r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6eb0a77aa4a20639a06d9621742007c2
d2d03beeb111049117b70d5f3dff3698a671ef8a
62c2da0800bf8efb6bb985b2eb046fa863e0b394681fb2ab187a9c4836fbd320
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62C2DA0800BF8EFB6BB985B2EB046FA863E0B394681FB2AB187A9C4836FBD320"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5886
Expires: Thu, 23 Feb 2023 01:23:49 GMT
Date: Wed, 22 Feb 2023 23:45:43 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 67fc460ed2f69dde3c410ec607ef3510
ba9f582ec321351e5c06c9b2c381f06b685ef274
85df74fac7d59d76840b6359bac24648fede201c0048f2a8382af6468225ffb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85DF74FAC7D59D76840B6359BAC24648FEDE201C0048F2A8382AF6468225FFB8"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6800
Expires: Thu, 23 Feb 2023 01:39:03 GMT
Date: Wed, 22 Feb 2023 23:45:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 22 Feb 2023 23:38:16 GMT
content-type: application/json
age: 447
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
polishedchaosbrows.ca/
199.34.228.164302 Found 362 B IP 199.34.228.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0138bc57aa46e2b80b98443e588eb88f
e75032fc7f1073f3c47ee502bc55b33d7648379e
d9f21578becd76dd15593322d1dd9603aa9f7638de13a2f6d266b250ecf7a58d
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Wed, 22 Feb 2023 23:45:43 GMT
Location: https://polishedchaosbrows.ca
Set-Cookie: publishedsite-xsrf=eyJpdiI6IkIwckQ4ZnRwTmpCVnNuZXNCaWlyMXc9PSIsInZhbHVlIjoiUnZNSjNPSkFXYkVMaE9NS1lYSUF1ZFp5YjgwUlBObG82NnZwQzU4ekMyNUpYenltckNxVHI3Q3pYZkhyL1VNcGM1NEZaTUVETFlqYXZ3VDJqWVNyUmpuN2RxNDZJKzF4d1BtRzFyYXp0QWhPK1ltZjRzM3N1S1NQcFRCUTd5Q0UiLCJtYWMiOiI2NGFkYWE3YjVmYjJhZmMyNDBjMTkyMGZhZDMxODBiOTVlMGY1ZGRjYzQyZjRkNGY3ZDI3ZTFkYzllOTBiMjNlIiwidGFnIjoiIn0%3D; expires=Wed, 08-Mar-2023 23:45:43 GMT; Max-Age=1209600; path=/; samesite=lax
XSRF-TOKEN=eyJpdiI6IlBjYzhnSkZTcVpQRXp6cHF0WWszcXc9PSIsInZhbHVlIjoicTY4blZaSVhLVnBEOHdUY0NISjdoZk9NaXVMSGtpVTdkYytyYy8xd1dMNE03UzRpSG1GRFdjMExBdEN6VGRwaUdVTnloK2tHRE5Sa0lPRGIrRExtdmVIUHV0VTA5djFUenJacVNzbjFsY0c1NEVqYzl2cDh4S3JnVk5DN1NzWkEiLCJtYWMiOiI5ZjEzYjViODZhNGY2YzdmZDYxZTdjODMxMjY1ODQ4OTY0YWE1ODNhNzc0ZjIwMmRiNGE4NjA3YWJhZmY0Y2I4IiwidGFnIjoiIn0%3D; expires=Wed, 08-Mar-2023 23:45:43 GMT; Max-Age=1209600; path=/; samesite=lax
PublishedSiteSession=eyJpdiI6Ijh4ZFhtelBOQUVjUlNEczZTTGx5bGc9PSIsInZhbHVlIjoiZHZZdnU3cFBQcTNUMHJzUmR6UjRaSkxTRmgrS0V4Y1FLK2RYRjFmemErSTlsTkFUVVpaWVNsMlRYRDRtYlluMy9sa2ZmQ3BsNlZoQi8rYnREYXZqcVhqVHZybm9LMVExemtCT0tZbHc1WDl5elZjMko3RXhvV1JvczV3VnVjRlUiLCJtYWMiOiJhNTdjYmQ5ZmJlM2QxZmUwYzQzOWYyNzI3OWE1ZDY3OTIwZjI2NGUwYzdmYjE4NTc0Nzk3N2Y0NjJmZjgzY2Y0IiwidGFnIjoiIn0%3D; expires=Wed, 08-Mar-2023 23:45:43 GMT; Max-Age=1209600; path=/; httponly; samesite=lax
X-Host: grn50.sf2p.intern.weebly.net
X-Revision: ad524d41b789951db95b31467c753b2cc6d2959e
X-Request-ID: c1ab98aa2c97e0491db9a41356290712
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7fb59e5d3cdf08b94e5f41fdeb9aec6c
ff644039db3b9f74d7e2fab10f93581bea10614a
861573a00d75364e15783c5e448c4f8b4da48b38d9beba3ebd33a87f993489a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "861573A00D75364E15783C5E448C4F8B4DA48B38D9BEBA3EBD33A87F993489A5"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3322
Expires: Thu, 23 Feb 2023 00:41:05 GMT
Date: Wed, 22 Feb 2023 23:45:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: RYGzT55pYaftTQVERwIPmLZmfnp1wexoUepbsDBS36cGRunZSQS+oViWTyFvNspDKOisaMCezHY=
x-amz-request-id: QWS8BHQ7KBJ91X56
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 22 Feb 2023 22:49:01 GMT
age: 3402
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 23:45:43 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, Alert, Content-Length, Backoff, ETag, Cache-Control, Retry-After, Last-Modified, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 22 Feb 2023 22:51:26 GMT
age: 3257
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b8ed3b0205db691198f0fd85b518cdd3
d76a2657d140e7128d9db0eedcd88125dea1111b
abf887130fc1d298a2dbb7533a1f18d1d228eee7e52e560ce040862b17c66c5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ABF887130FC1D298A2DBB7533A1F18D1D228EEE7E52E560CE040862B17C66C5A"
Last-Modified: Mon, 20 Feb 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21569
Expires: Thu, 23 Feb 2023 05:45:12 GMT
Date: Wed, 22 Feb 2023 23:45:43 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5fa728a339ca32e616d483e61d0aebcd
6a63966de94d16390c8f1e47e5b67fe5bb67f7cd
7e83729d554404e59f1f1ff809ac776d3596487e2b062a1e38af8e29f33c0686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E83729D554404E59F1F1FF809AC776D3596487E2B062A1E38AF8E29F33C0686"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15046
Expires: Thu, 23 Feb 2023 03:56:29 GMT
Date: Wed, 22 Feb 2023 23:45:43 GMT
Connection: keep-alive
polishedchaosbrows.ca/
199.34.228.164301 Moved Permanently 378 B IP 199.34.228.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 244c6cf34c5e734a88e7a95518ea48dc
a57dbf302f139a4f44f1a16fa1583880ca0c9e36
917cbce8d5543d73428a3ab8c70ea80b21ef636577e9aae5c4aec1c0b2091fca
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 22 Feb 2023 23:45:44 GMT
Location: https://www.polishedchaosbrows.ca
Set-Cookie: publishedsite-xsrf=eyJpdiI6IjRwY25xTk5VSzhGYnFQc1ZMb1U0M0E9PSIsInZhbHVlIjoiODUvbHhMQ3RoTDlrd2dWMmo5WkR3bzFIMFY1L0JWWWRqVSt2THZMWHBzZkxZM28zdmhncjJXT2I0Z1Jqd2E0ejNZWVB6c1dLMnVER01UcHRzYUJxandPVEVqazdVT3ppUmJBYzNJWGFXUzA3T2pkTHNXUERSNEdidXVEeDNtTjUiLCJtYWMiOiIxZDAwYzY4ZDcyZDRkM2FhMjBjYjdhNjY1NjJhOTZjOTc2NDkzYThhYzgyNGMzNTQ3NjM2ZWQxYmUwMzk2M2NlIiwidGFnIjoiIn0%3D; expires=Wed, 08-Mar-2023 23:45:44 GMT; Max-Age=1209600; path=/; samesite=lax
XSRF-TOKEN=eyJpdiI6IllBOGF0enN3NlhYRUF3OW9ZOFBEREE9PSIsInZhbHVlIjoiSmkxcGRISzFRbWhBVUo1clIvUTVrWDhFN2FWbDJ1eWNtNFYrd1NNTE16T2hWZGJ5bUlMSTNkR0RDbG5PbTZVSjU5T1kyUUxNSENoVXFWYVdQRGJ1RFFlRUttaWNpMVc0TWRldjhDdEJkUUYrcFZIZUxXSURGbHdWRytaMVEzSGoiLCJtYWMiOiI4Yjg3MDNlYzYwYzk0ZmZlOWFhYmVhZTU5MTZiMTE4ZTQ4ZGVlYTdhZGMwM2MwNmFjMDViYjA2NmU2ZDRhZTQzIiwidGFnIjoiIn0%3D; expires=Wed, 08-Mar-2023 23:45:44 GMT; Max-Age=1209600; path=/; samesite=lax
PublishedSiteSession=eyJpdiI6IkhRZndCbXI0aE9relFnUklZNGFDWHc9PSIsInZhbHVlIjoiTjV1NHVVK2twUGQ2ZDdoRFdUc3M0L090cU9mNWxNK3BSemF6ZGFLSDdtR1ZLcWt5WXJBSEoyT3c4eUJQa054MXUyYklPZmxHRFNYYTlJYWRYTVdiakpwS2tzRVI1bXozcjlXcms5dHowLzBOT0ZOUTBsL0ZacHd5elRHUGdERW0iLCJtYWMiOiJkZjBmZjBkZjU1NDQ2N2Y3NzJhNzBiM2RjM2NjMWJlNjNmYzM0ZjYzN2JmNTBlMTk4YzQ5NmViNjRlMzhlNDRlIiwidGFnIjoiIn0%3D; expires=Wed, 08-Mar-2023 23:45:44 GMT; Max-Age=1209600; path=/; httponly; samesite=lax
X-Host: blu41.sf2p.intern.weebly.net
X-Revision: ad524d41b789951db95b31467c753b2cc6d2959e
X-Request-ID: c9797827c7e5e1dbc3207f941f4a34ab
push.services.mozilla.com/
52.43.61.95101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.61.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7kQJTzN4UDVThlhQYV7KBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uufCgv3s2fuEU6GskR7MEFVKxPU=
www.polishedchaosbrows.ca/
199.34.228.164200 OK 14 kB URL HTTP/1.1 www.polishedchaosbrows.ca/
IP 199.34.228.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (25798)
Hash 969f55d6251cb3c2b1ef8b5b7068fbf4
8b9aca1042e0339ceb7892388529e311d5aaf93c
d08665784d1866b7ab209615310eb91ebc7ea6a0fc95c0fcb69028119ed96d4b
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Wed, 22 Feb 2023 23:45:35 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6InVFTk5YZ2d1SGNvYm5NUFhyS3JyUFE9PSIsInZhbHVlIjoiaHJRSE10MlZLOUo2cFloZHVnTXJxY1ZIcFNUbGhBd2Y1TmdmYVZKbTAvU2w2Z0o4eHV5c01KZkprVkg0WTgxakhkWDlKakFQd0FJWnFucTdRWmZMS25ScEQ0YzRoZ1JoN1Bia05kczk5SW1kU1g3WnpYdHQxUkdRQXN4d3RTbjYiLCJtYWMiOiIwNWMyMTJlZGE1OTc5NTdkMWEzZTZhMGE3YzA3NWE0YjUzZjE4NWMwZWY3MTM1N2E2ZTU4YzMzNTE3OTc4OTE1IiwidGFnIjoiIn0%3D; expires=Wed, 08-Mar-2023 23:45:44 GMT; Max-Age=1209600; path=/; samesite=lax
XSRF-TOKEN=eyJpdiI6IkFGYkR6a3VncjRkN2xYZGZtclBDb1E9PSIsInZhbHVlIjoiMitGRllqeENLVWxFM0E3ZHZVR0Q5NmJFUzlKckJUcjdqRVZwek16N1VpeEJBWVpXWXVGcXUzb0hnTWRLQXZjTnRPMmxmcXBkT3JzYUhSenR6a2hLdzNaY3p1dWJ5Wk8wdEtRL1JzdFZpQ1h6U0dja29Hbk9aWVVyTXlPb2dsVjUiLCJtYWMiOiIxN2RhNWRhNDRjOWEzMDNlNjM1OWU5YTJmY2U3MzViYzkzZmM1NzcwYmU4NWRhYzdhMWM0MDkxY2FkOGRhYzVkIiwidGFnIjoiIn0%3D; expires=Wed, 08-Mar-2023 23:45:44 GMT; Max-Age=1209600; path=/; samesite=lax
PublishedSiteSession=eyJpdiI6InZIckwycmRXWmFXT3haNHlkWU1COGc9PSIsInZhbHVlIjoiWU8zZ1FVSnBEN3FOTG9YNEZDYVB2YlY4Rk1lWDdsVFZ0T1hCWW5jbnNLN0xMdHRsT09PbjFOUVdycFBKSUJWRi9zMFRYMEk1S1pjYmJkRzk5SWJXK0ZXd3NJSzNXMzFqQVliMmZYWWlYcm5zUU8zQVE2b0lWNXhnRHNKN1pjclciLCJtYWMiOiI3OTNjMDE0ZGE4NDY1YmRmYWJiZWZlMWU2OTJjNTlhYjIyOWRhNzA5MDI2MDhlYjQ2YzFmNzAwMzJkZWExYmJlIiwidGFnIjoiIn0%3D; expires=Wed, 08-Mar-2023 23:45:44 GMT; Max-Age=1209600; path=/; httponly; samesite=lax
X-Host: blu129.sf2p.intern.weebly.net
X-Revision: ad524d41b789951db95b31467c753b2cc6d2959e
X-Request-ID: 8264a060b6729223a1794899f657ba8d
Content-Encoding: gzip
cdn3.editmysite.com/app/website/css/site.1a13d635bc078faa06c6.css
151.101.1.46200 OK 24 kB URL HTTP/2 cdn3.editmysite.com/app/website/css/site.1a13d635bc078faa06c6.css
IP 151.101.1.46:0
File type Unicode text, UTF-8 text, with very long lines (64921), with no line terminators
Hash 6e9bb545f98ae625a1ed1d5920c9649d
d6d9908afba930acd821f3cfe25559aef57f71be
0af045347ad86ba62c889beb46b625749b39f9dee88646340c456d8e300bc4a2
GET /app/website/css/site.1a13d635bc078faa06c6.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Thu, 16 Feb 2023 19:06:28 GMT
x-rgw-object-type: Normal
etag: W/"4ff62d11df136146748fdb7b889e33c2"
x-amz-request-id: tx0000000000000779ce665-0063ee7f2b-c695612-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 5e35ecc0808b083435dc80f6605971acb8f23163
x-request-id: fd11348359baca2847786d49227d6cde
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Wed, 22 Feb 2023 23:45:45 GMT
via: 1.1 varnish
age: 535003
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 6
x-timer: S1677109545.144486,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24166
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/css/wcko.9b795003be52a4baff72.css
151.101.1.46200 OK 24 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/css/wcko.9b795003be52a4baff72.css
IP 151.101.1.46:0
File type Unicode text, UTF-8 text, with very long lines (64117), with no line terminators
Hash b0ac8ad9dc2b9ae0996e994df0c9281c
654ebcc9b625df47c27d67be8701ab57437a146d
a103936b5dcd7f454b26adce41aeb2dfaa375cf267d9650207ce9b162b1d9353
GET /app/checkout/assets/checkout/css/wcko.9b795003be52a4baff72.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Tue, 21 Feb 2023 19:32:43 GMT
x-rgw-object-type: Normal
etag: W/"d48528e4f3ccbb9f110212d402420886"
x-amz-request-id: tx000000000000079bb6857-0063f51ce2-c6aed46-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Wed, 22 Feb 2023 23:45:45 GMT
via: 1.1 varnish
age: 101407
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 8
x-timer: S1677109545.145728,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24391
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
151.101.1.46200 OK 5.0 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
IP 151.101.1.46:0
File type ASCII text, with very long lines (11882), with no line terminators
Hash 20a4e66f534b80396d40bbc4291b2172
d7c962996f2715d94483be2bf9b644c7185d7ec7
0f19e8ad1c9bd5ae2ae5141f31b4e491bb460558da0ac51cd402964e716880ac
GET /app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Mar 2022 18:09:33 GMT
x-rgw-object-type: Normal
etag: W/"40372ca3b0cfa19f4e5d664243108364"
x-amz-request-id: tx00000000000005ce1aaac-0062434bb9-a9f1ce7-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Wed, 22 Feb 2023 23:45:45 GMT
via: 1.1 varnish
age: 172651
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 7
x-timer: S1677109545.147368,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4998
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/wsnbn/snowday262.js
151.101.65.46200 OK 26 kB URL HTTP/2 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP 151.101.65.46:0
File type ASCII text, with very long lines (2512)
Hash 234327230add9a5a5d61a48829ea4565
7966cc0e4bd76f88ff193c8a99a067de804b7129
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Tue, 14 Feb 2023 22:04:43 GMT
etag: "63ec057b-124fe"
expires: Thu, 02 Mar 2023 08:38:42 GMT
cache-control: max-age=1209600
x-host: blu21.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 22 Feb 2023 23:45:45 GMT
age: 572823
x-served-by: cache-sjc10061-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 9, 6331
x-timer: S1677109545.148250,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25752
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/vue-modules.1431e1c949ca00e965db.js
151.101.1.46200 OK 72 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/vue-modules.1431e1c949ca00e965db.js
IP 151.101.1.46:0
File type Unicode text, UTF-8 text, with very long lines (27419)
Hash 0f10666d349a24e9999b11fb78fd86a6
b7d73f4ef75eed5152ee95eb115e08f5b9878b63
52569fb005506c817492739f264121019313466d92212ff4f9bf5344045b77bc
GET /app/website/js/vue-modules.1431e1c949ca00e965db.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Mon, 13 Feb 2023 23:17:39 GMT
x-rgw-object-type: Normal
etag: W/"9743e5ed0761affdba7bd7baa981aa9d"
x-amz-request-id: tx000000000000075034c3d-0063eac578-c696eea-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/vue-modules.1431e1c949ca00e965db.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 07acb0419b5c980c9ae485ccd4b6465bac65bfd6
x-request-id: 243d79d20a8b24063ca3ace54c6b0102
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Wed, 22 Feb 2023 23:45:45 GMT
via: 1.1 varnish
age: 764376
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 5
