r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3691
Expires: Sun, 29 Jan 2023 19:51:18 GMT
Date: Sun, 29 Jan 2023 18:49:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6107
Expires: Sun, 29 Jan 2023 20:31:34 GMT
Date: Sun, 29 Jan 2023 18:49:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 18:35:38 GMT
content-type: application/json
age: 849
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7943
Expires: Sun, 29 Jan 2023 21:02:10 GMT
Date: Sun, 29 Jan 2023 18:49:47 GMT
Connection: keep-alive
leiaaesthetic.com/
198.185.159.145301 Moved Permanently 0 B IP 198.185.159.145:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: leiaaesthetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Age: 7
Content-Length: 0
Date: Sun, 29 Jan 2023 18:49:39 GMT
Location: https://www.leiaaesthetic.com/
Server: Squarespace
Set-Cookie: crumb=BTjp6cmOFcsbMmM1NGU5ZDk0ODM3ZjU5NTI5ZmFmYzk2Yzc0MmZh;Path=/
X-Contextid: Q9jTBKrI/ObisPCU4
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: J0UeP657FjLo8uiTRWQWX0J7KHB5GVAvvQB5gxrui1kbLwQYzy1roVW5yvx0hJw+5bIrCRRl6IE=
x-amz-request-id: 6R7K54ZD6MW1XG25
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 18:21:29 GMT
age: 1698
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 18:49:47 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 18:41:41 GMT
age: 486
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4663
Expires: Sun, 29 Jan 2023 20:07:30 GMT
Date: Sun, 29 Jan 2023 18:49:47 GMT
Connection: keep-alive
assets.squarespace.com/@sqs/polyfiller/1.6/modern.js
151.101.64.237200 OK 42 kB URL HTTP/2 assets.squarespace.com/@sqs/polyfiller/1.6/modern.js
IP 151.101.64.237:0
File type Unicode text, UTF-8 text, with very long lines (43878), with NEL line terminators
Hash fe0d53a94823df972dbf107bf190771a
0ae461e408323c0dd10c6ccfb0a673c6d0a173bf
8cb58343dcef08e359f0abd73b1218780ca7ea4eab16f2d9d43ffc272ad91206
GET /@sqs/polyfiller/1.6/modern.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leiaaesthetic.com
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 18:39:24 GMT
last-modified: Mon, 31 Oct 2022 21:19:57 GMT
etag: "fe0d53a94823df972dbf107bf190771a"
content-type: text/javascript
content-encoding: gzip
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 18:49:47 GMT
age: 4579824
x-served-by: cache-iad-kjyo7100143-IAD, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 44282
x-timer: S1675018188.880190,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-length: 42447
X-Firefox-Spdy: h2
assets.squarespace.com/universal/scripts-compressed/performance-0f5642c830ad27845ce87-min.en-US.js
151.101.64.237200 OK 53 kB URL HTTP/2 assets.squarespace.com/universal/scripts-compressed/performance-0f5642c830ad27845ce87-min.en-US.js
IP 151.101.64.237:0
File type ASCII text, with very long lines (57959)
Hash 15094a9e592418071f83e2cda5aa596c
4ee1e6aaf49e74fbda897ec3a696bbdb4ef81bad
b06495008673d55ebd4cc4779e781e120b55b55366a6796fc0597f330e3b1e04
GET /universal/scripts-compressed/performance-0f5642c830ad27845ce87-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leiaaesthetic.com
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 24 Jan 2024 17:28:36 GMT
last-modified: Tue, 24 Jan 2023 17:19:08 GMT
etag: "15094a9e592418071f83e2cda5aa596c"
content-type: text/javascript
content-encoding: br
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 18:49:47 GMT
age: 436872
x-served-by: cache-iad-kcgs7200176-IAD, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 43, 13684
x-timer: S1675018188.880988,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-length: 53425
X-Firefox-Spdy: h2
assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-c6a38111aec507149cb3d-min.en-US.js
151.101.64.237200 OK 18 kB URL HTTP/2 assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-c6a38111aec507149cb3d-min.en-US.js
IP 151.101.64.237:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1fb78cb0eb4ac17a64497e0e8847ddcc
0f3653e0c81319fc2c2db49a98c363f65bc40ca8
57fb2b9a98db6f866e75f58f44074680ccae5199c89268d3d40b047a28d47c6a
GET /universal/scripts-compressed/cldr-resource-pack-c6a38111aec507149cb3d-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leiaaesthetic.com
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 18 Jan 2024 15:16:18 GMT
last-modified: Wed, 18 Jan 2023 14:53:08 GMT
etag: "1fb78cb0eb4ac17a64497e0e8847ddcc"
content-type: text/javascript
content-encoding: br
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 18:49:47 GMT
age: 963210
x-served-by: cache-iad-kiad7000057-IAD, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 36, 44963
x-timer: S1675018188.903819,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-length: 18361
X-Firefox-Spdy: h2
assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-5b018debf7976019a67bf-min.en-US.js
151.101.64.237200 OK 15 kB URL HTTP/2 assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-5b018debf7976019a67bf-min.en-US.js
IP 151.101.64.237:0
File type ASCII text, with very long lines (45105)
Hash 770decddb125e2b7fee91eac80cad794
8b6f6450bd37cdefc9dcd4bddd66dbcf295b6927
f5ccb6de36aff03adfbd0718bee49baf5deffc7b0f375eedf90c5f2a7c3bc3ea
GET /universal/scripts-compressed/extract-css-runtime-5b018debf7976019a67bf-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leiaaesthetic.com
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 27 Jan 2024 22:58:18 GMT
last-modified: Fri, 27 Jan 2023 22:46:07 GMT
etag: "770decddb125e2b7fee91eac80cad794"
content-type: text/javascript
content-encoding: br
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 18:49:47 GMT
age: 157890
x-served-by: cache-iad-kiad7000031-IAD, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 41, 7906
x-timer: S1675018188.910564,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-length: 15254
X-Firefox-Spdy: h2
assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-fd2acc815706e38fcfdf0-min.en-US.js
151.101.64.237200 OK 71 kB URL HTTP/2 assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-fd2acc815706e38fcfdf0-min.en-US.js
IP 151.101.64.237:0
File type ASCII text, with very long lines (65202)
Hash acbc32f393943567180ad813f45cee9d
d9536a0f9582e9c6e3c8811253f573dc993079f8
0bb9f17a40c2f7af3d64fdae1a8089f365b44ec9cbadb7a27c6d2fd96c9f16e7
GET /universal/scripts-compressed/common-vendors-stable-fd2acc815706e38fcfdf0-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leiaaesthetic.com
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 18 Jan 2024 15:16:20 GMT
last-modified: Wed, 18 Jan 2023 14:52:01 GMT
etag: "acbc32f393943567180ad813f45cee9d"
content-type: text/javascript
content-encoding: br
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 18:49:47 GMT
age: 963208
x-served-by: cache-iad-kcgs7200137-IAD, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 51, 40084
x-timer: S1675018188.911443,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-length: 70642
X-Firefox-Spdy: h2
www.leiaaesthetic.com/
198.49.23.144200 OK 31 kB IP 198.49.23.144:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (39784)
Hash 352a1fd993b8f43fe3460860ce960b75
6faf1b9dc7b15d959f60b8968f97b15b637a481e
6cce749acd0b5a4942cf4fb40cc8e15d502bab1f2c759ce7343d1333f76153c0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.leiaaesthetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
