ef4dc1c0bd5811e36d13c8ca3"
x-amz-request-id: tx000000000000001af9993-00628473f6-b9fbc29-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu145.sf2p.intern.weebly.net
X-Revision: 07e15dd8e8b20167834891d59a8feb86a10a247d
X-Request-ID: a411de739b047ddebda86c00804408b0
cdn3.editmysite.com/app/website/js/site.53a3239e35bab4c6b674.js
151.101.85.46200 OK 0 B URL HTTP/2 cdn3.editmysite.com/app/website/js/site.53a3239e35bab4c6b674.js
IP 151.101.85.46:0
GET /app/website/js/site.53a3239e35bab4c6b674.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-104662.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Nov 2022 20:03:26 GMT
x-rgw-object-type: Normal
etag: W/"c3d4182aaa6da84dd8171e9541a01a98"
x-amz-request-id: tx000000000000035049e2c-006377e571-c669cc6-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/site.53a3239e35bab4c6b674.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 497a086f426059c53b790be78088f7d2162c0d2a
x-request-id: 980e1898fc2986af28aa61b3c2cbbde6
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 19 Nov 2022 23:23:46 GMT
via: 1.1 varnish
age: 98301
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668900227.607030,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 623288
X-Firefox-Spdy: h2