x-timer: S1677109545.149052,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 72170
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/runtime.d6b17ee67e532463ad6b.js
151.101.1.46200 OK 26 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/runtime.d6b17ee67e532463ad6b.js
IP 151.101.1.46:0
File type ASCII text, with very long lines (52045)
Hash 840d61ac9a8f91f73f28b5beb34480c2
d2f908a98ced3b505499c68226b80f47f8040701
4e087638b565d468ce803da682596c40c197fdb15d94c8529cf9f7a03c43ef50
GET /app/website/js/runtime.d6b17ee67e532463ad6b.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Wed, 22 Feb 2023 23:32:11 GMT
x-rgw-object-type: Normal
etag: W/"a5dbf4f0b9c050ea883ba12c9533e992"
x-amz-request-id: tx00000000000007bb822d1-0063f6a68a-c699baa-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/runtime.d6b17ee67e532463ad6b.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: ad524d41b789951db95b31467c753b2cc6d2959e
x-request-id: ed7cd5202038485254d3c258372c9f1d
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Wed, 22 Feb 2023 23:45:45 GMT
via: 1.1 varnish
age: 663
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1677109545.149432,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25594
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/site.bdf87e98e16bdc705616.js
151.101.1.46200 OK 643 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/site.bdf87e98e16bdc705616.js
IP 151.101.1.46:0
File type ASCII text, with very long lines (51377)
Size 643 kB (642562 bytes)
Hash 2f5a04cc8b900eaa8c81ae92d57f7f91
f655addd9f3854b7a780729ef26e9773acd02c07
8f1ad9c4ea870c99b3c1a150faa291fcfedf47031eb9cd1787ed0389c73c7d66
GET /app/website/js/site.bdf87e98e16bdc705616.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Wed, 22 Feb 2023 16:57:37 GMT
x-rgw-object-type: Normal
etag: W/"4dd609a5143f73e9f49fc374e6aa8e8a"
x-amz-request-id: tx00000000000007b722938-0063f649e9-c699baa-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/site.bdf87e98e16bdc705616.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 705682b38c18a701e4fbf434af8010487e0cd5f2
x-request-id: f775df128dfbb9d90a1f1464312455c0
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Wed, 22 Feb 2023 23:45:45 GMT
via: 1.1 varnish
age: 24362
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1677109545.149970,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 642562
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/imports.en.ed9822f04652bac306f3223c3d67643b.js
151.101.1.46200 OK 3.6 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/imports.en.ed9822f04652bac306f3223c3d67643b.js
IP 151.101.1.46:0
File type JSON data\012- , ASCII text, with very long lines (16859), with no line terminators
Hash a7c8c965f606005182128040f3422356
0040156d082376becbf0171eba84ff1ea8da8438
354284493d94526ce26eeaaa9d6f67feea775867814403c2c5e9ae08cf7d8c45
GET /app/checkout/assets/checkout/imports.en.ed9822f04652bac306f3223c3d67643b.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.polishedchaosbrows.ca/
Origin: https://www.polishedchaosbrows.ca
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Wed, 22 Feb 2023 23:17:17 GMT
x-rgw-object-type: Normal
etag: W/"ed9822f04652bac306f3223c3d67643b"
x-amz-request-id: tx00000000000007c30d60f-0063f6a305-c695612-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/imports.en.ed9822f04652bac306f3223c3d67643b.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Wed, 22 Feb 2023 23:45:45 GMT
via: 1.1 varnish
age: 1530
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1677109545.241536,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3587
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
151.101.194.133200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 151.101.194.133:0
Hash 53fdbac6fae169ee832ed65592e20ca5
d71c97150f87a6ac2ca8cf8cd54ab8fa24cfd5b7
611f3ad05921fba170bac8db376df7320176b7c895e1172e734b789f877e97c0
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "930DA5989BB9E5F7DEEB6B01D28356105507D2B2"
Expires: Thu, 23 Feb 2023 11:00:00 UTC
Last-Modified: Wed, 22 Feb 2023 23:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Wed, 22 Feb 2023 23:45:45 GMT
Via: 1.1 varnish
Age: 320
X-Served-By: cache-bma1661-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1677109545.322466,VS0,VE1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
151.101.194.133200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 151.101.194.133:0
Hash 53fdbac6fae169ee832ed65592e20ca5
d71c97150f87a6ac2ca8cf8cd54ab8fa24cfd5b7
611f3ad05921fba170bac8db376df7320176b7c895e1172e734b789f877e97c0
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "930DA5989BB9E5F7DEEB6B01D28356105507D2B2"
Expires: Thu, 23 Feb 2023 11:00:00 UTC
Last-Modified: Wed, 22 Feb 2023 23:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Wed, 22 Feb 2023 23:45:45 GMT
Via: 1.1 varnish
Age: 320
X-Served-By: cache-bma1672-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1677109545.322393,VS0,VE1
www.polishedchaosbrows.ca/static/icons/circle.svg
199.34.228.164200 OK 105 B URL HTTP/1.1 www.polishedchaosbrows.ca/static/icons/circle.svg
IP 199.34.228.164:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash ec3f9709c7371aa4ab61e51dc4d03266
75bfd238d39ce6b1b2dea49a72145b8cbead95bd
cdbfab0188f4be61e0c17aac289f70864c6dd52f59a063172e3506dfc3c68644
Analyzer Verdict Alert fortinet Phishing
GET /static/icons/circle.svg HTTP/1.1
Host: www.polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Cookie: publishedsite-xsrf=eyJpdiI6InVFTk5YZ2d1SGNvYm5NUFhyS3JyUFE9PSIsInZhbHVlIjoiaHJRSE10MlZLOUo2cFloZHVnTXJxY1ZIcFNUbGhBd2Y1TmdmYVZKbTAvU2w2Z0o4eHV5c01KZkprVkg0WTgxakhkWDlKakFQd0FJWnFucTdRWmZMS25ScEQ0YzRoZ1JoN1Bia05kczk5SW1kU1g3WnpYdHQxUkdRQXN4d3RTbjYiLCJtYWMiOiIwNWMyMTJlZGE1OTc5NTdkMWEzZTZhMGE3YzA3NWE0YjUzZjE4NWMwZWY3MTM1N2E2ZTU4YzMzNTE3OTc4OTE1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IkFGYkR6a3VncjRkN2xYZGZtclBDb1E9PSIsInZhbHVlIjoiMitGRllqeENLVWxFM0E3ZHZVR0Q5NmJFUzlKckJUcjdqRVZwek16N1VpeEJBWVpXWXVGcXUzb0hnTWRLQXZjTnRPMmxmcXBkT3JzYUhSenR6a2hLdzNaY3p1dWJ5Wk8wdEtRL1JzdFZpQ1h6U0dja29Hbk9aWVVyTXlPb2dsVjUiLCJtYWMiOiIxN2RhNWRhNDRjOWEzMDNlNjM1OWU5YTJmY2U3MzViYzkzZmM1NzcwYmU4NWRhYzdhMWM0MDkxY2FkOGRhYzVkIiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6InZIckwycmRXWmFXT3haNHlkWU1COGc9PSIsInZhbHVlIjoiWU8zZ1FVSnBEN3FOTG9YNEZDYVB2YlY4Rk1lWDdsVFZ0T1hCWW5jbnNLN0xMdHRsT09PbjFOUVdycFBKSUJWRi9zMFRYMEk1S1pjYmJkRzk5SWJXK0ZXd3NJSzNXMzFqQVliMmZYWWlYcm5zUU8zQVE2b0lWNXhnRHNKN1pjclciLCJtYWMiOiI3OTNjMDE0ZGE4NDY1YmRmYWJiZWZlMWU2OTJjNTlhYjIyOWRhNzA5MDI2MDhlYjQ2YzFmNzAwMzJkZWExYmJlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 23:45:45 GMT
Content-Type: image/svg+xml
Content-Length: 105
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 16:48:48 GMT
x-rgw-object-type: Normal
ETag: "ec3f9709c7371aa4ab61e51dc4d03266"
x-amz-request-id: tx00000000000006b71eb14-0063d946d1-c669cc6-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu83.sf2p.intern.weebly.net
X-Revision: ad524d41b789951db95b31467c753b2cc6d2959e
X-Request-ID: 6668a3bfaf155a3c91c165e013adf875
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11028
Expires: Thu, 23 Feb 2023 02:49:33 GMT
Date: Wed, 22 Feb 2023 23:45:45 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11028
Expires: Thu, 23 Feb 2023 02:49:33 GMT
Date: Wed, 22 Feb 2023 23:45:45 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11028
Expires: Thu, 23 Feb 2023 02:49:33 GMT
Date: Wed, 22 Feb 2023 23:45:45 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11028
Expires: Thu, 23 Feb 2023 02:49:33 GMT
Date: Wed, 22 Feb 2023 23:45:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F967a89d3-06f9-41e5-a96b-891977904a13.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F967a89d3-06f9-41e5-a96b-891977904a13.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ebdd178addc400d9915852e569ca5bb
895ca9bea38c5d8a63249ba4d69141fad9b36d36
c3f7aadd4f33a54e2e079a3d11ecad137577ca034675e2346f764dbc7fae1ba7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F967a89d3-06f9-41e5-a96b-891977904a13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5881
x-amzn-requestid: 915df5b2-fdcb-4fdf-ae99-8e040be5e483
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AkyGtG_JIAMFbQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f1ca2a-4f85545b7c1064c97b49fbfa;Sampled=0
x-amzn-remapped-date: Sun, 19 Feb 2023 07:05:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RNMdrXQHsF64Twl3S5zZ5xR0xEiKdamZ1Mud_rWS5tOzSyJqiKXtlQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 16:38:46 GMT
age: 25619
etag: "895ca9bea38c5d8a63249ba4d69141fad9b36d36"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faaed7132-17d0-4617-b3f8-f713aec9243a.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faaed7132-17d0-4617-b3f8-f713aec9243a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25600c45164795c721b8cc679e1c00b2
1b5a850ab8518b01cd1c37d22abd0a835bfc7cc8
39e57a7d1101cff67274a0bcdbb20faed021c38679f833613a7165804fa11d86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faaed7132-17d0-4617-b3f8-f713aec9243a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5786
x-amzn-requestid: ea349af3-40dd-41e1-97fe-a809f6d5eee5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AuruGHcJoAMF6Mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f5bff3-19724f456dc7624217b24550;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 07:10:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: USRXxr5x55UUBScc_mpikrEIIBB2xN0Z72vZzUAyxRuNUwYUqrqvXg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 07:33:19 GMT
age: 58346
etag: "1b5a850ab8518b01cd1c37d22abd0a835bfc7cc8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c4dab71-c39e-421a-8dd6-60a97e3b2223.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c4dab71-c39e-421a-8dd6-60a97e3b2223.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9a6c075bf39141bbc7826d6969cf2ac8
8a3f71fea281d57261814a858c94fd11f083b9fe
dbd5fd07729dd569dd87128ba167ccccb2fa1c8e73f3eb6d64ac1c37f8294db7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c4dab71-c39e-421a-8dd6-60a97e3b2223.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6643
x-amzn-requestid: 326ed8fb-b228-4546-adf3-a188ce799089
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ArXwJG4OoAMFVZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f46ccd-74c2a8741928ad99733db89f;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 07:03:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Gu_G39ZXNYgyloJITQfAYavWjzrcB_sPNNOROrgBJW3BZtCVLpbxSQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 02:20:13 GMT
age: 77132
etag: "8a3f71fea281d57261814a858c94fd11f083b9fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0752d2b-baa6-43fe-9853-c2658724f5b7.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0752d2b-baa6-43fe-9853-c2658724f5b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92d2c80b251bb51747853df99da38ca1
ad95ca2ec077179e3f9e7663a5121cf712828036
1dd23526abe0cd324f4e53ff13e1de599d8c54938c773cd856be7a1cecf5b954
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0752d2b-baa6-43fe-9853-c2658724f5b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9586
x-amzn-requestid: 96df496a-e183-46f2-8c4c-5d3fa4bb6458
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqS9EKDoAMFt6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a79-2a16a6546a261fea3682a4b2;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -G7CVDFZWQF8EZWghmCaae7zzYlFNiwcnkyDGSSqshdx_eWzeziZSQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:55:57 GMT
age: 6588
etag: "ad95ca2ec077179e3f9e7663a5121cf712828036"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16bba10c-0b1a-400c-a0d0-d758645c391d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16bba10c-0b1a-400c-a0d0-d758645c391d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df07040a4f8a9dcdd6a4d8b9f9d35b93
229f7cb923d6ef0dac480883d0af0673437c5c04
46de73176cce2258bd66ca8888dfa9f49f654aecdcd132434137df06091bac85
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16bba10c-0b1a-400c-a0d0-d758645c391d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11631
x-amzn-requestid: 80f4f0f1-d97b-42ca-870d-55db701dae20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqSyG2IoAMFz-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a77-0f4faa41169ffb1231b6dc50;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: n5Pduh39Ln8uRqq8EUH-zsZ2XGk2xCXAuPeo6ivJM2s8-ubR5TzMiQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:56:07 GMT
age: 6578
etag: "229f7cb923d6ef0dac480883d0af0673437c5c04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdafc403d-ba8c-45cc-ba07-47b9b8673685.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdafc403d-ba8c-45cc-ba07-47b9b8673685.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f89fe2187067877f5d5808f1d50ec7cb
200aa55e7c88cbc90d9e4c62eb5ccbf1c14a0a6b
bb9819d00d58efbe26c0216e39ef78c0f25ad47e8ccbe9c5b169de9a324b0910
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdafc403d-ba8c-45cc-ba07-47b9b8673685.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6046
x-amzn-requestid: 2be82087-190d-4769-a112-34acec2c5d77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AkyHCEc-oAMFRoA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f1ca2c-1921dab22ab9d3d762474b9e;Sampled=0
x-amzn-remapped-date: Sun, 19 Feb 2023 07:05:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vHIE13LN8sAqSE0R7hYwmRHgWTHKSOGHsFfvwjYDBo3CfhpHnQfhWg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 18:49:36 GMT
age: 17769
etag: "200aa55e7c88cbc90d9e4c62eb5ccbf1c14a0a6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.polishedchaosbrows.ca/app/cms/api/v1/sites/15db6d80-9296-11eb-8817-df454acb2a83/facebook/pixel-events