accept-ranges: bytes
age: 7
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sun, 29 Jan 2023 18:49:40 GMT
etag: W/"a4ee0e773eef11ca412f633355cc3308"
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Squarespace
set-cookie: crumb=BUrp8YgGpOcJYWFhNjdlY2ZjMWRmZjgyNGEwYjc3ZGRiNWY1NGU0;Path=/
strict-transport-security: max-age=43200
vary: Accept-Encoding
x-content-type-options: nosniff
x-contextid: ecJgDTJM/gRTFQCTz
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-length: 30892
X-Firefox-Spdy: h2
use.typekit.net/ik/18-ZtXLVPD5uFs23VKggf-ZKhjxrsFEOnrYtN2AVYBwfeTqIfFHN4UJLFRbh52jhWDjkweFKFQ6hwesKZQ9oFAByFhJX5QjuFg7ZMkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0dhFXdaguSkuR-W4Rde9lZhFkZPoDSWmyScmDSeBRZPoRdhXCHKoDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0dcmXOeBDOcu8OeU8-AByZWFX-emX-Aw0jhNlOeUzjhBC-eNDifUzjaszSYmDOAFTScFCZPu1ja48O1FUiABkZWF3jAF8OcFzdPUDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOYiaikoyjamTiY8Djhy8ZYmC-Ao1OcFzdPUaiaS0jAFu-WsoShFGZAsude80Zko0ZWbCiaiaOcBDOcu8OYiaikoCZA8yjAmDiey8ie8ROcFzdPUaiaS0dhFXdaguSkuR-W4Rde9lZhFkZPoDSWmyScmDSeBRZPoRdhXCiaiaO1FUiABkZWF3jAF8ShFGZAsude80ZkoRdhXK2ABnie8hOAikdas8ShC7fbRbdsMMeMb6MKG4fFZlIMMjgPMfH6qJXcXbMg6YJMJ7fbRsdsMMeMt6MKG4fFilIMMj2kMfH6qJXhXbMg6sJMHbMpVNhTJe.js
23.36.76.122200 OK 6.8 kB URL HTTP/2 use.typekit.net/ik/18-ZtXLVPD5uFs23VKggf-ZKhjxrsFEOnrYtN2AVYBwfeTqIfFHN4UJLFRbh52jhWDjkweFKFQ6hwesKZQ9oFAByFhJX5QjuFg7ZMkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0dhFXdaguSkuR-W4Rde9lZhFkZPoDSWmyScmDSeBRZPoRdhXCHKoDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0dcmXOeBDOcu8OeU8-AByZWFX-emX-Aw0jhNlOeUzjhBC-eNDifUzjaszSYmDOAFTScFCZPu1ja48O1FUiABkZWF3jAF8OcFzdPUDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOYiaikoyjamTiY8Djhy8ZYmC-Ao1OcFzdPUaiaS0jAFu-WsoShFGZAsude80Zko0ZWbCiaiaOcBDOcu8OYiaikoCZA8yjAmDiey8ie8ROcFzdPUaiaS0dhFXdaguSkuR-W4Rde9lZhFkZPoDSWmyScmDSeBRZPoRdhXCiaiaO1FUiABkZWF3jAF8ShFGZAsude80ZkoRdhXK2ABnie8hOAikdas8ShC7fbRbdsMMeMb6MKG4fFZlIMMjgPMfH6qJXcXbMg6YJMJ7fbRsdsMMeMt6MKG4fFilIMMj2kMfH6qJXhXbMg6sJMHbMpVNhTJe.js
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (2258)
Hash 8e221a56a6986edc501f41249ebf933f
82de798a2daec7d09847bc782909486379e6e40a
0c07422247cfde261939366ac28ecd54395f82bbc41f27996afe1b8205f22439
GET /ik/18-ZtXLVPD5uFs23VKggf-ZKhjxrsFEOnrYtN2AVYBwfeTqIfFHN4UJLFRbh52jhWDjkweFKFQ6hwesKZQ9oFAByFhJX5QjuFg7ZMkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0dhFXdaguSkuR-W4Rde9lZhFkZPoDSWmyScmDSeBRZPoRdhXCHKoDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0dcmXOeBDOcu8OeU8-AByZWFX-emX-Aw0jhNlOeUzjhBC-eNDifUzjaszSYmDOAFTScFCZPu1ja48O1FUiABkZWF3jAF8OcFzdPUDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOYiaikoyjamTiY8Djhy8ZYmC-Ao1OcFzdPUaiaS0jAFu-WsoShFGZAsude80Zko0ZWbCiaiaOcBDOcu8OYiaikoCZA8yjAmDiey8ie8ROcFzdPUaiaS0dhFXdaguSkuR-W4Rde9lZhFkZPoDSWmyScmDSeBRZPoRdhXCiaiaO1FUiABkZWF3jAF8ShFGZAsude80ZkoRdhXK2ABnie8hOAikdas8ShC7fbRbdsMMeMb6MKG4fFZlIMMjgPMfH6qJXcXbMg6YJMJ7fbRsdsMMeMt6MKG4fFilIMMj2kMfH6qJXhXbMg6sJMHbMpVNhTJe.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 6790
date: Sun, 29 Jan 2023 18:49:47 GMT
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.224.148.171101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.224.148.171:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fPbigHstUqvVl5WpbP4KPA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aZXNsPNvN87jwcMNYryDkPV22HE=
images.squarespace-cdn.com/content/v1/620cb5860dbe595aa7b49654/f2b2a979-5f7a-4bb6-b404-febf4b749a6a/210708_LEIA_Primary+Logo-03.png?format=1500w