199.34.228.164200 OK 40 B URL HTTP/1.1 www.polishedchaosbrows.ca/app/cms/api/v1/sites/15db6d80-9296-11eb-8817-df454acb2a83/facebook/pixel-events
IP 199.34.228.164:0
File type ASCII text, with no line terminators
Hash 239e01460781ffd1703487f7deb65135
ee6b1ab6be9c0c38c2c2aa153374e6c2c10b6f6a
33d0ae84d4ac0bf2a65110eb76816acb49a79f6f309a1196975bdc26fdf7155c
Analyzer Verdict Alert fortinet Phishing
POST /app/cms/api/v1/sites/15db6d80-9296-11eb-8817-df454acb2a83/facebook/pixel-events HTTP/1.1
Host: www.polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.polishedchaosbrows.ca/
Content-Type: application/json
X-XSRF-TOKEN: eyJpdiI6InVFTk5YZ2d1SGNvYm5NUFhyS3JyUFE9PSIsInZhbHVlIjoiaHJRSE10MlZLOUo2cFloZHVnTXJxY1ZIcFNUbGhBd2Y1TmdmYVZKbTAvU2w2Z0o4eHV5c01KZkprVkg0WTgxakhkWDlKakFQd0FJWnFucTdRWmZMS25ScEQ0YzRoZ1JoN1Bia05kczk5SW1kU1g3WnpYdHQxUkdRQXN4d3RTbjYiLCJtYWMiOiIwNWMyMTJlZGE1OTc5NTdkMWEzZTZhMGE3YzA3NWE0YjUzZjE4NWMwZWY3MTM1N2E2ZTU4YzMzNTE3OTc4OTE1IiwidGFnIjoiIn0=
Origin: https://www.polishedchaosbrows.ca
Content-Length: 99
Connection: keep-alive
Cookie: publishedsite-xsrf=eyJpdiI6InVFTk5YZ2d1SGNvYm5NUFhyS3JyUFE9PSIsInZhbHVlIjoiaHJRSE10MlZLOUo2cFloZHVnTXJxY1ZIcFNUbGhBd2Y1TmdmYVZKbTAvU2w2Z0o4eHV5c01KZkprVkg0WTgxakhkWDlKakFQd0FJWnFucTdRWmZMS25ScEQ0YzRoZ1JoN1Bia05kczk5SW1kU1g3WnpYdHQxUkdRQXN4d3RTbjYiLCJtYWMiOiIwNWMyMTJlZGE1OTc5NTdkMWEzZTZhMGE3YzA3NWE0YjUzZjE4NWMwZWY3MTM1N2E2ZTU4YzMzNTE3OTc4OTE1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IkFGYkR6a3VncjRkN2xYZGZtclBDb1E9PSIsInZhbHVlIjoiMitGRllqeENLVWxFM0E3ZHZVR0Q5NmJFUzlKckJUcjdqRVZwek16N1VpeEJBWVpXWXVGcXUzb0hnTWRLQXZjTnRPMmxmcXBkT3JzYUhSenR6a2hLdzNaY3p1dWJ5Wk8wdEtRL1JzdFZpQ1h6U0dja29Hbk9aWVVyTXlPb2dsVjUiLCJtYWMiOiIxN2RhNWRhNDRjOWEzMDNlNjM1OWU5YTJmY2U3MzViYzkzZmM1NzcwYmU4NWRhYzdhMWM0MDkxY2FkOGRhYzVkIiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6InZIckwycmRXWmFXT3haNHlkWU1COGc9PSIsInZhbHVlIjoiWU8zZ1FVSnBEN3FOTG9YNEZDYVB2YlY4Rk1lWDdsVFZ0T1hCWW5jbnNLN0xMdHRsT09PbjFOUVdycFBKSUJWRi9zMFRYMEk1S1pjYmJkRzk5SWJXK0ZXd3NJSzNXMzFqQVliMmZYWWlYcm5zUU8zQVE2b0lWNXhnRHNKN1pjclciLCJtYWMiOiI3OTNjMDE0ZGE4NDY1YmRmYWJiZWZlMWU2OTJjNTlhYjIyOWRhNzA5MDI2MDhlYjQ2YzFmNzAwMzJkZWExYmJlIiwidGFnIjoiIn0%3D; _snow_ses.0500=*; _snow_id.0500=3e4aa3ce-44a1-49a6-b31d-7e1c307be712.1677109546.1.1677109546.1677109546.1fcaa3fc-5411-4d26-bac0-8917cda62073
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Wed, 22 Feb 2023 23:45:45 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6Ind6anJ2Q3UrU1BmdlA4REI4dDNDZXc9PSIsInZhbHVlIjoiL09FS05MdHlvSGRaTVhSNWJKWjJ1aXpBMjNqNll2Q2M1VVpyeHBUOThIN2hEN1BxQWwxTGx5YzYvb1RyUW0yL2ZyMDl6bksvZjJsNDBZL0ZHaWVsM3d4YU84MGVuVm5XNjZ6S2V4aUVmakFNYnVYYXc2ZmcxQTRWeHdIWjRMU2QiLCJtYWMiOiJiMTJkZWYyYzgzZWY4N2JhZWIyMjc0YTc4NzJiYzk1NjUxMDkzYWRiZWIwM2RjYWI5ZDVlODZhYzVhOGZjNjU1IiwidGFnIjoiIn0%3D; expires=Wed, 08-Mar-2023 23:45:45 GMT; Max-Age=1209600; path=/; samesite=lax
XSRF-TOKEN=eyJpdiI6IkQxaGhlWW9nRStFalZwelBuWFJWVUE9PSIsInZhbHVlIjoicit5VjlJU055dkR0RmRreWNRdVBac2ZscHJvNlNmWGZsZi92aHcyMG5YRGZZRmVjOVNDdFdSSzRTZVl3NWg2WnlRRDVKTFdUL0dibFAvL1lpY3J2MjdYQ1NTbjBZdkxwUkFzZ0VabVI1aWlOVG9HZis0Y3NjaXZSS3hsQU1Wb2siLCJtYWMiOiI2M2EwYjhkM2MyMTY5ODhmODI0NDI4NzZmYjI0MGVjNDZlNGQwNmIwMWM0OTkwNmViYzVhNGVmZDQzZTc2ZDg2IiwidGFnIjoiIn0%3D; expires=Wed, 08-Mar-2023 23:45:45 GMT; Max-Age=1209600; path=/; samesite=lax
PublishedSiteSession=eyJpdiI6IkMxM3g5ZzgzbWZRbHJnRkxRNDd1QUE9PSIsInZhbHVlIjoiWjFBMDFpNVFpdE92cHIvWlN4R29IQkJ2VHZyTzAwVU9xYldFN01JYlRkYlZYWVBZaU1TMG1iWWRYS0hPZjJISk80d0orSUFXM2t4c2ZYQkJXTklmVlR3Q043c09SYjNRRGVZc2FiVU9BSGNsOEJKT1NHbnlZMTZBVGNtZThENHUiLCJtYWMiOiI1NDFmMjBiNjNmYWFhOTY1ZDllYTM0YjlhOWVkZTNhNDFkNGJkYmNhOTJkOTUwZWQ0OThiZTI0MmM5Mzg1MDczIiwidGFnIjoiIn0%3D; expires=Wed, 08-Mar-2023 23:45:45 GMT; Max-Age=1209600; path=/; httponly; samesite=lax
X-Host: grn64.sf2p.intern.weebly.net
X-Revision: ad524d41b789951db95b31467c753b2cc6d2959e
X-Request-ID: 12027d6a73b0c748491801e4751a9823
Content-Encoding: gzip
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash bfbc7304d349ed3d2d850da70b1b703c
9714557c222ad8e8dc3ce7c3662f2764eea0b792
29271c21e0818ea6e6ec7562bdb3b339ec8c27ee003bd9b185cf2fd2e1be6167
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=115897
Date: Wed, 22 Feb 2023 23:45:45 GMT
Etag: "63f5b276-1d7"
Expires: Fri, 24 Feb 2023 07:57:22 GMT
Last-Modified: Wed, 22 Feb 2023 06:13:10 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SHjOCyC5wAJWpzH2FnSK3udRVH9hXuIoELFIdOqW832QZXutbt4STg==
Age: 6252
cdn3.editmysite.com/app/website/js/languages/en.74e990139302cd3a1d8b.js
151.101.1.46200 OK 471 B URL HTTP/2 cdn3.editmysite.com/app/website/js/languages/en.74e990139302cd3a1d8b.js
IP 151.101.1.46:0
Hash bfbc7304d349ed3d2d850da70b1b703c
9714557c222ad8e8dc3ce7c3662f2764eea0b792
29271c21e0818ea6e6ec7562bdb3b339ec8c27ee003bd9b185cf2fd2e1be6167
GET /app/website/js/languages/en.74e990139302cd3a1d8b.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Wed, 22 Feb 2023 16:57:37 GMT
x-rgw-object-type: Normal
etag: W/"46f4dedc95fb7868fffa6f1c78f88c88"
x-amz-request-id: tx00000000000007b793c8d-0063f649e9-c696eea-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/languages/en.74e990139302cd3a1d8b.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 705682b38c18a701e4fbf434af8010487e0cd5f2
x-request-id: ddcd782a8c3bd160c6c804c4e07b0b10
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Wed, 22 Feb 2023 23:45:45 GMT
via: 1.1 varnish
age: 24362
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1677109545.150997,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 154007
X-Firefox-Spdy: h2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
54.188.178.80200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 54.188.178.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.polishedchaosbrows.ca/
Origin: https://www.polishedchaosbrows.ca
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Feb 2023 23:45:45 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.polishedchaosbrows.ca
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
www.polishedchaosbrows.ca/static/icons/payment-methods/applepay.svg
199.34.228.164200 OK 3.0 kB URL HTTP/1.1 www.polishedchaosbrows.ca/static/icons/payment-methods/applepay.svg
IP 199.34.228.164:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2381)
Hash c9f0fd2c3c94b10595455b840e220672
7734e007c6a4dd650d38be5b29c7335cf9cbfb97
a1aedf64c61a6c121aa0e78164ad0d32f1ebbfd949197c88c7f48462bcbed3ab
Analyzer Verdict Alert fortinet Phishing
GET /static/icons/payment-methods/applepay.svg HTTP/1.1
Host: www.polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Cookie: publishedsite-xsrf=eyJpdiI6Ind6anJ2Q3UrU1BmdlA4REI4dDNDZXc9PSIsInZhbHVlIjoiL09FS05MdHlvSGRaTVhSNWJKWjJ1aXpBMjNqNll2Q2M1VVpyeHBUOThIN2hEN1BxQWwxTGx5YzYvb1RyUW0yL2ZyMDl6bksvZjJsNDBZL0ZHaWVsM3d4YU84MGVuVm5XNjZ6S2V4aUVmakFNYnVYYXc2ZmcxQTRWeHdIWjRMU2QiLCJtYWMiOiJiMTJkZWYyYzgzZWY4N2JhZWIyMjc0YTc4NzJiYzk1NjUxMDkzYWRiZWIwM2RjYWI5ZDVlODZhYzVhOGZjNjU1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IkQxaGhlWW9nRStFalZwelBuWFJWVUE9PSIsInZhbHVlIjoicit5VjlJU055dkR0RmRreWNRdVBac2ZscHJvNlNmWGZsZi92aHcyMG5YRGZZRmVjOVNDdFdSSzRTZVl3NWg2WnlRRDVKTFdUL0dibFAvL1lpY3J2MjdYQ1NTbjBZdkxwUkFzZ0VabVI1aWlOVG9HZis0Y3NjaXZSS3hsQU1Wb2siLCJtYWMiOiI2M2EwYjhkM2MyMTY5ODhmODI0NDI4NzZmYjI0MGVjNDZlNGQwNmIwMWM0OTkwNmViYzVhNGVmZDQzZTc2ZDg2IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IkMxM3g5ZzgzbWZRbHJnRkxRNDd1QUE9PSIsInZhbHVlIjoiWjFBMDFpNVFpdE92cHIvWlN4R29IQkJ2VHZyTzAwVU9xYldFN01JYlRkYlZYWVBZaU1TMG1iWWRYS0hPZjJISk80d0orSUFXM2t4c2ZYQkJXTklmVlR3Q043c09SYjNRRGVZc2FiVU9BSGNsOEJKT1NHbnlZMTZBVGNtZThENHUiLCJtYWMiOiI1NDFmMjBiNjNmYWFhOTY1ZDllYTM0YjlhOWVkZTNhNDFkNGJkYmNhOTJkOTUwZWQ0OThiZTI0MmM5Mzg1MDczIiwidGFnIjoiIn0%3D; _snow_ses.0500=*; _snow_id.0500=3e4aa3ce-44a1-49a6-b31d-7e1c307be712.1677109546.1.1677109546.1677109546.1fcaa3fc-5411-4d26-bac0-8917cda62073; _dd_s=rum=1&id=4902ce7f-d474-4c23-8c5f-1cca77543fab&created=1677109546313&expire=1677110446313
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 23:45:46 GMT
Content-Type: image/svg+xml
Content-Length: 2986
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "c9f0fd2c3c94b10595455b840e220672"
x-amz-request-id: tx000000000000001a5c248-00628473f6-b9fbc77-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu74.sf2p.intern.weebly.net
X-Revision: ad524d41b789951db95b31467c753b2cc6d2959e
X-Request-ID: 683d8f93412fed1967bc03fb5ed7575e
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
54.188.178.80200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 54.188.178.80:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1944
Origin: https://www.polishedchaosbrows.ca
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Feb 2023 23:45:46 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=726e0faf-92a8-4b33-b606-e5479c286f6f; Expires=Thu, 22 Feb 2024 23:45:46 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.polishedchaosbrows.ca
access-control-allow-credentials: true
X-Firefox-Spdy: h2
sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
35.188.42.15200 OK 2 B URL HTTP/1.1 sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
IP 35.188.42.15:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.polishedchaosbrows.ca/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.polishedchaosbrows.ca
Content-Length: 429
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 23:45:46 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://www.polishedchaosbrows.ca
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
vary: Origin
x-envoy-upstream-service-time: 1
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
www.polishedchaosbrows.ca/app/website/cms/api/v1/users/136967202/customers/coordinates
199.34.228.164200 OK 70 B URL HTTP/1.1 www.polishedchaosbrows.ca/app/website/cms/api/v1/users/136967202/customers/coordinates
IP 199.34.228.164:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0202fec5c18173b1ccef517d7a8fb076
ed3c42952ab998b5f8f4570735caccb08bbbfbba
a496539bedf56d084f7654fb244367daf638da6ab09f7812b81c743baa995e26
Analyzer Verdict Alert fortinet Phishing
GET /app/website/cms/api/v1/users/136967202/customers/coordinates HTTP/1.1
Host: www.polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IkQxaGhlWW9nRStFalZwelBuWFJWVUE9PSIsInZhbHVlIjoicit5VjlJU055dkR0RmRreWNRdVBac2ZscHJvNlNmWGZsZi92aHcyMG5YRGZZRmVjOVNDdFdSSzRTZVl3NWg2WnlRRDVKTFdUL0dibFAvL1lpY3J2MjdYQ1NTbjBZdkxwUkFzZ0VabVI1aWlOVG9HZis0Y3NjaXZSS3hsQU1Wb2siLCJtYWMiOiI2M2EwYjhkM2MyMTY5ODhmODI0NDI4NzZmYjI0MGVjNDZlNGQwNmIwMWM0OTkwNmViYzVhNGVmZDQzZTc2ZDg2IiwidGFnIjoiIn0=
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Cookie: publishedsite-xsrf=eyJpdiI6Ind6anJ2Q3UrU1BmdlA4REI4dDNDZXc9PSIsInZhbHVlIjoiL09FS05MdHlvSGRaTVhSNWJKWjJ1aXpBMjNqNll2Q2M1VVpyeHBUOThIN2hEN1BxQWwxTGx5YzYvb1RyUW0yL2ZyMDl6bksvZjJsNDBZL0ZHaWVsM3d4YU84MGVuVm5XNjZ6S2V4aUVmakFNYnVYYXc2ZmcxQTRWeHdIWjRMU2QiLCJtYWMiOiJiMTJkZWYyYzgzZWY4N2JhZWIyMjc0YTc4NzJiYzk1NjUxMDkzYWRiZWIwM2RjYWI5ZDVlODZhYzVhOGZjNjU1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IkQxaGhlWW9nRStFalZwelBuWFJWVUE9PSIsInZhbHVlIjoicit5VjlJU055dkR0RmRreWNRdVBac2ZscHJvNlNmWGZsZi92aHcyMG5YRGZZRmVjOVNDdFdSSzRTZVl3NWg2WnlRRDVKTFdUL0dibFAvL1lpY3J2MjdYQ1NTbjBZdkxwUkFzZ0VabVI1aWlOVG9HZis0Y3NjaXZSS3hsQU1Wb2siLCJtYWMiOiI2M2EwYjhkM2MyMTY5ODhmODI0NDI4NzZmYjI0MGVjNDZlNGQwNmIwMWM0OTkwNmViYzVhNGVmZDQzZTc2ZDg2IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IkMxM3g5ZzgzbWZRbHJnRkxRNDd1QUE9PSIsInZhbHVlIjoiWjFBMDFpNVFpdE92cHIvWlN4R29IQkJ2VHZyTzAwVU9xYldFN01JYlRkYlZYWVBZaU1TMG1iWWRYS0hPZjJISk80d0orSUFXM2t4c2ZYQkJXTklmVlR3Q043c09SYjNRRGVZc2FiVU9BSGNsOEJKT1NHbnlZMTZBVGNtZThENHUiLCJtYWMiOiI1NDFmMjBiNjNmYWFhOTY1ZDllYTM0YjlhOWVkZTNhNDFkNGJkYmNhOTJkOTUwZWQ0OThiZTI0MmM5Mzg1MDczIiwidGFnIjoiIn0%3D; _snow_ses.0500=*; _snow_id.0500=3e4aa3ce-44a1-49a6-b31d-7e1c307be712.1677109546.1.1677109546.1677109546.1fcaa3fc-5411-4d26-bac0-8917cda62073; _dd_s=rum=1&id=4902ce7f-d474-4c23-8c5f-1cca77543fab&created=1677109546313&expire=1677110446313
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Wed, 22 Feb 2023 23:45:46 GMT
Set-Cookie: websitespring-xsrf=eyJpdiI6ImJXcC9vaU05QXNIUWtQc3lScVYramc9PSIsInZhbHVlIjoiSVVMZGRjUERyNlc4OW9TVFoyY0o3Z1llbFZxc09jRWdHKzZCZmZWRUVDSFUyejlTZkd1L1F6VXhScUxMMWl4ZjdkRi9lTWNpandsWVBaZ1dYa2JsVEZGS2NoWnVIV0dZK2VBUVU0bEprUzRidkRuS0xHNUpwWnczNVl0ZHZOV1AiLCJtYWMiOiI0ZDczODc0MTg2ZWZhYzI3YWQ3ZTZiOTQ1MzYwNWE3Njc5NGU4ZWRkNWM0ZWVjMzI4MzVkMGM1YTRjOGQyOGI5IiwidGFnIjoiIn0%3D; expires=Wed, 08-Mar-2023 23:45:46 GMT; Max-Age=1209600; path=/; samesite=lax
XSRF-TOKEN=eyJpdiI6IlVpK2FSOE0rNHY4eG9vU0pHZ3lGbVE9PSIsInZhbHVlIjoiVUcrWG5LTXc1eXJLKzBydUVvY1d3ZDJGdmF2L2tMUzhmNXBId3J6ZDNIWUZ5T1plWGx0bHJvVDNlZDN1ZDFMSXRwZzBCTENRaWt2NXBTSlB4c0NOS2pnbkJsTlhoSW5peWxRTlMwNkwrQjdFQnZka1NTNGpvUTRyZGx6aFVMSXIiLCJtYWMiOiJmNmQ2MGJlOTRiNWJmODZlYzY4Nzk1ZDQxOWRjNjU2MWJhNjA5MDE5Zjg3NGY0NjA0ZGM4YTNkZGUyMDRmMjY3IiwidGFnIjoiIn0%3D; expires=Wed, 08-Mar-2023 23:45:46 GMT; Max-Age=1209600; path=/; samesite=lax
X-Host: blu136.sf2p.intern.weebly.net
X-Revision: ad524d41b789951db95b31467c753b2cc6d2959e
X-Request-ID: 97180f6ac514699841adb101feac3fc3
Content-Encoding: gzip
www.polishedchaosbrows.ca/static/icons/payment-methods/americanexpress.svg
199.34.228.164200 OK 1.2 kB URL HTTP/1.1 www.polishedchaosbrows.ca/static/icons/payment-methods/americanexpress.svg
IP 199.34.228.164:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (955)
Hash 2d510915ad1e47e7f6fa0a9ca6dfe7d2
a94981dcae88d70869bce16df350fbc0fbc0c138
52c75baa1c05af510c5017a200f40094bba37a6ccbb2fe5ce2542f331b812204
Analyzer Verdict Alert fortinet Phishing
GET /static/icons/payment-methods/americanexpress.svg HTTP/1.1
Host: www.polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Cookie: publishedsite-xsrf=eyJpdiI6Ind6anJ2Q3UrU1BmdlA4REI4dDNDZXc9PSIsInZhbHVlIjoiL09FS05MdHlvSGRaTVhSNWJKWjJ1aXpBMjNqNll2Q2M1VVpyeHBUOThIN2hEN1BxQWwxTGx5YzYvb1RyUW0yL2ZyMDl6bksvZjJsNDBZL0ZHaWVsM3d4YU84MGVuVm5XNjZ6S2V4aUVmakFNYnVYYXc2ZmcxQTRWeHdIWjRMU2QiLCJtYWMiOiJiMTJkZWYyYzgzZWY4N2JhZWIyMjc0YTc4NzJiYzk1NjUxMDkzYWRiZWIwM2RjYWI5ZDVlODZhYzVhOGZjNjU1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IkQxaGhlWW9nRStFalZwelBuWFJWVUE9PSIsInZhbHVlIjoicit5VjlJU055dkR0RmRreWNRdVBac2ZscHJvNlNmWGZsZi92aHcyMG5YRGZZRmVjOVNDdFdSSzRTZVl3NWg2WnlRRDVKTFdUL0dibFAvL1lpY3J2MjdYQ1NTbjBZdkxwUkFzZ0VabVI1aWlOVG9HZis0Y3NjaXZSS3hsQU1Wb2siLCJtYWMiOiI2M2EwYjhkM2MyMTY5ODhmODI0NDI4NzZmYjI0MGVjNDZlNGQwNmIwMWM0OTkwNmViYzVhNGVmZDQzZTc2ZDg2IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IkMxM3g5ZzgzbWZRbHJnRkxRNDd1QUE9PSIsInZhbHVlIjoiWjFBMDFpNVFpdE92cHIvWlN4R29IQkJ2VHZyTzAwVU9xYldFN01JYlRkYlZYWVBZaU1TMG1iWWRYS0hPZjJISk80d0orSUFXM2t4c2ZYQkJXTklmVlR3Q043c09SYjNRRGVZc2FiVU9BSGNsOEJKT1NHbnlZMTZBVGNtZThENHUiLCJtYWMiOiI1NDFmMjBiNjNmYWFhOTY1ZDllYTM0YjlhOWVkZTNhNDFkNGJkYmNhOTJkOTUwZWQ0OThiZTI0MmM5Mzg1MDczIiwidGFnIjoiIn0%3D; _snow_ses.0500=*; _snow_id.0500=3e4aa3ce-44a1-49a6-b31d-7e1c307be712.1677109546.1.1677109546.1677109546.1fcaa3fc-5411-4d26-bac0-8917cda62073; _dd_s=rum=1&id=4902ce7f-d474-4c23-8c5f-1cca77543fab&created=1677109546313&expire=1677110446313
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 23:45:46 GMT
Content-Type: image/svg+xml
Content-Length: 1206
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "2d510915ad1e47e7f6fa0a9ca6dfe7d2"
x-amz-request-id: tx000000000000001ae675d-00628473fd-b9fbc63-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu74.sf2p.intern.weebly.net
X-Revision: ad524d41b789951db95b31467c753b2cc6d2959e
X-Request-ID: b9da51f476039a7dfb17ac8f59bcafe7
www.polishedchaosbrows.ca/static/icons/payment-methods/googlepay.svg
199.34.228.164200 OK 3.1 kB URL HTTP/1.1 www.polishedchaosbrows.ca/static/icons/payment-methods/googlepay.svg
IP 199.34.228.164:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1581)
Hash 2e6b26f9d61dd22468981356313ca58c
df83a373e46337f409c59947b4ae5f9abe1d896a
85d63842ff30824d4324316344c9eea12995869cc3f5f353fbfa2c3008980222
Analyzer Verdict Alert fortinet Phishing
GET /static/icons/payment-methods/googlepay.svg HTTP/1.1
Host: www.polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Cookie: publishedsite-xsrf=eyJpdiI6Ind6anJ2Q3UrU1BmdlA4REI4dDNDZXc9PSIsInZhbHVlIjoiL09FS05MdHlvSGRaTVhSNWJKWjJ1aXpBMjNqNll2Q2M1VVpyeHBUOThIN2hEN1BxQWwxTGx5YzYvb1RyUW0yL2ZyMDl6bksvZjJsNDBZL0ZHaWVsM3d4YU84MGVuVm5XNjZ6S2V4aUVmakFNYnVYYXc2ZmcxQTRWeHdIWjRMU2QiLCJtYWMiOiJiMTJkZWYyYzgzZWY4N2JhZWIyMjc0YTc4NzJiYzk1NjUxMDkzYWRiZWIwM2RjYWI5ZDVlODZhYzVhOGZjNjU1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IkQxaGhlWW9nRStFalZwelBuWFJWVUE9PSIsInZhbHVlIjoicit5VjlJU055dkR0RmRreWNRdVBac2ZscHJvNlNmWGZsZi92aHcyMG5YRGZZRmVjOVNDdFdSSzRTZVl3NWg2WnlRRDVKTFdUL0dibFAvL1lpY3J2MjdYQ1NTbjBZdkxwUkFzZ0VabVI1aWlOVG9HZis0Y3NjaXZSS3hsQU1Wb2siLCJtYWMiOiI2M2EwYjhkM2MyMTY5ODhmODI0NDI4NzZmYjI0MGVjNDZlNGQwNmIwMWM0OTkwNmViYzVhNGVmZDQzZTc2ZDg2IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IkMxM3g5ZzgzbWZRbHJnRkxRNDd1QUE9PSIsInZhbHVlIjoiWjFBMDFpNVFpdE92cHIvWlN4R29IQkJ2VHZyTzAwVU9xYldFN01JYlRkYlZYWVBZaU1TMG1iWWRYS0hPZjJISk80d0orSUFXM2t4c2ZYQkJXTklmVlR3Q043c09SYjNRRGVZc2FiVU9BSGNsOEJKT1NHbnlZMTZBVGNtZThENHUiLCJtYWMiOiI1NDFmMjBiNjNmYWFhOTY1ZDllYTM0YjlhOWVkZTNhNDFkNGJkYmNhOTJkOTUwZWQ0OThiZTI0MmM5Mzg1MDczIiwidGFnIjoiIn0%3D; _snow_ses.0500=*; _snow_id.0500=3e4aa3ce-44a1-49a6-b31d-7e1c307be712.1677109546.1.1677109546.1677109546.1fcaa3fc-5411-4d26-bac0-8917cda62073; _dd_s=rum=1&id=4902ce7f-d474-4c23-8c5f-1cca77543fab&created=1677109546313&expire=1677110446313
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 23:45:46 GMT
Content-Type: image/svg+xml
Content-Length: 3115
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "2e6b26f9d61dd22468981356313ca58c"
x-amz-request-id: tx000000000000001ac6a2f-00628473f9-b9fbc64-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu45.sf2p.intern.weebly.net
X-Revision: ad524d41b789951db95b31467c753b2cc6d2959e
X-Request-ID: 8f9f8f90088ac5f46f2842f4a763d131
www.polishedchaosbrows.ca/static/icons/payment-methods/discover.svg
199.34.228.164200 OK 3.1 kB URL HTTP/1.1 www.polishedchaosbrows.ca/static/icons/payment-methods/discover.svg
IP 199.34.228.164:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2151)
Hash 9e274d45e1f0b4185bb742d876cee3f5
67405429005f54a1cfb1a27e27491d89814f9ede
a9e66fbb3fb33098304147be606afc2b8e8c8f745db8a83bb6b2d7a0a9a42abc
Analyzer Verdict Alert fortinet Phishing
GET /static/icons/payment-methods/discover.svg HTTP/1.1
Host: www.polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Cookie: publishedsite-xsrf=eyJpdiI6Ind6anJ2Q3UrU1BmdlA4REI4dDNDZXc9PSIsInZhbHVlIjoiL09FS05MdHlvSGRaTVhSNWJKWjJ1aXpBMjNqNll2Q2M1VVpyeHBUOThIN2hEN1BxQWwxTGx5YzYvb1RyUW0yL2ZyMDl6bksvZjJsNDBZL0ZHaWVsM3d4YU84MGVuVm5XNjZ6S2V4aUVmakFNYnVYYXc2ZmcxQTRWeHdIWjRMU2QiLCJtYWMiOiJiMTJkZWYyYzgzZWY4N2JhZWIyMjc0YTc4NzJiYzk1NjUxMDkzYWRiZWIwM2RjYWI5ZDVlODZhYzVhOGZjNjU1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IkQxaGhlWW9nRStFalZwelBuWFJWVUE9PSIsInZhbHVlIjoicit5VjlJU055dkR0RmRreWNRdVBac2ZscHJvNlNmWGZsZi92aHcyMG5YRGZZRmVjOVNDdFdSSzRTZVl3NWg2WnlRRDVKTFdUL0dibFAvL1lpY3J2MjdYQ1NTbjBZdkxwUkFzZ0VabVI1aWlOVG9HZis0Y3NjaXZSS3hsQU1Wb2siLCJtYWMiOiI2M2EwYjhkM2MyMTY5ODhmODI0NDI4NzZmYjI0MGVjNDZlNGQwNmIwMWM0OTkwNmViYzVhNGVmZDQzZTc2ZDg2IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IkMxM3g5ZzgzbWZRbHJnRkxRNDd1QUE9PSIsInZhbHVlIjoiWjFBMDFpNVFpdE92cHIvWlN4R29IQkJ2VHZyTzAwVU9xYldFN01JYlRkYlZYWVBZaU1TMG1iWWRYS0hPZjJISk80d0orSUFXM2t4c2ZYQkJXTklmVlR3Q043c09SYjNRRGVZc2FiVU9BSGNsOEJKT1NHbnlZMTZBVGNtZThENHUiLCJtYWMiOiI1NDFmMjBiNjNmYWFhOTY1ZDllYTM0YjlhOWVkZTNhNDFkNGJkYmNhOTJkOTUwZWQ0OThiZTI0MmM5Mzg1MDczIiwidGFnIjoiIn0%3D; _snow_ses.0500=*; _snow_id.0500=3e4aa3ce-44a1-49a6-b31d-7e1c307be712.1677109546.1.1677109546.1677109546.1fcaa3fc-5411-4d26-bac0-8917cda62073; _dd_s=rum=1&id=4902ce7f-d474-4c23-8c5f-1cca77543fab&created=1677109546313&expire=1677110446313
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 23:45:46 GMT
Content-Type: image/svg+xml
Content-Length: 3087
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "9e274d45e1f0b4185bb742d876cee3f5"
x-amz-request-id: tx000000000000001ac6a0f-00628473f9-b9fbc64-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn144.sf2p.intern.weebly.net
X-Revision: ad524d41b789951db95b31467c753b2cc6d2959e
X-Request-ID: 597adaacef89d065fb95d7b6ef573d30
www.polishedchaosbrows.ca/static/icons/payment-methods/mastercard.svg
199.34.228.164200 OK 1.7 kB URL HTTP/1.1 www.polishedchaosbrows.ca/static/icons/payment-methods/mastercard.svg
IP 199.34.228.164:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (424)
Hash 1448577966d9c16095880130e876db7a
ecfaef0be795af04cab2f95d7457721a35cf1742
0b6808d0e93f753a1036f42b52c1a2616662d1503f8d07234a98ee54d7a3dd1e
Analyzer Verdict Alert fortinet Phishing
GET /static/icons/payment-methods/mastercard.svg HTTP/1.1
Host: www.polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Cookie: publishedsite-xsrf=eyJpdiI6Ind6anJ2Q3UrU1BmdlA4REI4dDNDZXc9PSIsInZhbHVlIjoiL09FS05MdHlvSGRaTVhSNWJKWjJ1aXpBMjNqNll2Q2M1VVpyeHBUOThIN2hEN1BxQWwxTGx5YzYvb1RyUW0yL2ZyMDl6bksvZjJsNDBZL0ZHaWVsM3d4YU84MGVuVm5XNjZ6S2V4aUVmakFNYnVYYXc2ZmcxQTRWeHdIWjRMU2QiLCJtYWMiOiJiMTJkZWYyYzgzZWY4N2JhZWIyMjc0YTc4NzJiYzk1NjUxMDkzYWRiZWIwM2RjYWI5ZDVlODZhYzVhOGZjNjU1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IkQxaGhlWW9nRStFalZwelBuWFJWVUE9PSIsInZhbHVlIjoicit5VjlJU055dkR0RmRreWNRdVBac2ZscHJvNlNmWGZsZi92aHcyMG5YRGZZRmVjOVNDdFdSSzRTZVl3NWg2WnlRRDVKTFdUL0dibFAvL1lpY3J2MjdYQ1NTbjBZdkxwUkFzZ0VabVI1aWlOVG9HZis0Y3NjaXZSS3hsQU1Wb2siLCJtYWMiOiI2M2EwYjhkM2MyMTY5ODhmODI0NDI4NzZmYjI0MGVjNDZlNGQwNmIwMWM0OTkwNmViYzVhNGVmZDQzZTc2ZDg2IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IkMxM3g5ZzgzbWZRbHJnRkxRNDd1QUE9PSIsInZhbHVlIjoiWjFBMDFpNVFpdE92cHIvWlN4R29IQkJ2VHZyTzAwVU9xYldFN01JYlRkYlZYWVBZaU1TMG1iWWRYS0hPZjJISk80d0orSUFXM2t4c2ZYQkJXTklmVlR3Q043c09SYjNRRGVZc2FiVU9BSGNsOEJKT1NHbnlZMTZBVGNtZThENHUiLCJtYWMiOiI1NDFmMjBiNjNmYWFhOTY1ZDllYTM0YjlhOWVkZTNhNDFkNGJkYmNhOTJkOTUwZWQ0OThiZTI0MmM5Mzg1MDczIiwidGFnIjoiIn0%3D; _snow_ses.0500=*; _snow_id.0500=3e4aa3ce-44a1-49a6-b31d-7e1c307be712.1677109546.1.1677109546.1677109546.1fcaa3fc-5411-4d26-bac0-8917cda62073; _dd_s=rum=1&id=4902ce7f-d474-4c23-8c5f-1cca77543fab&created=1677109546313&expire=1677110446313
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 23:45:46 GMT
Content-Type: image/svg+xml
Content-Length: 1657
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:39 GMT
x-rgw-object-type: Normal
ETag: "1448577966d9c16095880130e876db7a"
x-amz-request-id: tx000000000000001a887f3-00628473fd-b9fbc20-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn41.sf2p.intern.weebly.net
X-Revision: ad524d41b789951db95b31467c753b2cc6d2959e
X-Request-ID: a2bd5e189577ec8bc2000ef51d31de36
www.polishedchaosbrows.ca/static/icons/payment-methods/visa.svg
199.34.228.164200 OK 2.2 kB URL HTTP/1.1 www.polishedchaosbrows.ca/static/icons/payment-methods/visa.svg
IP 199.34.228.164:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1610)
Hash 98e2d557ac9311fbf6c47dcb9cb2c730
e58712545669ba118a42f2e47fcaaabd095cdc6c
0647e086fe11b0748687b68e25c9d2830b8fa08c4397c6c7c6e327d5e8e6c43d
Analyzer Verdict Alert fortinet Phishing
GET /static/icons/payment-methods/visa.svg HTTP/1.1
Host: www.polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Cookie: publishedsite-xsrf=eyJpdiI6Ind6anJ2Q3UrU1BmdlA4REI4dDNDZXc9PSIsInZhbHVlIjoiL09FS05MdHlvSGRaTVhSNWJKWjJ1aXpBMjNqNll2Q2M1VVpyeHBUOThIN2hEN1BxQWwxTGx5YzYvb1RyUW0yL2ZyMDl6bksvZjJsNDBZL0ZHaWVsM3d4YU84MGVuVm5XNjZ6S2V4aUVmakFNYnVYYXc2ZmcxQTRWeHdIWjRMU2QiLCJtYWMiOiJiMTJkZWYyYzgzZWY4N2JhZWIyMjc0YTc4NzJiYzk1NjUxMDkzYWRiZWIwM2RjYWI5ZDVlODZhYzVhOGZjNjU1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IkQxaGhlWW9nRStFalZwelBuWFJWVUE9PSIsInZhbHVlIjoicit5VjlJU055dkR0RmRreWNRdVBac2ZscHJvNlNmWGZsZi92aHcyMG5YRGZZRmVjOVNDdFdSSzRTZVl3NWg2WnlRRDVKTFdUL0dibFAvL1lpY3J2MjdYQ1NTbjBZdkxwUkFzZ0VabVI1aWlOVG9HZis0Y3NjaXZSS3hsQU1Wb2siLCJtYWMiOiI2M2EwYjhkM2MyMTY5ODhmODI0NDI4NzZmYjI0MGVjNDZlNGQwNmIwMWM0OTkwNmViYzVhNGVmZDQzZTc2ZDg2IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IkMxM3g5ZzgzbWZRbHJnRkxRNDd1QUE9PSIsInZhbHVlIjoiWjFBMDFpNVFpdE92cHIvWlN4R29IQkJ2VHZyTzAwVU9xYldFN01JYlRkYlZYWVBZaU1TMG1iWWRYS0hPZjJISk80d0orSUFXM2t4c2ZYQkJXTklmVlR3Q043c09SYjNRRGVZc2FiVU9BSGNsOEJKT1NHbnlZMTZBVGNtZThENHUiLCJtYWMiOiI1NDFmMjBiNjNmYWFhOTY1ZDllYTM0YjlhOWVkZTNhNDFkNGJkYmNhOTJkOTUwZWQ0OThiZTI0MmM5Mzg1MDczIiwidGFnIjoiIn0%3D; _snow_ses.0500=*; _snow_id.0500=3e4aa3ce-44a1-49a6-b31d-7e1c307be712.1677109546.1.1677109546.1677109546.1fcaa3fc-5411-4d26-bac0-8917cda62073; _dd_s=rum=1&id=4902ce7f-d474-4c23-8c5f-1cca77543fab&created=1677109546313&expire=1677110446313
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 23:45:46 GMT
Content-Type: image/svg+xml
Content-Length: 2247
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 21:25:04 GMT
x-rgw-object-type: Normal
ETag: "98e2d557ac9311fbf6c47dcb9cb2c730"
x-amz-request-id: tx000000000000033debbab-00631274b1-c033918-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu136.sf2p.intern.weebly.net
X-Revision: ad524d41b789951db95b31467c753b2cc6d2959e
X-Request-ID: 3a98dfebb777d759c5a6fc74fc41be2e
www.polishedchaosbrows.ca/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
199.34.228.164200 OK 201 B URL HTTP/1.1 www.polishedchaosbrows.ca/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
IP 199.34.228.164:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bbf985fd86ef8add09a38860a98def2f
2804fa968da1e1b8be4b6f150438e45f4150d3c0
236153652c6f09415db4ee8f8b9a98827da5987a001a136d94d87f401ef6f160
Analyzer Verdict Alert fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments] HTTP/1.1
Host: www.polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-XSRF-TOKEN: eyJpdiI6IkQxaGhlWW9nRStFalZwelBuWFJWVUE9PSIsInZhbHVlIjoicit5VjlJU055dkR0RmRreWNRdVBac2ZscHJvNlNmWGZsZi92aHcyMG5YRGZZRmVjOVNDdFdSSzRTZVl3NWg2WnlRRDVKTFdUL0dibFAvL1lpY3J2MjdYQ1NTbjBZdkxwUkFzZ0VabVI1aWlOVG9HZis0Y3NjaXZSS3hsQU1Wb2siLCJtYWMiOiI2M2EwYjhkM2MyMTY5ODhmODI0NDI4NzZmYjI0MGVjNDZlNGQwNmIwMWM0OTkwNmViYzVhNGVmZDQzZTc2ZDg2IiwidGFnIjoiIn0=
Content-Length: 83
Origin: https://www.polishedchaosbrows.ca
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Cookie: publishedsite-xsrf=eyJpdiI6Ind6anJ2Q3UrU1BmdlA4REI4dDNDZXc9PSIsInZhbHVlIjoiL09FS05MdHlvSGRaTVhSNWJKWjJ1aXpBMjNqNll2Q2M1VVpyeHBUOThIN2hEN1BxQWwxTGx5YzYvb1RyUW0yL2ZyMDl6bksvZjJsNDBZL0ZHaWVsM3d4YU84MGVuVm5XNjZ6S2V4aUVmakFNYnVYYXc2ZmcxQTRWeHdIWjRMU2QiLCJtYWMiOiJiMTJkZWYyYzgzZWY4N2JhZWIyMjc0YTc4NzJiYzk1NjUxMDkzYWRiZWIwM2RjYWI5ZDVlODZhYzVhOGZjNjU1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IkQxaGhlWW9nRStFalZwelBuWFJWVUE9PSIsInZhbHVlIjoicit5VjlJU055dkR0RmRreWNRdVBac2ZscHJvNlNmWGZsZi92aHcyMG5YRGZZRmVjOVNDdFdSSzRTZVl3NWg2WnlRRDVKTFdUL0dibFAvL1lpY3J2MjdYQ1NTbjBZdkxwUkFzZ0VabVI1aWlOVG9HZis0Y3NjaXZSS3hsQU1Wb2siLCJtYWMiOiI2M2EwYjhkM2MyMTY5ODhmODI0NDI4NzZmYjI0MGVjNDZlNGQwNmIwMWM0OTkwNmViYzVhNGVmZDQzZTc2ZDg2IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IkMxM3g5ZzgzbWZRbHJnRkxRNDd1QUE9PSIsInZhbHVlIjoiWjFBMDFpNVFpdE92cHIvWlN4R29IQkJ2VHZyTzAwVU9xYldFN01JYlRkYlZYWVBZaU1TMG1iWWRYS0hPZjJISk80d0orSUFXM2t4c2ZYQkJXTklmVlR3Q043c09SYjNRRGVZc2FiVU9BSGNsOEJKT1NHbnlZMTZBVGNtZThENHUiLCJtYWMiOiI1NDFmMjBiNjNmYWFhOTY1ZDllYTM0YjlhOWVkZTNhNDFkNGJkYmNhOTJkOTUwZWQ0OThiZTI0MmM5Mzg1MDczIiwidGFnIjoiIn0%3D; _snow_ses.0500=*; _snow_id.0500=3e4aa3ce-44a1-49a6-b31d-7e1c307be712.1677109546.1.1677109546.1677109546.1fcaa3fc-5411-4d26-bac0-8917cda62073; _dd_s=rum=1&id=4902ce7f-d474-4c23-8c5f-1cca77543fab&created=1677109546313&expire=1677110446313