151.101.0.238200 OK 24 kB URL HTTP/2 images.squarespace-cdn.com/content/v1/620cb5860dbe595aa7b49654/f2b2a979-5f7a-4bb6-b404-febf4b749a6a/210708_LEIA_Primary+Logo-03.png?format=1500w
IP 151.101.0.238:0
File type PNG image data, 1500 x 601, 8-bit gray+alpha, non-interlaced\012- data
Hash a08f5fcfba679118fbfde3abd5c43813
da6297b4d7bb8d33df584754cc38ec464f0c2168
678e7fad3284b488e7a5fbe51597ef8fdbad041afc17fbce07d900aa9dc7e54d
GET /content/v1/620cb5860dbe595aa7b49654/f2b2a979-5f7a-4bb6-b404-febf4b749a6a/210708_LEIA_Primary+Logo-03.png?format=1500w HTTP/1.1
Host: images.squarespace-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
content-type: image/png
access-control-allow-origin: *
etag: CLSJh/Png/YCEAE=
cache-control: max-age=604800
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 18:49:48 GMT
age: 228331
x-served-by: cache-iad-kcgs7200042-IAD, cache-bma1641-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1675018188.028306,VS0,VE92
vary: Accept-Encoding
tracepoint: Fastly
content-length: 23774
X-Firefox-Spdy: h2
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.beee5ab9f5fc628de9761db008bf6dbc.js
151.101.0.238200 OK 43 kB URL HTTP/2 static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.beee5ab9f5fc628de9761db008bf6dbc.js
IP 151.101.0.238:0
File type ASCII text, with very long lines (65467)
Hash e17a8efac6aa067835039508cef680cb
081eddd2a61f68db4987b85910c1ea39e9a9e857
c3c2ab62c657f0c999c5edd12f7b7a762a47a94426157ecf62574bcc809c1d61
GET /static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.beee5ab9f5fc628de9761db008bf6dbc.js HTTP/1.1
Host: static1.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=94608000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
pragma: cache
server: Squarespace
timing-allow-origin: *
x-content-type-options: nosniff
x-contextid: G2ZsPUTB/XbMF74Ea
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 18:49:48 GMT
age: 182104
x-served-by: cache-dfw-kdfw8210046-DFW, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 27, 9896
x-timer: S1675018188.114279,VS0,VE0
vary: Accept-Encoding
tracepoint: Fastly
content-length: 43384
X-Firefox-Spdy: h2
static1.squarespace.com/static/versioned-site-css/620cb5860dbe595aa7b49654/12/5c5a519771c10ba3470d8101/620cb5860dbe595aa7b49673/1340/site.css
151.101.0.238200 OK 100 kB URL HTTP/2 static1.squarespace.com/static/versioned-site-css/620cb5860dbe595aa7b49654/12/5c5a519771c10ba3470d8101/620cb5860dbe595aa7b49673/1340/site.css
IP 151.101.0.238:0
File type Unicode text, UTF-8 text, with very long lines (31993)
Hash 3378e2a0c0fc33165465908dcd5b83e7
b251f1cd2d97f386da704dc5e4ab9fc8b0d73c71
2a639a49a7beb2e91d30f9e46abe7d6bc9cb29e6872681e0655c3a31bc8af0b4
GET /static/versioned-site-css/620cb5860dbe595aa7b49654/12/5c5a519771c10ba3470d8101/620cb5860dbe595aa7b49673/1340/site.css HTTP/1.1
Host: static1.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=94608000
content-encoding: gzip
content-type: text/css; charset=UTF-8
pragma: cache
server: Squarespace
timing-allow-origin: *
x-content-type-options: nosniff
x-contextid: iXoeOAAF/F2LDqXOq
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 18:49:48 GMT
age: 0
x-served-by: cache-dfw-kdfw8210109-DFW, cache-bma1674-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675018188.919128,VS0,VE440
vary: Accept-Encoding
tracepoint: Fastly
content-length: 99540
X-Firefox-Spdy: h2
use.typekit.net/af/ab3e12/000000000000000077359d4f/30/l?subset_id=2&fvd=n4&v=3
23.36.76.122200 OK 20 kB URL HTTP/2 use.typekit.net/af/ab3e12/000000000000000077359d4f/30/l?subset_id=2&fvd=n4&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 19680, version 1.0\012- data