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 23:45:46 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu95.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 201
Keep-Alive: timeout=10, max=74
Connection: Keep-Alive
Content-Type: application/json
www.polishedchaosbrows.ca/static/icons/payment-methods/interac.svg
199.34.228.164200 OK 8.2 kB URL HTTP/1.1 www.polishedchaosbrows.ca/static/icons/payment-methods/interac.svg
IP 199.34.228.164:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3717)
Hash 89bbc33e54641187d4fcd53a87143199
accb0052f213f69e609310ca503dacfd8ad3f55d
c3f3f3a1d32cdca31003881222772faed110f1e4b06f6e139c965b93900a8bf2
Analyzer Verdict Alert fortinet Phishing
GET /static/icons/payment-methods/interac.svg HTTP/1.1
Host: www.polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Cookie: publishedsite-xsrf=eyJpdiI6Ind6anJ2Q3UrU1BmdlA4REI4dDNDZXc9PSIsInZhbHVlIjoiL09FS05MdHlvSGRaTVhSNWJKWjJ1aXpBMjNqNll2Q2M1VVpyeHBUOThIN2hEN1BxQWwxTGx5YzYvb1RyUW0yL2ZyMDl6bksvZjJsNDBZL0ZHaWVsM3d4YU84MGVuVm5XNjZ6S2V4aUVmakFNYnVYYXc2ZmcxQTRWeHdIWjRMU2QiLCJtYWMiOiJiMTJkZWYyYzgzZWY4N2JhZWIyMjc0YTc4NzJiYzk1NjUxMDkzYWRiZWIwM2RjYWI5ZDVlODZhYzVhOGZjNjU1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IkQxaGhlWW9nRStFalZwelBuWFJWVUE9PSIsInZhbHVlIjoicit5VjlJU055dkR0RmRreWNRdVBac2ZscHJvNlNmWGZsZi92aHcyMG5YRGZZRmVjOVNDdFdSSzRTZVl3NWg2WnlRRDVKTFdUL0dibFAvL1lpY3J2MjdYQ1NTbjBZdkxwUkFzZ0VabVI1aWlOVG9HZis0Y3NjaXZSS3hsQU1Wb2siLCJtYWMiOiI2M2EwYjhkM2MyMTY5ODhmODI0NDI4NzZmYjI0MGVjNDZlNGQwNmIwMWM0OTkwNmViYzVhNGVmZDQzZTc2ZDg2IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IkMxM3g5ZzgzbWZRbHJnRkxRNDd1QUE9PSIsInZhbHVlIjoiWjFBMDFpNVFpdE92cHIvWlN4R29IQkJ2VHZyTzAwVU9xYldFN01JYlRkYlZYWVBZaU1TMG1iWWRYS0hPZjJISk80d0orSUFXM2t4c2ZYQkJXTklmVlR3Q043c09SYjNRRGVZc2FiVU9BSGNsOEJKT1NHbnlZMTZBVGNtZThENHUiLCJtYWMiOiI1NDFmMjBiNjNmYWFhOTY1ZDllYTM0YjlhOWVkZTNhNDFkNGJkYmNhOTJkOTUwZWQ0OThiZTI0MmM5Mzg1MDczIiwidGFnIjoiIn0%3D; _snow_ses.0500=*; _snow_id.0500=3e4aa3ce-44a1-49a6-b31d-7e1c307be712.1677109546.1.1677109546.1677109546.1fcaa3fc-5411-4d26-bac0-8917cda62073; _dd_s=rum=1&id=4902ce7f-d474-4c23-8c5f-1cca77543fab&created=1677109546313&expire=1677110446313
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 23:45:46 GMT
Content-Type: image/svg+xml
Content-Length: 8249
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:39 GMT
x-rgw-object-type: Normal
ETag: "89bbc33e54641187d4fcd53a87143199"
x-amz-request-id: tx000000000000001a89a64-006284740c-b9fbc20-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn143.sf2p.intern.weebly.net
X-Revision: ad524d41b789951db95b31467c753b2cc6d2959e
X-Request-ID: 4b7a5f78985cc3a4b0900eabb8994efe
www.polishedchaosbrows.ca/static/icons/payment-methods/jcb.svg
199.34.228.164200 OK 3.9 kB URL HTTP/1.1 www.polishedchaosbrows.ca/static/icons/payment-methods/jcb.svg
IP 199.34.228.164:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1131)
Hash 32a219b916e0f1667aa650f7f8536a7b
a464d7ae31f4996c69c95a11fb791b01e55ceba8
4e8f269a2bf9b6d132634125bfe865e6342103f4cbd7953951d16c3442a24216
Analyzer Verdict Alert fortinet Phishing
GET /static/icons/payment-methods/jcb.svg HTTP/1.1
Host: www.polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Cookie: publishedsite-xsrf=eyJpdiI6Ind6anJ2Q3UrU1BmdlA4REI4dDNDZXc9PSIsInZhbHVlIjoiL09FS05MdHlvSGRaTVhSNWJKWjJ1aXpBMjNqNll2Q2M1VVpyeHBUOThIN2hEN1BxQWwxTGx5YzYvb1RyUW0yL2ZyMDl6bksvZjJsNDBZL0ZHaWVsM3d4YU84MGVuVm5XNjZ6S2V4aUVmakFNYnVYYXc2ZmcxQTRWeHdIWjRMU2QiLCJtYWMiOiJiMTJkZWYyYzgzZWY4N2JhZWIyMjc0YTc4NzJiYzk1NjUxMDkzYWRiZWIwM2RjYWI5ZDVlODZhYzVhOGZjNjU1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IkQxaGhlWW9nRStFalZwelBuWFJWVUE9PSIsInZhbHVlIjoicit5VjlJU055dkR0RmRreWNRdVBac2ZscHJvNlNmWGZsZi92aHcyMG5YRGZZRmVjOVNDdFdSSzRTZVl3NWg2WnlRRDVKTFdUL0dibFAvL1lpY3J2MjdYQ1NTbjBZdkxwUkFzZ0VabVI1aWlOVG9HZis0Y3NjaXZSS3hsQU1Wb2siLCJtYWMiOiI2M2EwYjhkM2MyMTY5ODhmODI0NDI4NzZmYjI0MGVjNDZlNGQwNmIwMWM0OTkwNmViYzVhNGVmZDQzZTc2ZDg2IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IkMxM3g5ZzgzbWZRbHJnRkxRNDd1QUE9PSIsInZhbHVlIjoiWjFBMDFpNVFpdE92cHIvWlN4R29IQkJ2VHZyTzAwVU9xYldFN01JYlRkYlZYWVBZaU1TMG1iWWRYS0hPZjJISk80d0orSUFXM2t4c2ZYQkJXTklmVlR3Q043c09SYjNRRGVZc2FiVU9BSGNsOEJKT1NHbnlZMTZBVGNtZThENHUiLCJtYWMiOiI1NDFmMjBiNjNmYWFhOTY1ZDllYTM0YjlhOWVkZTNhNDFkNGJkYmNhOTJkOTUwZWQ0OThiZTI0MmM5Mzg1MDczIiwidGFnIjoiIn0%3D; _snow_ses.0500=*; _snow_id.0500=3e4aa3ce-44a1-49a6-b31d-7e1c307be712.1677109546.1.1677109546.1677109546.1fcaa3fc-5411-4d26-bac0-8917cda62073; _dd_s=rum=1&id=4902ce7f-d474-4c23-8c5f-1cca77543fab&created=1677109546313&expire=1677110446313
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 23:45:46 GMT
Content-Type: image/svg+xml
Content-Length: 3876
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:39 GMT
x-rgw-object-type: Normal
ETag: "32a219b916e0f1667aa650f7f8536a7b"
x-amz-request-id: tx000000000000001aa70da-00628473f9-b9fbc7f-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn41.sf2p.intern.weebly.net
X-Revision: ad524d41b789951db95b31467c753b2cc6d2959e
X-Request-ID: 05201ac0b8cd1a1b4fba67ab8ebb035c
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 73559c53428cb6e4993151b1d2c64095
861bd97cacc7988a3cd429de6475b8fd299015e9
74d813be01ff2d679eefbcbfbf47e8ec2daefa4db2de2f3822495f988ce8a37c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6512
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 23:45:46 GMT
Last-Modified: Wed, 22 Feb 2023 21:57:14 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
www.polishedchaosbrows.ca/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
199.34.228.164200 OK 893 B URL HTTP/1.1 www.polishedchaosbrows.ca/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
IP 199.34.228.164:0
File type JSON data\012- , ASCII text, with very long lines (893), with no line terminators
Hash a3694ff70076495087c6a98a0a2c7adf
3cdb574f0b7d23cf042eb7bbdef29e783c846cb3
765f4470bd7ec41d971817e5e321a2b04bf7530bbc8b8ffaf680555c1ed1e36e
Analyzer Verdict Alert fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig] HTTP/1.1
Host: www.polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-XSRF-TOKEN: eyJpdiI6IkQxaGhlWW9nRStFalZwelBuWFJWVUE9PSIsInZhbHVlIjoicit5VjlJU055dkR0RmRreWNRdVBac2ZscHJvNlNmWGZsZi92aHcyMG5YRGZZRmVjOVNDdFdSSzRTZVl3NWg2WnlRRDVKTFdUL0dibFAvL1lpY3J2MjdYQ1NTbjBZdkxwUkFzZ0VabVI1aWlOVG9HZis0Y3NjaXZSS3hsQU1Wb2siLCJtYWMiOiI2M2EwYjhkM2MyMTY5ODhmODI0NDI4NzZmYjI0MGVjNDZlNGQwNmIwMWM0OTkwNmViYzVhNGVmZDQzZTc2ZDg2IiwidGFnIjoiIn0=
Content-Length: 78
Origin: https://www.polishedchaosbrows.ca
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Cookie: publishedsite-xsrf=eyJpdiI6Ind6anJ2Q3UrU1BmdlA4REI4dDNDZXc9PSIsInZhbHVlIjoiL09FS05MdHlvSGRaTVhSNWJKWjJ1aXpBMjNqNll2Q2M1VVpyeHBUOThIN2hEN1BxQWwxTGx5YzYvb1RyUW0yL2ZyMDl6bksvZjJsNDBZL0ZHaWVsM3d4YU84MGVuVm5XNjZ6S2V4aUVmakFNYnVYYXc2ZmcxQTRWeHdIWjRMU2QiLCJtYWMiOiJiMTJkZWYyYzgzZWY4N2JhZWIyMjc0YTc4NzJiYzk1NjUxMDkzYWRiZWIwM2RjYWI5ZDVlODZhYzVhOGZjNjU1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IkQxaGhlWW9nRStFalZwelBuWFJWVUE9PSIsInZhbHVlIjoicit5VjlJU055dkR0RmRreWNRdVBac2ZscHJvNlNmWGZsZi92aHcyMG5YRGZZRmVjOVNDdFdSSzRTZVl3NWg2WnlRRDVKTFdUL0dibFAvL1lpY3J2MjdYQ1NTbjBZdkxwUkFzZ0VabVI1aWlOVG9HZis0Y3NjaXZSS3hsQU1Wb2siLCJtYWMiOiI2M2EwYjhkM2MyMTY5ODhmODI0NDI4NzZmYjI0MGVjNDZlNGQwNmIwMWM0OTkwNmViYzVhNGVmZDQzZTc2ZDg2IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IkMxM3g5ZzgzbWZRbHJnRkxRNDd1QUE9PSIsInZhbHVlIjoiWjFBMDFpNVFpdE92cHIvWlN4R29IQkJ2VHZyTzAwVU9xYldFN01JYlRkYlZYWVBZaU1TMG1iWWRYS0hPZjJISk80d0orSUFXM2t4c2ZYQkJXTklmVlR3Q043c09SYjNRRGVZc2FiVU9BSGNsOEJKT1NHbnlZMTZBVGNtZThENHUiLCJtYWMiOiI1NDFmMjBiNjNmYWFhOTY1ZDllYTM0YjlhOWVkZTNhNDFkNGJkYmNhOTJkOTUwZWQ0OThiZTI0MmM5Mzg1MDczIiwidGFnIjoiIn0%3D; _snow_ses.0500=*; _snow_id.0500=3e4aa3ce-44a1-49a6-b31d-7e1c307be712.1677109546.1.1677109546.1677109546.1fcaa3fc-5411-4d26-bac0-8917cda62073; _dd_s=rum=1&id=4902ce7f-d474-4c23-8c5f-1cca77543fab&created=1677109546313&expire=1677110446313
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 23:45:46 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu88.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 893
Keep-Alive: timeout=10, max=66
Connection: Keep-Alive
Content-Type: application/json
www.polishedchaosbrows.ca/static/icons/payment-methods/afterpay.svg
199.34.228.164200 OK 2.1 kB URL HTTP/1.1 www.polishedchaosbrows.ca/static/icons/payment-methods/afterpay.svg
IP 199.34.228.164:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (665)
Hash 260a26946c3308e835f83022e177e1aa
3ef5afcc903a2375bc686511214c5e9e535b2342
cb0d2b4c057e2dd0c0be626a3fc89c2fbfe23a8de627f2031d1c44de406ffc35
Analyzer Verdict Alert fortinet Phishing
GET /static/icons/payment-methods/afterpay.svg HTTP/1.1
Host: www.polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Cookie: publishedsite-xsrf=eyJpdiI6Ind6anJ2Q3UrU1BmdlA4REI4dDNDZXc9PSIsInZhbHVlIjoiL09FS05MdHlvSGRaTVhSNWJKWjJ1aXpBMjNqNll2Q2M1VVpyeHBUOThIN2hEN1BxQWwxTGx5YzYvb1RyUW0yL2ZyMDl6bksvZjJsNDBZL0ZHaWVsM3d4YU84MGVuVm5XNjZ6S2V4aUVmakFNYnVYYXc2ZmcxQTRWeHdIWjRMU2QiLCJtYWMiOiJiMTJkZWYyYzgzZWY4N2JhZWIyMjc0YTc4NzJiYzk1NjUxMDkzYWRiZWIwM2RjYWI5ZDVlODZhYzVhOGZjNjU1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IlVpK2FSOE0rNHY4eG9vU0pHZ3lGbVE9PSIsInZhbHVlIjoiVUcrWG5LTXc1eXJLKzBydUVvY1d3ZDJGdmF2L2tMUzhmNXBId3J6ZDNIWUZ5T1plWGx0bHJvVDNlZDN1ZDFMSXRwZzBCTENRaWt2NXBTSlB4c0NOS2pnbkJsTlhoSW5peWxRTlMwNkwrQjdFQnZka1NTNGpvUTRyZGx6aFVMSXIiLCJtYWMiOiJmNmQ2MGJlOTRiNWJmODZlYzY4Nzk1ZDQxOWRjNjU2MWJhNjA5MDE5Zjg3NGY0NjA0ZGM4YTNkZGUyMDRmMjY3IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IkMxM3g5ZzgzbWZRbHJnRkxRNDd1QUE9PSIsInZhbHVlIjoiWjFBMDFpNVFpdE92cHIvWlN4R29IQkJ2VHZyTzAwVU9xYldFN01JYlRkYlZYWVBZaU1TMG1iWWRYS0hPZjJISk80d0orSUFXM2t4c2ZYQkJXTklmVlR3Q043c09SYjNRRGVZc2FiVU9BSGNsOEJKT1NHbnlZMTZBVGNtZThENHUiLCJtYWMiOiI1NDFmMjBiNjNmYWFhOTY1ZDllYTM0YjlhOWVkZTNhNDFkNGJkYmNhOTJkOTUwZWQ0OThiZTI0MmM5Mzg1MDczIiwidGFnIjoiIn0%3D; _snow_ses.0500=*; _snow_id.0500=3e4aa3ce-44a1-49a6-b31d-7e1c307be712.1677109546.1.1677109546.1677109546.1fcaa3fc-5411-4d26-bac0-8917cda62073; _dd_s=rum=1&id=4902ce7f-d474-4c23-8c5f-1cca77543fab&created=1677109546313&expire=1677110446313; websitespring-xsrf=eyJpdiI6ImJXcC9vaU05QXNIUWtQc3lScVYramc9PSIsInZhbHVlIjoiSVVMZGRjUERyNlc4OW9TVFoyY0o3Z1llbFZxc09jRWdHKzZCZmZWRUVDSFUyejlTZkd1L1F6VXhScUxMMWl4ZjdkRi9lTWNpandsWVBaZ1dYa2JsVEZGS2NoWnVIV0dZK2VBUVU0bEprUzRidkRuS0xHNUpwWnczNVl0ZHZOV1AiLCJtYWMiOiI0ZDczODc0MTg2ZWZhYzI3YWQ3ZTZiOTQ1MzYwNWE3Njc5NGU4ZWRkNWM0ZWVjMzI4MzVkMGM1YTRjOGQyOGI5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 23:45:47 GMT
Content-Type: image/svg+xml
Content-Length: 2148
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "260a26946c3308e835f83022e177e1aa"
x-amz-request-id: tx000000000000001ac6d8e-00628473fb-b9fbc64-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu72.sf2p.intern.weebly.net
X-Revision: ad524d41b789951db95b31467c753b2cc6d2959e
X-Request-ID: 02fa509c22abc19a8972d49d53b613f5
cdn5.editmysite.com/app/store/api/v23/editor/users/136967202/sites/873160719739443544/store-locations?page=1&per_page=100&include=address,free_fulfillment_conditions&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1
151.101.193.46200 OK 1.9 kB URL HTTP/2 cdn5.editmysite.com/app/store/api/v23/editor/users/136967202/sites/873160719739443544/store-locations?page=1&per_page=100&include=address,free_fulfillment_conditions&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1
IP 151.101.193.46:0
File type JSON data\012- , ASCII text, with very long lines (5072), with no line terminators
Hash e80678801109a33177580f1fecf4ccc5
b36affdbf407d383622a188a824455f6690efc9f
2a5c0fdc71d208048d46f8a822d674c2ad9360902dc1a5ed3cebfe48d90cdafd
GET /app/store/api/v23/editor/users/136967202/sites/873160719739443544/store-locations?page=1&per_page=100&include=address,free_fulfillment_conditions&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1 HTTP/1.1
Host: cdn5.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.polishedchaosbrows.ca
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/json
cache-control: s-maxage=604800
etag: W/"43d41aa97b00de5963a3dda6a7be33fc"
access-control-allow-methods: GET, HEAD
fullcache: m
x-revision: d590f6c93b16e954d320e1b1ea64dd79511af5a6
x-request-id: 3c7d8d50bb3e5e6232a95d62fc98c986
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Wed, 22 Feb 2023 23:45:47 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1677109546.376392,VS0,VE818
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1875
X-Firefox-Spdy: h2
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-ad524d4&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=be9568a8-dd92-4f84-907b-a6303b139e43&batch_time=1677109547151
3.233.159.160202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-ad524d4&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=be9568a8-dd92-4f84-907b-a6303b139e43&batch_time=1677109547151
IP 3.233.159.160:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3ab5e6029b13085ebce6f1afce51e917
231ffe62e62967d216120bd32be8c680c1aeb064
0d4026e1d14975f291e895b4f84e05a3b239df3e6a2f39742bea818d5e51bb61
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-ad524d4&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=be9568a8-dd92-4f84-907b-a6303b139e43&batch_time=1677109547151 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15733
Origin: https://www.polishedchaosbrows.ca
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Wed, 22 Feb 2023 23:45:47 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f00d82305e7457aae50b3ba04a844360
87fbf7ea49140d6b3f999f89efd6943f8859b9a1
bd779d3c39a774fdd54d9f52e587bdda0aeff9d004df8db206739cba83080bc2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 634