Hash 52c1a5fa1d7c6bdee86085694db8fe2e
e10a38b2e12e4c9f481f90a543023676c81e0f47
d000c44b8eb639ac2ae010d285a76848f36a038d10bd5c4abb253cc97cbc01ee
GET /af/ab3e12/000000000000000077359d4f/30/l?subset_id=2&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.leiaaesthetic.com
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 19680
etag: "e220726f21c39c004d15b330308318f97bc04bd0"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sun, 29 Jan 2023 18:49:48 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/c11a71/000000000000000077359d5e/30/l?subset_id=2&fvd=n5&v=3
23.36.76.122200 OK 22 kB URL HTTP/2 use.typekit.net/af/c11a71/000000000000000077359d5e/30/l?subset_id=2&fvd=n5&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 21972, version 1.0\012- data
Hash 3c2e84a9ac5623b6f7094bcc6bbdf886
d930a9eb7c1e3c47a102ed63a15c45f156e8ce2f
fac4b035ba0f805ad605bacafbe6ed84b2cab4f171dee3bfedb6677b0a2e1757
GET /af/c11a71/000000000000000077359d5e/30/l?subset_id=2&fvd=n5&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.leiaaesthetic.com
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 21972
etag: "a8bafb6bba35103267a91a2c4c7d0a862cd28662"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sun, 29 Jan 2023 18:49:48 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/a798a9/000000000000000077359d55/30/l?subset_id=2&fvd=n7&v=3
23.36.76.122200 OK 21 kB URL HTTP/2 use.typekit.net/af/a798a9/000000000000000077359d55/30/l?subset_id=2&fvd=n7&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 21252, version 1.0\012- data
Hash 958ca86224ba2695505fee68ed3894cd
ad5e3df0ec150896c4d273992cce12331b91ac66
98ffd9d43312edc8de13bafdfae9187b562e9a9af611ef2596d796cfb2f13955
GET /af/a798a9/000000000000000077359d55/30/l?subset_id=2&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.leiaaesthetic.com
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 21252
etag: "b1f41794b926aedfbe5eb25bb0af2e03e02b90bb"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sun, 29 Jan 2023 18:49:48 GMT
X-Firefox-Spdy: h2
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/4974.ba666066c217e3d046a4.js
151.101.0.238200 OK 13 kB URL HTTP/2 static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/4974.ba666066c217e3d046a4.js
IP 151.101.0.238:0
File type Unicode text, UTF-8 text, with very long lines (48821), with no line terminators
Hash f681f00055c1f2fc914822f4f02ad4dd
aa6d15146b402dbaec92d9a61ec1548d6bcbc4f8
d66aa63a6b85997ddc71ab86a1a6464ea75f4395edc15a06da41c83bc5436e64
GET /static/vta/5c5a519771c10ba3470d8101/scripts/4974.ba666066c217e3d046a4.js HTTP/1.1
Host: static1.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=94608000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
pragma: cache
server: Squarespace
timing-allow-origin: *
x-content-type-options: nosniff
x-contextid: XAFKUMFe/NFjF5oQm
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 18:49:48 GMT
age: 856550
x-served-by: cache-dfw-kdfw8210077-DFW, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 1941, 1358
x-timer: S1675018189.741458,VS0,VE0
vary: Accept-Encoding
tracepoint: Fastly
content-length: 13082
X-Firefox-Spdy: h2
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/241.b38453ae9aa40e67c15b.js
151.101.0.238200 OK 2.8 kB URL HTTP/2 static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/241.b38453ae9aa40e67c15b.js
IP 151.101.0.238:0
File type ASCII text, with very long lines (8652), with no line terminators
Hash e87ed8ec03a4f7a51237f23be807cda1
9ff6a5b7e61b98388ce1fe18a0c8705b34ea8871