Cache-Control: max-age=118172
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 23:45:47 GMT
Etag: "63f5d14d-1d7"
Expires: Fri, 24 Feb 2023 08:35:19 GMT
Last-Modified: Wed, 22 Feb 2023 08:24:45 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash be5a1814429d0a129322abda3791987f
9e0eeee65e17a9c6df149ed1f01d3d7194833fd8
75afa897dd6f4b97b0697589569c7c4f87e32b79addf981febc78a4ff741210e
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: BsVheHo85o3JebDwBDpP8yGu4JLcD/8gSspUwOiam1LNhHYzZ5rhKVQGnyJlLIMQRc7yf7Q9aU6Shou5J+a9wA==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1904183273
date: Wed, 22 Feb 2023 23:45:47 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f00d82305e7457aae50b3ba04a844360
87fbf7ea49140d6b3f999f89efd6943f8859b9a1
bd779d3c39a774fdd54d9f52e587bdda0aeff9d004df8db206739cba83080bc2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 634
Cache-Control: max-age=118172
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 23:45:47 GMT
Etag: "63f5d14d-1d7"
Expires: Fri, 24 Feb 2023 08:35:19 GMT
Last-Modified: Wed, 22 Feb 2023 08:24:45 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
www.polishedchaosbrows.ca/uploads/b/15db6d80-9296-11eb-8817-df454acb2a83/icon_180x180_ios_NTE1OD.png?width=180
199.34.228.164200 OK 2.3 kB URL HTTP/1.1 www.polishedchaosbrows.ca/uploads/b/15db6d80-9296-11eb-8817-df454acb2a83/icon_180x180_ios_NTE1OD.png?width=180
IP 199.34.228.164:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash de6471d0ccaf7d80c05c851f5518b74c
0785d4523f48d35ba85dcbde0d1e789afd3b65b2
731524473216cfdb4ecb9b737d9674752002494a132d060d476a6ac8a53bc4ce
Analyzer Verdict Alert fortinet Phishing
GET /uploads/b/15db6d80-9296-11eb-8817-df454acb2a83/icon_180x180_ios_NTE1OD.png?width=180 HTTP/1.1
Host: www.polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Cookie: publishedsite-xsrf=eyJpdiI6Ind6anJ2Q3UrU1BmdlA4REI4dDNDZXc9PSIsInZhbHVlIjoiL09FS05MdHlvSGRaTVhSNWJKWjJ1aXpBMjNqNll2Q2M1VVpyeHBUOThIN2hEN1BxQWwxTGx5YzYvb1RyUW0yL2ZyMDl6bksvZjJsNDBZL0ZHaWVsM3d4YU84MGVuVm5XNjZ6S2V4aUVmakFNYnVYYXc2ZmcxQTRWeHdIWjRMU2QiLCJtYWMiOiJiMTJkZWYyYzgzZWY4N2JhZWIyMjc0YTc4NzJiYzk1NjUxMDkzYWRiZWIwM2RjYWI5ZDVlODZhYzVhOGZjNjU1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IlVpK2FSOE0rNHY4eG9vU0pHZ3lGbVE9PSIsInZhbHVlIjoiVUcrWG5LTXc1eXJLKzBydUVvY1d3ZDJGdmF2L2tMUzhmNXBId3J6ZDNIWUZ5T1plWGx0bHJvVDNlZDN1ZDFMSXRwZzBCTENRaWt2NXBTSlB4c0NOS2pnbkJsTlhoSW5peWxRTlMwNkwrQjdFQnZka1NTNGpvUTRyZGx6aFVMSXIiLCJtYWMiOiJmNmQ2MGJlOTRiNWJmODZlYzY4Nzk1ZDQxOWRjNjU2MWJhNjA5MDE5Zjg3NGY0NjA0ZGM4YTNkZGUyMDRmMjY3IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IkMxM3g5ZzgzbWZRbHJnRkxRNDd1QUE9PSIsInZhbHVlIjoiWjFBMDFpNVFpdE92cHIvWlN4R29IQkJ2VHZyTzAwVU9xYldFN01JYlRkYlZYWVBZaU1TMG1iWWRYS0hPZjJISk80d0orSUFXM2t4c2ZYQkJXTklmVlR3Q043c09SYjNRRGVZc2FiVU9BSGNsOEJKT1NHbnlZMTZBVGNtZThENHUiLCJtYWMiOiI1NDFmMjBiNjNmYWFhOTY1ZDllYTM0YjlhOWVkZTNhNDFkNGJkYmNhOTJkOTUwZWQ0OThiZTI0MmM5Mzg1MDczIiwidGFnIjoiIn0%3D; _snow_ses.0500=*; _snow_id.0500=3e4aa3ce-44a1-49a6-b31d-7e1c307be712.1677109546.1.1677109546.1677109546.1fcaa3fc-5411-4d26-bac0-8917cda62073; _dd_s=rum=1&id=4902ce7f-d474-4c23-8c5f-1cca77543fab&created=1677109546313&expire=1677110446313; websitespring-xsrf=eyJpdiI6ImJXcC9vaU05QXNIUWtQc3lScVYramc9PSIsInZhbHVlIjoiSVVMZGRjUERyNlc4OW9TVFoyY0o3Z1llbFZxc09jRWdHKzZCZmZWRUVDSFUyejlTZkd1L1F6VXhScUxMMWl4ZjdkRi9lTWNpandsWVBaZ1dYa2JsVEZGS2NoWnVIV0dZK2VBUVU0bEprUzRidkRuS0xHNUpwWnczNVl0ZHZOV1AiLCJtYWMiOiI0ZDczODc0MTg2ZWZhYzI3YWQ3ZTZiOTQ1MzYwNWE3Njc5NGU4ZWRkNWM0ZWVjMzI4MzVkMGM1YTRjOGQyOGI5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 23:45:47 GMT
Content-Type: image/webp
Content-Length: 2284
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "1abixT9w7W9lJduV4w+Rmp84HDznYRowRGJ12LLG2C4"
Fastly-Io-Info: ifsz=3478 idim=180x180 ifmt=png ofsz=2284 odim=180x180 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx0000000000000786da116-0063f03c94-c669cc6-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: za2fe
X-Storage-Object: a2fed340b6ea2f6ee8254b871111bb4ef25f7e5e0d79c10e21c7a80315dc311a
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-sjc10048-SJC, cache-pao17448-PAO
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1677109547.366636,VS0,VE20
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn23.sf2p.intern.weebly.net
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
54.188.178.80200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 54.188.178.80:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 2336
Origin: https://www.polishedchaosbrows.ca
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Cookie: sp=726e0faf-92a8-4b33-b606-e5479c286f6f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Feb 2023 23:45:47 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=726e0faf-92a8-4b33-b606-e5479c286f6f; Expires=Thu, 22 Feb 2024 23:45:47 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.polishedchaosbrows.ca
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
54.188.178.80200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 54.188.178.80:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1795
Origin: https://www.polishedchaosbrows.ca
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Cookie: sp=726e0faf-92a8-4b33-b606-e5479c286f6f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Feb 2023 23:45:47 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=726e0faf-92a8-4b33-b606-e5479c286f6f; Expires=Thu, 22 Feb 2024 23:45:47 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.polishedchaosbrows.ca
access-control-allow-credentials: true
X-Firefox-Spdy: h2
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-ad524d4&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=0d82dbab-5420-4012-ae24-276173ac8d25&batch_time=1677109548135
3.233.159.160202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-ad524d4&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=0d82dbab-5420-4012-ae24-276173ac8d25&batch_time=1677109548135
IP 3.233.159.160:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b45003a0750f111c950a3c8d645fa415
3bf3d93e4a2518d8eab701070276d166e5ea8fef
cacb1f06aa166ece433511ab088f74f09ab7b2a38c37b92fab22bb3ab89cc80d
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-ad524d4&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=0d82dbab-5420-4012-ae24-276173ac8d25&batch_time=1677109548135 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15928
Origin: https://www.polishedchaosbrows.ca
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Wed, 22 Feb 2023 23:45:47 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-ad524d4&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=24416227-c85c-46a7-acc1-d085a94f96c8&batch_time=1677109548250
3.233.159.160202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-ad524d4&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=24416227-c85c-46a7-acc1-d085a94f96c8&batch_time=1677109548250
IP 3.233.159.160:0
File type JSON data\012- , ASCII text, with no line terminators
Hash dd19a7d5bc89d1a8be96314d2d9eb426
8ce3d6ccf873fbb7082f717de8c1c9cdce9d7d35
bf883b640a645c01aa6fc12523fb96127b6d3b3b5da0e01247635951c305d159
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-ad524d4&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=24416227-c85c-46a7-acc1-d085a94f96c8&batch_time=1677109548250 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 16172
Origin: https://www.polishedchaosbrows.ca
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Wed, 22 Feb 2023 23:45:47 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
www.polishedchaosbrows.ca/app/website/square.ico
199.34.228.164200 OK 6.5 kB URL HTTP/1.1 www.polishedchaosbrows.ca/app/website/square.ico
IP 199.34.228.164:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash d810985ef4dc1c0bd5811e36d13c8ca3
2b45bb77c68c937af6a2d9854dc82301526473aa
770e0889aefd823056c7cdbb066a445be0f0754c1b4d4cba877e120fdbcb63e6
Analyzer Verdict Alert fortinet Phishing
GET /app/website/square.ico HTTP/1.1
Host: www.polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Cookie: publishedsite-xsrf=eyJpdiI6Ind6anJ2Q3UrU1BmdlA4REI4dDNDZXc9PSIsInZhbHVlIjoiL09FS05MdHlvSGRaTVhSNWJKWjJ1aXpBMjNqNll2Q2M1VVpyeHBUOThIN2hEN1BxQWwxTGx5YzYvb1RyUW0yL2ZyMDl6bksvZjJsNDBZL0ZHaWVsM3d4YU84MGVuVm5XNjZ6S2V4aUVmakFNYnVYYXc2ZmcxQTRWeHdIWjRMU2QiLCJtYWMiOiJiMTJkZWYyYzgzZWY4N2JhZWIyMjc0YTc4NzJiYzk1NjUxMDkzYWRiZWIwM2RjYWI5ZDVlODZhYzVhOGZjNjU1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IlVpK2FSOE0rNHY4eG9vU0pHZ3lGbVE9PSIsInZhbHVlIjoiVUcrWG5LTXc1eXJLKzBydUVvY1d3ZDJGdmF2L2tMUzhmNXBId3J6ZDNIWUZ5T1plWGx0bHJvVDNlZDN1ZDFMSXRwZzBCTENRaWt2NXBTSlB4c0NOS2pnbkJsTlhoSW5peWxRTlMwNkwrQjdFQnZka1NTNGpvUTRyZGx6aFVMSXIiLCJtYWMiOiJmNmQ2MGJlOTRiNWJmODZlYzY4Nzk1ZDQxOWRjNjU2MWJhNjA5MDE5Zjg3NGY0NjA0ZGM4YTNkZGUyMDRmMjY3IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IkMxM3g5ZzgzbWZRbHJnRkxRNDd1QUE9PSIsInZhbHVlIjoiWjFBMDFpNVFpdE92cHIvWlN4R29IQkJ2VHZyTzAwVU9xYldFN01JYlRkYlZYWVBZaU1TMG1iWWRYS0hPZjJISk80d0orSUFXM2t4c2ZYQkJXTklmVlR3Q043c09SYjNRRGVZc2FiVU9BSGNsOEJKT1NHbnlZMTZBVGNtZThENHUiLCJtYWMiOiI1NDFmMjBiNjNmYWFhOTY1ZDllYTM0YjlhOWVkZTNhNDFkNGJkYmNhOTJkOTUwZWQ0OThiZTI0MmM5Mzg1MDczIiwidGFnIjoiIn0%3D; _snow_ses.0500=*; _snow_id.0500=3e4aa3ce-44a1-49a6-b31d-7e1c307be712.1677109546.1.1677109548.1677109546.1fcaa3fc-5411-4d26-bac0-8917cda62073; _dd_s=rum=1&id=4902ce7f-d474-4c23-8c5f-1cca77543fab&created=1677109546313&expire=1677110446313; websitespring-xsrf=eyJpdiI6ImJXcC9vaU05QXNIUWtQc3lScVYramc9PSIsInZhbHVlIjoiSVVMZGRjUERyNlc4OW9TVFoyY0o3Z1llbFZxc09jRWdHKzZCZmZWRUVDSFUyejlTZkd1L1F6VXhScUxMMWl4ZjdkRi9lTWNpandsWVBaZ1dYa2JsVEZGS2NoWnVIV0dZK2VBUVU0bEprUzRidkRuS0xHNUpwWnczNVl0ZHZOV1AiLCJtYWMiOiI0ZDczODc0MTg2ZWZhYzI3YWQ3ZTZiOTQ1MzYwNWE3Njc5NGU4ZWRkNWM0ZWVjMzI4MzVkMGM1YTRjOGQyOGI5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2023 23:45:47 GMT
Content-Type: image/x-icon
Content-Length: 6518
Connection: keep-alive
Last-Modified: Tue, 02 Apr 2019 14:51:59 GMT
x-rgw-object-type: Normal
ETag: "d810985ef4dc1c0bd5811e36d13c8ca3"
x-amz-request-id: tx000000000000001a88764-00628473fc-b9fbc20-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn38.sf2p.intern.weebly.net
X-Revision: ad524d41b789951db95b31467c753b2cc6d2959e
X-Request-ID: aae490f2a65c39fe6f72e80a4620dafd
www.polishedchaosbrows.ca/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
199.34.228.164200 OK 79 B URL HTTP/1.1 www.polishedchaosbrows.ca/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
IP 199.34.228.164:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 26e70d9925604cbe0c7e866fc54d87f4
ef5b3fb91cf2534cbf57806d14b21f0a5ae5c259
c0e7b562566962eced45cdf3319b692c55f3df7c3c6d39436a9d21bae2d2e049
Analyzer Verdict Alert fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable] HTTP/1.1
Host: www.polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6IlVpK2FSOE0rNHY4eG9vU0pHZ3lGbVE9PSIsInZhbHVlIjoiVUcrWG5LTXc1eXJLKzBydUVvY1d3ZDJGdmF2L2tMUzhmNXBId3J6ZDNIWUZ5T1plWGx0bHJvVDNlZDN1ZDFMSXRwZzBCTENRaWt2NXBTSlB4c0NOS2pnbkJsTlhoSW5peWxRTlMwNkwrQjdFQnZka1NTNGpvUTRyZGx6aFVMSXIiLCJtYWMiOiJmNmQ2MGJlOTRiNWJmODZlYzY4Nzk1ZDQxOWRjNjU2MWJhNjA5MDE5Zjg3NGY0NjA0ZGM4YTNkZGUyMDRmMjY3IiwidGFnIjoiIn0=
Content-Length: 77
Origin: https://www.polishedchaosbrows.ca
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Cookie: publishedsite-xsrf=eyJpdiI6Ind6anJ2Q3UrU1BmdlA4REI4dDNDZXc9PSIsInZhbHVlIjoiL09FS05MdHlvSGRaTVhSNWJKWjJ1aXpBMjNqNll2Q2M1VVpyeHBUOThIN2hEN1BxQWwxTGx5YzYvb1RyUW0yL2ZyMDl6bksvZjJsNDBZL0ZHaWVsM3d4YU84MGVuVm5XNjZ6S2V4aUVmakFNYnVYYXc2ZmcxQTRWeHdIWjRMU2QiLCJtYWMiOiJiMTJkZWYyYzgzZWY4N2JhZWIyMjc0YTc4NzJiYzk1NjUxMDkzYWRiZWIwM2RjYWI5ZDVlODZhYzVhOGZjNjU1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IlVpK2FSOE0rNHY4eG9vU0pHZ3lGbVE9PSIsInZhbHVlIjoiVUcrWG5LTXc1eXJLKzBydUVvY1d3ZDJGdmF2L2tMUzhmNXBId3J6ZDNIWUZ5T1plWGx0bHJvVDNlZDN1ZDFMSXRwZzBCTENRaWt2NXBTSlB4c0NOS2pnbkJsTlhoSW5peWxRTlMwNkwrQjdFQnZka1NTNGpvUTRyZGx6aFVMSXIiLCJtYWMiOiJmNmQ2MGJlOTRiNWJmODZlYzY4Nzk1ZDQxOWRjNjU2MWJhNjA5MDE5Zjg3NGY0NjA0ZGM4YTNkZGUyMDRmMjY3IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IkMxM3g5ZzgzbWZRbHJnRkxRNDd1QUE9PSIsInZhbHVlIjoiWjFBMDFpNVFpdE92cHIvWlN4R29IQkJ2VHZyTzAwVU9xYldFN01JYlRkYlZYWVBZaU1TMG1iWWRYS0hPZjJISk80d0orSUFXM2t4c2ZYQkJXTklmVlR3Q043c09SYjNRRGVZc2FiVU9BSGNsOEJKT1NHbnlZMTZBVGNtZThENHUiLCJtYWMiOiI1NDFmMjBiNjNmYWFhOTY1ZDllYTM0YjlhOWVkZTNhNDFkNGJkYmNhOTJkOTUwZWQ0OThiZTI0MmM5Mzg1MDczIiwidGFnIjoiIn0%3D; _snow_ses.0500=*; _snow_id.0500=3e4aa3ce-44a1-49a6-b31d-7e1c307be712.1677109546.1.1677109548.1677109546.1fcaa3fc-5411-4d26-bac0-8917cda62073; _dd_s=rum=1&id=4902ce7f-d474-4c23-8c5f-1cca77543fab&created=1677109546313&expire=1677110446313; websitespring-xsrf=eyJpdiI6ImJXcC9vaU05QXNIUWtQc3lScVYramc9PSIsInZhbHVlIjoiSVVMZGRjUERyNlc4OW9TVFoyY0o3Z1llbFZxc09jRWdHKzZCZmZWRUVDSFUyejlTZkd1L1F6VXhScUxMMWl4ZjdkRi9lTWNpandsWVBaZ1dYa2JsVEZGS2NoWnVIV0dZK2VBUVU0bEprUzRidkRuS0xHNUpwWnczNVl0ZHZOV1AiLCJtYWMiOiI0ZDczODc0MTg2ZWZhYzI3YWQ3ZTZiOTQ1MzYwNWE3Njc5NGU4ZWRkNWM0ZWVjMzI4MzVkMGM1YTRjOGQyOGI5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 23:45:47 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu88.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 79
Keep-Alive: timeout=10, max=72
Connection: Keep-Alive
Content-Type: application/json
www.polishedchaosbrows.ca/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
199.34.228.164200 OK 182 B URL HTTP/1.1 www.polishedchaosbrows.ca/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
IP 199.34.228.164:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6f6b6b81dd3714cd388808342e960a10
f34bc92a2c7a4dfe56bd6f069ad601e6a61e3b61
2eb22bb7b96aaee11236fcf99e822ede29d3a2ddf2d6f019bb70005b5a1540ef
Analyzer Verdict Alert fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder] HTTP/1.1
Host: www.polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6IlVpK2FSOE0rNHY4eG9vU0pHZ3lGbVE9PSIsInZhbHVlIjoiVUcrWG5LTXc1eXJLKzBydUVvY1d3ZDJGdmF2L2tMUzhmNXBId3J6ZDNIWUZ5T1plWGx0bHJvVDNlZDN1ZDFMSXRwZzBCTENRaWt2NXBTSlB4c0NOS2pnbkJsTlhoSW5peWxRTlMwNkwrQjdFQnZka1NTNGpvUTRyZGx6aFVMSXIiLCJtYWMiOiJmNmQ2MGJlOTRiNWJmODZlYzY4Nzk1ZDQxOWRjNjU2MWJhNjA5MDE5Zjg3NGY0NjA0ZGM4YTNkZGUyMDRmMjY3IiwidGFnIjoiIn0=
Content-Length: 89
Origin: https://www.polishedchaosbrows.ca
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Cookie: publishedsite-xsrf=eyJpdiI6Ind6anJ2Q3UrU1BmdlA4REI4dDNDZXc9PSIsInZhbHVlIjoiL09FS05MdHlvSGRaTVhSNWJKWjJ1aXpBMjNqNll2Q2M1VVpyeHBUOThIN2hEN1BxQWwxTGx5YzYvb1RyUW0yL2ZyMDl6bksvZjJsNDBZL0ZHaWVsM3d4YU84MGVuVm5XNjZ6S2V4aUVmakFNYnVYYXc2ZmcxQTRWeHdIWjRMU2QiLCJtYWMiOiJiMTJkZWYyYzgzZWY4N2JhZWIyMjc0YTc4NzJiYzk1NjUxMDkzYWRiZWIwM2RjYWI5ZDVlODZhYzVhOGZjNjU1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IlVpK2FSOE0rNHY4eG9vU0pHZ3lGbVE9PSIsInZhbHVlIjoiVUcrWG5LTXc1eXJLKzBydUVvY1d3ZDJGdmF2L2tMUzhmNXBId3J6ZDNIWUZ5T1plWGx0bHJvVDNlZDN1ZDFMSXRwZzBCTENRaWt2NXBTSlB4c0NOS2pnbkJsTlhoSW5peWxRTlMwNkwrQjdFQnZka1NTNGpvUTRyZGx6aFVMSXIiLCJtYWMiOiJmNmQ2MGJlOTRiNWJmODZlYzY4Nzk1ZDQxOWRjNjU2MWJhNjA5MDE5Zjg3NGY0NjA0ZGM4YTNkZGUyMDRmMjY3IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IkMxM3g5ZzgzbWZRbHJnRkxRNDd1QUE9PSIsInZhbHVlIjoiWjFBMDFpNVFpdE92cHIvWlN4R29IQkJ2VHZyTzAwVU9xYldFN01JYlRkYlZYWVBZaU1TMG1iWWRYS0hPZjJISk80d0orSUFXM2t4c2ZYQkJXTklmVlR3Q043c09SYjNRRGVZc2FiVU9BSGNsOEJKT1NHbnlZMTZBVGNtZThENHUiLCJtYWMiOiI1NDFmMjBiNjNmYWFhOTY1ZDllYTM0YjlhOWVkZTNhNDFkNGJkYmNhOTJkOTUwZWQ0OThiZTI0MmM5Mzg1MDczIiwidGFnIjoiIn0%3D; _snow_ses.0500=*; _snow_id.0500=3e4aa3ce-44a1-49a6-b31d-7e1c307be712.1677109546.1.1677109548.1677109546.1fcaa3fc-5411-4d26-bac0-8917cda62073; _dd_s=rum=1&id=4902ce7f-d474-4c23-8c5f-1cca77543fab&created=1677109546313&expire=1677110446313; websitespring-xsrf=eyJpdiI6ImJXcC9vaU05QXNIUWtQc3lScVYramc9PSIsInZhbHVlIjoiSVVMZGRjUERyNlc4OW9TVFoyY0o3Z1llbFZxc09jRWdHKzZCZmZWRUVDSFUyejlTZkd1L1F6VXhScUxMMWl4ZjdkRi9lTWNpandsWVBaZ1dYa2JsVEZGS2NoWnVIV0dZK2VBUVU0bEprUzRidkRuS0xHNUpwWnczNVl0ZHZOV1AiLCJtYWMiOiI0ZDczODc0MTg2ZWZhYzI3YWQ3ZTZiOTQ1MzYwNWE3Njc5NGU4ZWRkNWM0ZWVjMzI4MzVkMGM1YTRjOGQyOGI5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 23:45:47 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn86.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 182
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
www.polishedchaosbrows.ca/app/cms/api/v1/instagram/15db6d80-9296-11eb-8817-df454acb2a83/profile-data
199.34.228.164200 OK 39 B URL HTTP/1.1 www.polishedchaosbrows.ca/app/cms/api/v1/instagram/15db6d80-9296-11eb-8817-df454acb2a83/profile-data
IP 199.34.228.164:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fb50552d7be0b15ffd875194d1386bb7
662837e29c887e87e95b33ce9141d84a11f07a0e
f1c93b95318436ddb90c6c49553a48cea691630b0dee38a043336b06e40dbb13
Analyzer Verdict Alert fortinet Phishing
GET /app/cms/api/v1/instagram/15db6d80-9296-11eb-8817-df454acb2a83/profile-data HTTP/1.1
Host: www.polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IlVpK2FSOE0rNHY4eG9vU0pHZ3lGbVE9PSIsInZhbHVlIjoiVUcrWG5LTXc1eXJLKzBydUVvY1d3ZDJGdmF2L2tMUzhmNXBId3J6ZDNIWUZ5T1plWGx0bHJvVDNlZDN1ZDFMSXRwZzBCTENRaWt2NXBTSlB4c0NOS2pnbkJsTlhoSW5peWxRTlMwNkwrQjdFQnZka1NTNGpvUTRyZGx6aFVMSXIiLCJtYWMiOiJmNmQ2MGJlOTRiNWJmODZlYzY4Nzk1ZDQxOWRjNjU2MWJhNjA5MDE5Zjg3NGY0NjA0ZGM4YTNkZGUyMDRmMjY3IiwidGFnIjoiIn0=
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Cookie: publishedsite-xsrf=eyJpdiI6Ind6anJ2Q3UrU1BmdlA4REI4dDNDZXc9PSIsInZhbHVlIjoiL09FS05MdHlvSGRaTVhSNWJKWjJ1aXpBMjNqNll2Q2M1VVpyeHBUOThIN2hEN1BxQWwxTGx5YzYvb1RyUW0yL2ZyMDl6bksvZjJsNDBZL0ZHaWVsM3d4YU84MGVuVm5XNjZ6S2V4aUVmakFNYnVYYXc2ZmcxQTRWeHdIWjRMU2QiLCJtYWMiOiJiMTJkZWYyYzgzZWY4N2JhZWIyMjc0YTc4NzJiYzk1NjUxMDkzYWRiZWIwM2RjYWI5ZDVlODZhYzVhOGZjNjU1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IlVpK2FSOE0rNHY4eG9vU0pHZ3lGbVE9PSIsInZhbHVlIjoiVUcrWG5LTXc1eXJLKzBydUVvY1d3ZDJGdmF2L2tMUzhmNXBId3J6ZDNIWUZ5T1plWGx0bHJvVDNlZDN1ZDFMSXRwZzBCTENRaWt2NXBTSlB4c0NOS2pnbkJsTlhoSW5peWxRTlMwNkwrQjdFQnZka1NTNGpvUTRyZGx6aFVMSXIiLCJtYWMiOiJmNmQ2MGJlOTRiNWJmODZlYzY4Nzk1ZDQxOWRjNjU2MWJhNjA5MDE5Zjg3NGY0NjA0ZGM4YTNkZGUyMDRmMjY3IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IkMxM3g5ZzgzbWZRbHJnRkxRNDd1QUE9PSIsInZhbHVlIjoiWjFBMDFpNVFpdE92cHIvWlN4R29IQkJ2VHZyTzAwVU9xYldFN01JYlRkYlZYWVBZaU1TMG1iWWRYS0hPZjJISk80d0orSUFXM2t4c2ZYQkJXTklmVlR3Q043c09SYjNRRGVZc2FiVU9BSGNsOEJKT1NHbnlZMTZBVGNtZThENHUiLCJtYWMiOiI1NDFmMjBiNjNmYWFhOTY1ZDllYTM0YjlhOWVkZTNhNDFkNGJkYmNhOTJkOTUwZWQ0OThiZTI0MmM5Mzg1MDczIiwidGFnIjoiIn0%3D; _snow_ses.0500=*; _snow_id.0500=3e4aa3ce-44a1-49a6-b31d-7e1c307be712.1677109546.1.1677109548.1677109546.1fcaa3fc-5411-4d26-bac0-8917cda62073; _dd_s=rum=1&id=4902ce7f-d474-4c23-8c5f-1cca77543fab&created=1677109546313&expire=1677110446313; websitespring-xsrf=eyJpdiI6ImJXcC9vaU05QXNIUWtQc3lScVYramc9PSIsInZhbHVlIjoiSVVMZGRjUERyNlc4OW9TVFoyY0o3Z1llbFZxc09jRWdHKzZCZmZWRUVDSFUyejlTZkd1L1F6VXhScUxMMWl4ZjdkRi9lTWNpandsWVBaZ1dYa2JsVEZGS2NoWnVIV0dZK2VBUVU0bEprUzRidkRuS0xHNUpwWnczNVl0ZHZOV1AiLCJtYWMiOiI0ZDczODc0MTg2ZWZhYzI3YWQ3ZTZiOTQ1MzYwNWE3Njc5NGU4ZWRkNWM0ZWVjMzI4MzVkMGM1YTRjOGQyOGI5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Wed, 22 Feb 2023 23:45:48 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6Ii9lWURBLzFERjIvT1pTbmVOSlpUZWc9PSIsInZhbHVlIjoiUnBMMFBXc3RsZUlpZXQ4aFZ3cjlPZ1VUbzRDdmVlYnI3K1RPV0w4R2RRdXZPSG5zYlNUdFp6dDE2ajNpMkNIcUh0S1NRaWx4VjVkZHhseGQvZmJ3d0Y1MjdDRG4yTDk0TG5sZTBuaXRPUTd2M0h4NWxrUy9uRG0vakFwa2UwZ2EiLCJtYWMiOiI3OTdkMGRhNWU5MDcyN2IyOTBmYTI5MDRiYTExNDEyOWY3MjQyNjBmOGViY2Y2NDdkMjA0NDc0OTY5NTNhNzAyIiwidGFnIjoiIn0%3D; expires=Wed, 08-Mar-2023 23:45:48 GMT; Max-Age=1209600; path=/; samesite=lax
XSRF-TOKEN=eyJpdiI6IndCZjhtYkdCTGl6WUVPNEpyT3pQSHc9PSIsInZhbHVlIjoiNWI0VDRmU3hxOUFGQytDVm95RCtocitnUzRsdU54MkIzSGNWaStCUTFDSm83UnpDdVZPeGk3NVIrTEt3RXVvNjBPdDZJeU1zWHZKNEgxMzZqa0l1VE45NkhXcVNNR0k0TzVXMmNzeGpoQUV0U1BVVi9ZM2VTTk01aUVCT0NrRDMiLCJtYWMiOiI0OTA0YjhhN2JkOWMwMDY3OWNiMTQxMzg1ZWM4ZDQzZWIzNGFmMmFlNTEwNDRiNTM3OWVjZGJiNjQ0OTBjZmNjIiwidGFnIjoiIn0%3D; expires=Wed, 08-Mar-2023 23:45:48 GMT; Max-Age=1209600; path=/; samesite=lax
PublishedSiteSession=eyJpdiI6Im9pblJXRXJwUm5aMUVDOGxZSEpvb3c9PSIsInZhbHVlIjoibW5hZ2hCcWdLdzR6dEFmRjRjRU1qdHFQZ3pTT0lOSjdpekhPUW00UGNFaXliK29vekduTHFLR2d3L1piaUxyeUlWTUJodGxOTFFVbWx1WGhNeFBzdkpySnFocWFzcE1RVUJrT2t0b244V2ZnWHNEVVkrbWZpQmRvVk5kbFd3M0ciLCJtYWMiOiI0YjA2ZjVlZmZhOThjZGU2ZjAwNmEyYWIzMWIwNmI4Mzc5MzVkMmQ1OWQxZDFmMzlhNzZkNDEyNmE1NjZmZDhhIiwidGFnIjoiIn0%3D; expires=Wed, 08-Mar-2023 23:45:48 GMT; Max-Age=1209600; path=/; httponly; samesite=lax
X-Host: blu56.sf2p.intern.weebly.net
X-Revision: ad524d41b789951db95b31467c753b2cc6d2959e
X-Request-ID: f7fd65e505fd83bb435f58cbaa908ee2
Content-Encoding: gzip
www.polishedchaosbrows.ca/app/cms/api/v1/instagram/15db6d80-9296-11eb-8817-df454acb2a83/assets?per_page=9&show_hidden=0
199.34.228.164200 OK 4.4 kB URL HTTP/1.1 www.polishedchaosbrows.ca/app/cms/api/v1/instagram/15db6d80-9296-11eb-8817-df454acb2a83/assets?per_page=9&show_hidden=0
IP 199.34.228.164:0
File type JSON data\012- , ASCII text, with very long lines (15252), with no line terminators
Hash f88c511d25e1e49a192a1f4c0522af4f
b5ffd9bf100149d605fe0ecd28654d352be61fde
0928d9e46c10dd8bc0b6b957a760f996bfdbaf9b210a31509849cf84af7051c7
GET /app/cms/api/v1/instagram/15db6d80-9296-11eb-8817-df454acb2a83/assets?per_page=9&show_hidden=0 HTTP/1.1
Host: www.polishedchaosbrows.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IlVpK2FSOE0rNHY4eG9vU0pHZ3lGbVE9PSIsInZhbHVlIjoiVUcrWG5LTXc1eXJLKzBydUVvY1d3ZDJGdmF2L2tMUzhmNXBId3J6ZDNIWUZ5T1plWGx0bHJvVDNlZDN1ZDFMSXRwZzBCTENRaWt2NXBTSlB4c0NOS2pnbkJsTlhoSW5peWxRTlMwNkwrQjdFQnZka1NTNGpvUTRyZGx6aFVMSXIiLCJtYWMiOiJmNmQ2MGJlOTRiNWJmODZlYzY4Nzk1ZDQxOWRjNjU2MWJhNjA5MDE5Zjg3NGY0NjA0ZGM4YTNkZGUyMDRmMjY3IiwidGFnIjoiIn0=
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Cookie: publishedsite-xsrf=eyJpdiI6Ind6anJ2Q3UrU1BmdlA4REI4dDNDZXc9PSIsInZhbHVlIjoiL09FS05MdHlvSGRaTVhSNWJKWjJ1aXpBMjNqNll2Q2M1VVpyeHBUOThIN2hEN1BxQWwxTGx5YzYvb1RyUW0yL2ZyMDl6bksvZjJsNDBZL0ZHaWVsM3d4YU84MGVuVm5XNjZ6S2V4aUVmakFNYnVYYXc2ZmcxQTRWeHdIWjRMU2QiLCJtYWMiOiJiMTJkZWYyYzgzZWY4N2JhZWIyMjc0YTc4NzJiYzk1NjUxMDkzYWRiZWIwM2RjYWI5ZDVlODZhYzVhOGZjNjU1IiwidGFnIjoiIn0%3D; XSRF-TOKEN=eyJpdiI6IlVpK2FSOE0rNHY4eG9vU0pHZ3lGbVE9PSIsInZhbHVlIjoiVUcrWG5LTXc1eXJLKzBydUVvY1d3ZDJGdmF2L2tMUzhmNXBId3J6ZDNIWUZ5T1plWGx0bHJvVDNlZDN1ZDFMSXRwZzBCTENRaWt2NXBTSlB4c0NOS2pnbkJsTlhoSW5peWxRTlMwNkwrQjdFQnZka1NTNGpvUTRyZGx6aFVMSXIiLCJtYWMiOiJmNmQ2MGJlOTRiNWJmODZlYzY4Nzk1ZDQxOWRjNjU2MWJhNjA5MDE5Zjg3NGY0NjA0ZGM4YTNkZGUyMDRmMjY3IiwidGFnIjoiIn0%3D; PublishedSiteSession=eyJpdiI6IkMxM3g5ZzgzbWZRbHJnRkxRNDd1QUE9PSIsInZhbHVlIjoiWjFBMDFpNVFpdE92cHIvWlN4R29IQkJ2VHZyTzAwVU9xYldFN01JYlRkYlZYWVBZaU1TMG1iWWRYS0hPZjJISk80d0orSUFXM2t4c2ZYQkJXTklmVlR3Q043c09SYjNRRGVZc2FiVU9BSGNsOEJKT1NHbnlZMTZBVGNtZThENHUiLCJtYWMiOiI1NDFmMjBiNjNmYWFhOTY1ZDllYTM0YjlhOWVkZTNhNDFkNGJkYmNhOTJkOTUwZWQ0OThiZTI0MmM5Mzg1MDczIiwidGFnIjoiIn0%3D; _snow_ses.0500=*; _snow_id.0500=3e4aa3ce-44a1-49a6-b31d-7e1c307be712.1677109546.1.1677109548.1677109546.1fcaa3fc-5411-4d26-bac0-8917cda62073; _dd_s=rum=1&id=4902ce7f-d474-4c23-8c5f-1cca77543fab&created=1677109546313&expire=1677110446313; websitespring-xsrf=eyJpdiI6ImJXcC9vaU05QXNIUWtQc3lScVYramc9PSIsInZhbHVlIjoiSVVMZGRjUERyNlc4OW9TVFoyY0o3Z1llbFZxc09jRWdHKzZCZmZWRUVDSFUyejlTZkd1L1F6VXhScUxMMWl4ZjdkRi9lTWNpandsWVBaZ1dYa2JsVEZGS2NoWnVIV0dZK2VBUVU0bEprUzRidkRuS0xHNUpwWnczNVl0ZHZOV1AiLCJtYWMiOiI0ZDczODc0MTg2ZWZhYzI3YWQ3ZTZiOTQ1MzYwNWE3Njc5NGU4ZWRkNWM0ZWVjMzI4MzVkMGM1YTRjOGQyOGI5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Wed, 22 Feb 2023 23:45:48 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6IjAzK0xhR1Z6c05rbDlJdWZhNGNsQlE9PSIsInZhbHVlIjoiMk5ML1A1dEdRYnJKV3pNakZnOCsyK3drVHJyUWNNQVFEaW1tT1N0TWE1RVVNZlNaa0s0K3JzZVFuaFZvdW5mUlVwdCsrTG13VVpFN1BPT0NOaldtYTMrVmp1b0lnbEtIK2MvQVlNSU5DRjBuUzhlTnRPNTd1aUxPcjNnSEQ4ZkgiLCJtYWMiOiIzNDAwZjkwN2RhMjJhZmYwMTE3MDNiMGViZmMxMDQ1ZDQxODFlY2FkNjc0NTJlY2E0NmM2MTE5YmU2YWM1MzE0IiwidGFnIjoiIn0%3D; expires=Wed, 08-Mar-2023 23:45:48 GMT; Max-Age=1209600; path=/; samesite=lax
XSRF-TOKEN=eyJpdiI6InFQTUpGTlZOOVFzK1RWdGoxK3VUY3c9PSIsInZhbHVlIjoiTE5yTURpMFZSSzVpNlRlVXhROTJFWkVrL2o5aUhvSzFPTUJPWkkyNG1jVjZBWnd0THc1QmVZUVJ5ZE5DTWFJVGRybEFQVWJUSVY3UlFLS0piYS9TNFEwSWNSODJPNy9lTG8vVjFMWm1yMnhKYXgzWHQwNFlTZXhXUlZLOVFUb0kiLCJtYWMiOiJjNmUzODlhNjRjMzc3NTkxYzhlYTA5MWQ2ZTA1MjEwNzdkMDc5MTFiZWZhOTY0OTFmMWRkMGQ0ZWE5MWEyNDlmIiwidGFnIjoiIn0%3D; expires=Wed, 08-Mar-2023 23:45:48 GMT; Max-Age=1209600; path=/; samesite=lax
PublishedSiteSession=eyJpdiI6Im5WZ3NZM2U4WTFKU3dSVElaUktldmc9PSIsInZhbHVlIjoiUktjRGJDVTJsMm1QSDdnazNONklQQmtFNmprVFVNOVRiUzRGQ2E5Z1lPRFJuOVZJSXFZTFh0V3pxUVhWYlhBK2RvekFzUGZZQlNsbU9IekJhM1BhVWVDTTNZbnl2c1Q5U3RFNk9XNlBXaWZGZFFWMGYrbjRGditlV1VXUWdsTGkiLCJtYWMiOiI4MTEyODdmYWM3ZWQ2MGEyNDcwMDYzMDhiYjY0YzI5MTU2ZmQ5MmY3NDVlY2I4YjExZGU0NTljNDQ1ODI0ZDZkIiwidGFnIjoiIn0%3D; expires=Wed, 08-Mar-2023 23:45:48 GMT; Max-Age=1209600; path=/; httponly; samesite=lax
X-Host: blu74.sf2p.intern.weebly.net
X-Revision: ad524d41b789951db95b31467c753b2cc6d2959e
X-Request-ID: fa533ebcf57b3b4f9e02739faa2b2c63
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 74c67bd82a4615772d69db2ed3bf32e8
760fecd988fe95f328ecbf46912fb211263bbf0e
25432ff55fc5f0fec25a395be6efc12b30512b93a78d4a5d78d1464f2a76143b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5152
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 23:45:48 GMT
Last-Modified: Wed, 22 Feb 2023 22:19:56 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 74c67bd82a4615772d69db2ed3bf32e8
760fecd988fe95f328ecbf46912fb211263bbf0e
25432ff55fc5f0fec25a395be6efc12b30512b93a78d4a5d78d1464f2a76143b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5152
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 23:45:48 GMT
Last-Modified: Wed, 22 Feb 2023 22:19:56 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 74c67bd82a4615772d69db2ed3bf32e8
760fecd988fe95f328ecbf46912fb211263bbf0e
25432ff55fc5f0fec25a395be6efc12b30512b93a78d4a5d78d1464f2a76143b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5152
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 23:45:48 GMT
Last-Modified: Wed, 22 Feb 2023 22:19:56 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 74c67bd82a4615772d69db2ed3bf32e8
760fecd988fe95f328ecbf46912fb211263bbf0e
25432ff55fc5f0fec25a395be6efc12b30512b93a78d4a5d78d1464f2a76143b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=113932
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 23:45:48 GMT
Etag: "63f5c338-1d7"
Expires: Fri, 24 Feb 2023 07:24:42 GMT
Last-Modified: Wed, 22 Feb 2023 07:24:40 GMT
Server: nginx
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 74c67bd82a4615772d69db2ed3bf32e8
760fecd988fe95f328ecbf46912fb211263bbf0e
25432ff55fc5f0fec25a395be6efc12b30512b93a78d4a5d78d1464f2a76143b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5153
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 23:45:49 GMT
Last-Modified: Wed, 22 Feb 2023 22:19:56 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/323343460_138955885643349_7864218200313252345_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=w0OQSY37TC0AX9XOuXg&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfDNi6hniF2EUiwT2p0CDVMLpuuX7L85Hn5QVx_poYI6cw&oe=63FB6F11
157.240.11.52200 OK 54 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/323343460_138955885643349_7864218200313252345_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=w0OQSY37TC0AX9XOuXg&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfDNi6hniF2EUiwT2p0CDVMLpuuX7L85Hn5QVx_poYI6cw&oe=63FB6F11