ea3178ededd7fa1df73c8d4c1153acf49ac3afaf859eb8bf7f95e04f49044209
GET /static/vta/5c5a519771c10ba3470d8101/scripts/241.b38453ae9aa40e67c15b.js HTTP/1.1
Host: static1.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=94608000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
pragma: cache
server: Squarespace
timing-allow-origin: *
x-content-type-options: nosniff
x-contextid: eX51llWN/qOTyVcvp
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 18:49:48 GMT
age: 251749
x-served-by: cache-dfw-kdfw8210105-DFW, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 17, 38
x-timer: S1675018189.746220,VS0,VE0
vary: Accept-Encoding
tracepoint: Fastly
content-length: 2763
X-Firefox-Spdy: h2
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/7475.41738056422ae813652d.js
151.101.0.238200 OK 20 kB URL HTTP/2 static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/7475.41738056422ae813652d.js
IP 151.101.0.238:0
File type Unicode text, UTF-8 text, with very long lines (63249), with no line terminators
Hash bb0c477b175fb7b1ad00fc510f9aa332
fba2f908761ea62adff2692c0e6ef3852969e623
785c53e3e33c944e4a1a71dc2dd27e1bfef3b777a56f55b66bfa3ede9245a43d
GET /static/vta/5c5a519771c10ba3470d8101/scripts/7475.41738056422ae813652d.js HTTP/1.1
Host: static1.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=94608000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
pragma: cache
server: Squarespace
timing-allow-origin: *
x-content-type-options: nosniff
x-contextid: H3XPiJK7/ZZBiCza5
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 18:49:48 GMT
age: 182104
x-served-by: cache-dfw-kdfw8210089-DFW, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 12, 25
x-timer: S1675018189.747195,VS0,VE0
vary: Accept-Encoding
tracepoint: Fastly
content-length: 19531
X-Firefox-Spdy: h2
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/6067.81258212f3e4aad2ffce.js
151.101.0.238200 OK 5.2 kB URL HTTP/2 static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/6067.81258212f3e4aad2ffce.js
IP 151.101.0.238:0
File type C source, ASCII text, with very long lines (14462), with no line terminators
Hash d60cec287998c3495f4113410fdb1001
c107d1e6fce971731172c03d18317036861a4c06
03a9b13fc6620cfac72ca9f3088a84c269b0f4c3ad3af6f19b900b9aed6d688a
GET /static/vta/5c5a519771c10ba3470d8101/scripts/6067.81258212f3e4aad2ffce.js HTTP/1.1
Host: static1.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=94608000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
pragma: cache
server: Squarespace
timing-allow-origin: *
x-content-type-options: nosniff
x-contextid: eg0IvmuC/EAadTFiG
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 18:49:48 GMT
age: 535212
x-served-by: cache-dfw-kdfw8210051-DFW, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 4386, 1
x-timer: S1675018189.748696,VS0,VE1
vary: Accept-Encoding
tracepoint: Fastly
content-length: 5155
X-Firefox-Spdy: h2
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/background-contours.71217d895f3fb419f55f.js
151.101.0.238200 OK 3.0 kB URL HTTP/2 static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/background-contours.71217d895f3fb419f55f.js
IP 151.101.0.238:0
File type ASCII text, with very long lines (9580), with no line terminators
Hash edaee5eaf0cf86ca1c43f8aee08d5f4c
27ec4a1c8106418599f4601e5ac5d08a216f9de4
fe8477100272dad2caa0e8da1237822fa1b27cff327b7dc6be8a741d1871e62a
GET /static/vta/5c5a519771c10ba3470d8101/scripts/background-contours.71217d895f3fb419f55f.js HTTP/1.1
Host: static1.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=94608000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
pragma: cache