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Hash f30157f98f19b673dcfa3ca1945b30ce
3a55104b3d44c4aa709dffd58db1b1cb240d7693
e0898977aedcbcc8166bf3dac22bd8927c73602d37d101d4fe74a32aad98c74e
GET /v/t51.29350-15/323343460_138955885643349_7864218200313252345_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=w0OQSY37TC0AX9XOuXg&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfDNi6hniF2EUiwT2p0CDVMLpuuX7L85Hn5QVx_poYI6cw&oe=63FB6F11 HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 04 Jan 2023 18:41:10 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 2137305874
x-needle-checksum: 1271297967
content-digest: adler32=1271297967
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
content-length: 53972
x-fb-trip-id: 382461245
date: Wed, 22 Feb 2023 23:45:48 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/331511714_743542104098577_8599495129017482896_n.jpg?_nc_cat=100&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=sERSGu7qdW0AX9pdfB2&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfAQHP44raV7diehXQaBs5zCPvRM4K7GrJMUhcUgtIEfAQ&oe=63FC00B9
157.240.11.52200 OK 150 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/331511714_743542104098577_8599495129017482896_n.jpg?_nc_cat=100&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=sERSGu7qdW0AX9pdfB2&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfAQHP44raV7diehXQaBs5zCPvRM4K7GrJMUhcUgtIEfAQ&oe=63FC00B9
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1440, components 3\012- data
Size 150 kB (150010 bytes)
Hash b00c922e3ed4117034747dcc64291049
aee4a76043d1d54035897cbc235e8e5530efd8e0
ea471f6ae203759683b1ae4731c915d900a19ecd70e20bec9716b0f6c6fdfa17
GET /v/t51.29350-15/331511714_743542104098577_8599495129017482896_n.jpg?_nc_cat=100&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=sERSGu7qdW0AX9pdfB2&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfAQHP44raV7diehXQaBs5zCPvRM4K7GrJMUhcUgtIEfAQ&oe=63FC00B9 HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 19 Feb 2023 03:08:52 GMT
content-type: image/jpeg
x-needle-checksum: 3371536520
content-digest: adler32=3371536520
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
content-length: 150010
x-fb-trip-id: 382461245
date: Wed, 22 Feb 2023 23:45:48 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/318299732_1173888150001348_5745736883887117288_n.jpg?_nc_cat=103&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=Lgx9XMtxoLAAX-zTNs5&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfD_LyoQL3RoXQ957IJ_R1hpOxw81jBEFtSvi_Wy-S6S0Q&oe=63FB4B29
157.240.11.52200 OK 91 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/318299732_1173888150001348_5745736883887117288_n.jpg?_nc_cat=103&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=Lgx9XMtxoLAAX-zTNs5&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfD_LyoQL3RoXQ957IJ_R1hpOxw81jBEFtSvi_Wy-S6S0Q&oe=63FB4B29
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x1280, components 3\012- data
Hash c9696cb14b84d28c3b92d2526a95a3a6
c1ca49d6b2eaf923917db95491efc3e0c7214bb8
dc75c9858cebde6ef6cd7b9d5d4f5aeb8081b0d782d928d3d8a9aa1cbafdfde1
GET /v/t51.29350-15/318299732_1173888150001348_5745736883887117288_n.jpg?_nc_cat=103&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=Lgx9XMtxoLAAX-zTNs5&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfD_LyoQL3RoXQ957IJ_R1hpOxw81jBEFtSvi_Wy-S6S0Q&oe=63FB4B29 HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-length: 90757
last-modified: Tue, 06 Dec 2022 01:48:17 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 1870495043
x-needle-checksum: 3205579959
content-digest: adler32=3205579959
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
x-fb-trip-id: 382461245
date: Wed, 22 Feb 2023 23:45:49 GMT
x-fb-edge-debug: O6ChgHy0yhby4lMzto733_GEwJUCrcHwksjZ6awYJ4eNQoRy3z8VuqHNlGkwPFaUH5zpiR9XgiyfZXqoC1enmAQbxVPp_AZSiTQJGXeQIB0
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/330510843_558913376297833_1848879480968928713_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=9_q0EDeytTwAX_YNnuc&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBBgP1B_p6kmhhRm1mkqsG9i3T7S1PUgxy2mCwZtG3-0Q&oe=63FA8DDA
157.240.11.52200 OK 114 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/330510843_558913376297833_1848879480968928713_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=9_q0EDeytTwAX_YNnuc&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBBgP1B_p6kmhhRm1mkqsG9i3T7S1PUgxy2mCwZtG3-0Q&oe=63FA8DDA
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1152x2048, components 3\012- data
Size 114 kB (114446 bytes)
Hash 6dadabd62fa06653cef7ec30a4172cfa
eeb90ca86f54d7501ecff51eaad713fee1caa824
92415ea79b1146213f5878866cb689e48df102e204d541628c779298112f1052
GET /v/t51.29350-15/330510843_558913376297833_1848879480968928713_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=9_q0EDeytTwAX_YNnuc&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBBgP1B_p6kmhhRm1mkqsG9i3T7S1PUgxy2mCwZtG3-0Q&oe=63FA8DDA HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 11 Feb 2023 05:39:35 GMT
content-type: image/jpeg
x-needle-checksum: 1515577041
content-digest: adler32=1515577041
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
content-length: 114446
x-fb-trip-id: 382461245
date: Wed, 22 Feb 2023 23:45:48 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/329321862_213373314529344_3917582882005727748_n.jpg?_nc_cat=100&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=eOjgz_8Yk_0AX90H7Aa&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBDz9sLoPvyFwtg_q0fpE-osItNZlraXuvHRkUPWkgrvQ&oe=63FBFDC1
157.240.11.52200 OK 171 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/329321862_213373314529344_3917582882005727748_n.jpg?_nc_cat=100&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=eOjgz_8Yk_0AX90H7Aa&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBDz9sLoPvyFwtg_q0fpE-osItNZlraXuvHRkUPWkgrvQ&oe=63FBFDC1
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 171 kB (170984 bytes)
Hash 115c536f3a52ebd54b2e0fb845c28f4a
e5d0634311286554ed8a7f80c930aafc7ae1e284
85b2774bcac364b26fe1a4b89700d503cffeab5b7fd5dfd9a6e7918632c986e7
GET /v/t51.29350-15/329321862_213373314529344_3917582882005727748_n.jpg?_nc_cat=100&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=eOjgz_8Yk_0AX90H7Aa&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBDz9sLoPvyFwtg_q0fpE-osItNZlraXuvHRkUPWkgrvQ&oe=63FBFDC1 HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 07 Feb 2023 05:01:17 GMT
content-type: image/jpeg
x-needle-checksum: 2506408248
content-digest: adler32=2506408248
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
content-length: 170984
x-fb-trip-id: 382461245
date: Wed, 22 Feb 2023 23:45:49 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/323092324_721555402922546_7846827620257023663_n.jpg?_nc_cat=100&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=Ezh4ZiuSTAoAX--u7y7&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBRu8MKeJPDd1VWHy-MvaWYS-7zwb-bYeDQnBd9y8yJlQ&oe=63FA7BDF
157.240.11.52200 OK 286 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/323092324_721555402922546_7846827620257023663_n.jpg?_nc_cat=100&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=Ezh4ZiuSTAoAX--u7y7&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBRu8MKeJPDd1VWHy-MvaWYS-7zwb-bYeDQnBd9y8yJlQ&oe=63FA7BDF
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 960x1702, components 3\012- data
Size 286 kB (285760 bytes)
Hash a69bf05459323d645f25e0eaf3d80c75
aa095620f12f5216d04e463beb3716b145bdc5d1
36e4643ca003e5a8262e16c174f959a0cdbe0bf7ca4ce2482c7cd27573563016
GET /v/t51.29350-15/323092324_721555402922546_7846827620257023663_n.jpg?_nc_cat=100&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=Ezh4ZiuSTAoAX--u7y7&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBRu8MKeJPDd1VWHy-MvaWYS-7zwb-bYeDQnBd9y8yJlQ&oe=63FA7BDF HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Sat, 31 Dec 2022 22:21:41 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 362521805
x-needle-checksum: 1025019389
content-digest: adler32=1025019389
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
content-length: 285760
x-fb-trip-id: 382461245
date: Wed, 22 Feb 2023 23:45:48 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/324722891_503636751909884_6042967908943469510_n.jpg?_nc_cat=104&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=fB4D5NTmo4kAX8Nz42_&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBZ0YWF3jCqgIgdcFcFRf_Z_3k-UrkNYY-2BlAHaZixPQ&oe=63FBA88D
157.240.11.52200 OK 218 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/324722891_503636751909884_6042967908943469510_n.jpg?_nc_cat=104&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=fB4D5NTmo4kAX8Nz42_&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBZ0YWF3jCqgIgdcFcFRf_Z_3k-UrkNYY-2BlAHaZixPQ&oe=63FBA88D
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1440, components 3\012- data
Size 218 kB (217457 bytes)
Hash e4f40672a4404db868b0f16378af4b65
bd23c3da4396c89a77f6f92ae476351ec0e23f7c
9098b1fa78f3c39e0b9cbeebad8d7e69f60d7f7205ee29fdae4367e026e59be9
GET /v/t51.29350-15/324722891_503636751909884_6042967908943469510_n.jpg?_nc_cat=104&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=fB4D5NTmo4kAX8Nz42_&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBZ0YWF3jCqgIgdcFcFRf_Z_3k-UrkNYY-2BlAHaZixPQ&oe=63FBA88D HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 12 Jan 2023 04:47:18 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 611942509
x-needle-checksum: 3614563293
content-digest: adler32=3614563293
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
content-length: 217457
x-fb-trip-id: 382461245
date: Wed, 22 Feb 2023 23:45:48 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/317638772_655376159565426_3849395933870879346_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=xzLTVmbPq5QAX8WrjWU&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfCpR5F1YEWbPKIe-AWZOOx7omYPCkRTgtq8t8P-el5Z0Q&oe=63FA9A15
157.240.11.52200 OK 254 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/317638772_655376159565426_3849395933870879346_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=xzLTVmbPq5QAX8WrjWU&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfCpR5F1YEWbPKIe-AWZOOx7omYPCkRTgtq8t8P-el5Z0Q&oe=63FA9A15
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1440, components 3\012- data
Size 254 kB (253942 bytes)
Hash 7b9cb0e7045c78d43216d2530987e1c3
90b6143cba50433904200358744b9fcbe1c8e4bd
6710047c782be2d61d13ae91ac014b38c2ae993a9ac452cd9abe39512d8fef4f
GET /v/t51.29350-15/317638772_655376159565426_3849395933870879346_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=xzLTVmbPq5QAX8WrjWU&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfCpR5F1YEWbPKIe-AWZOOx7omYPCkRTgtq8t8P-el5Z0Q&oe=63FA9A15 HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 01 Dec 2022 02:49:41 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 297801386
x-needle-checksum: 2458984162
content-digest: adler32=2458984162
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
content-length: 253942
x-fb-trip-id: 382461245
date: Wed, 22 Feb 2023 23:45:48 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/328841697_157645700398424_2269329314206712010_n.jpg?_nc_cat=103&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=9CqcgH9kwesAX-CfR_W&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfA7Bsra3uhtc7JqmKdZ3B5LGu3FIAW63Kq4LBnHt8s1qA&oe=63FA87C3
157.240.11.52200 OK 396 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/328841697_157645700398424_2269329314206712010_n.jpg?_nc_cat=103&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=9CqcgH9kwesAX-CfR_W&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfA7Bsra3uhtc7JqmKdZ3B5LGu3FIAW63Kq4LBnHt8s1qA&oe=63FA87C3
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size 396 kB (395880 bytes)
Hash 1fd63dfc7c8e9ddc394d75782e0e9301
aa6e3bb97405ca955bb3359f0ec823c8bc498583
2fd1bdc6cde5c74078a5566f40def24811cfcc284246e2f167ef1ec25a205d5d
GET /v/t51.29350-15/328841697_157645700398424_2269329314206712010_n.jpg?_nc_cat=103&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=9CqcgH9kwesAX-CfR_W&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfA7Bsra3uhtc7JqmKdZ3B5LGu3FIAW63Kq4LBnHt8s1qA&oe=63FA87C3 HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 06 Feb 2023 01:24:01 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 661947959
x-needle-checksum: 3841081902
content-digest: adler32=3841081902
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
accept-ranges: bytes
content-length: 395880
x-fb-trip-id: 382461245
date: Wed, 22 Feb 2023 23:45:48 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-ad524d4&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=e7d18d0c-d6e3-4120-9f42-6b3e76b81946&batch_time=1677109550388
3.233.159.160202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-ad524d4&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=e7d18d0c-d6e3-4120-9f42-6b3e76b81946&batch_time=1677109550388
IP 3.233.159.160:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5ccbce2674d99545077660922b8173a3
9142c5f86ca9c681baf6ad418ad9b5ba4687c5ee
987960f1131af0f17763145c23d3b10a821584f34accd3b9cb24eb49e3bbcdcb
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-ad524d4&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=e7d18d0c-d6e3-4120-9f42-6b3e76b81946&batch_time=1677109550388 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15840
Origin: https://www.polishedchaosbrows.ca
Connection: keep-alive
Referer: https://www.polishedchaosbrows.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Wed, 22 Feb 2023 23:45:50 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2