server: Squarespace
timing-allow-origin: *
x-content-type-options: nosniff
x-contextid: ndz39TDS/PBpHy83r
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 18:49:48 GMT
age: 182103
x-served-by: cache-dfw-kdfw8210071-DFW, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 9, 1
x-timer: S1675018189.749756,VS0,VE1
vary: Accept-Encoding
tracepoint: Fastly
content-length: 3008
X-Firefox-Spdy: h2
use.typekit.net/af/951aca/000000000000000077359d51/30/l?subset_id=2&fvd=i4&v=3
23.36.76.122200 OK 21 kB URL HTTP/2 use.typekit.net/af/951aca/000000000000000077359d51/30/l?subset_id=2&fvd=i4&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 20688, version 1.0\012- data
Hash 66a75acdb322f2be0b77b713855a0ca7
c8c4cd4f7d3b3ed3aa1fea4bd957e6bb6430230b
248885d24a663699b46f35fde70b571d05671e0d72813fb6b5e1dcf0dd193478
GET /af/951aca/000000000000000077359d51/30/l?subset_id=2&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.leiaaesthetic.com
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 20688
etag: "cfb6bd4754e0eb12efb5d28bf4e4283c88b24377"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sun, 29 Jan 2023 18:49:48 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/939926/000000000000000077359d5f/30/l?subset_id=2&fvd=i5&v=3
23.36.76.122200 OK 20 kB URL HTTP/2 use.typekit.net/af/939926/000000000000000077359d5f/30/l?subset_id=2&fvd=i5&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 19856, version 1.0\012- data
Hash 60f5ec892dcf660c7fe34b988376609f
dfa629d16c4a8beb93123153ad19fe81c08cd67a
ad987db099a253cdd386cf52d98d1b15da65f1ac0d20ab3a312c04fe13eea2bc
GET /af/939926/000000000000000077359d5f/30/l?subset_id=2&fvd=i5&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.leiaaesthetic.com
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 19856
etag: "84db04a7ad917074d55b2d81d703c958371c24bf"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sun, 29 Jan 2023 18:49:48 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/8e3d9f/000000000000000077359d58/30/l?subset_id=2&fvd=i7&v=3
23.36.76.122200 OK 20 kB URL HTTP/2 use.typekit.net/af/8e3d9f/000000000000000077359d58/30/l?subset_id=2&fvd=i7&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 19956, version 1.0\012- data
Hash 139d2306aa5baa86e4c16d79968bc1a6
e29b4294a7794f292ef10d8534eaff06781d2753
6628d7554694e2202832929ae1197a554b1da4db44f463a0bec09cd2727bad33
GET /af/8e3d9f/000000000000000077359d58/30/l?subset_id=2&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.leiaaesthetic.com
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 19956
etag: "bf797f36c9347a8a830501c68025a02e655389e2"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Sun, 29 Jan 2023 18:49:48 GMT
X-Firefox-Spdy: h2
www.leiaaesthetic.com/api/1/performance/settings
198.49.23.144200 OK 53 B URL HTTP/2 www.leiaaesthetic.com/api/1/performance/settings
IP 198.49.23.144:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6be70fd33770b96fa7495ba4fa11bcef
7d39e83de4ac12de6cfe615abf34317965fa72a5
a8c8b8f7a65bd06edaeafdad739ed32c959ad95c866825203923c908ce0db3b4
Analyzer Verdict Alert fortinet Phishing
GET /api/1/performance/settings HTTP/1.1
Host: www.leiaaesthetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Cookie: crumb=BUrp8YgGpOcJYWFhNjdlY2ZjMWRmZjgyNGEwYjc3ZGRiNWY1NGU0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Sun, 29 Jan 2023 18:49:48 GMT
server: Squarespace
vary: Accept-Encoding, User-Agent
x-contextid: ecJgDTJM/ODcim9IX
content-length: 53
X-Firefox-Spdy: h2
images.squarespace-cdn.com/content/v1/620cb5860dbe595aa7b49654/eb9b35d9-793a-4b59-be4a-aa662ed7a6cb/favicon.ico?format=100w
151.101.0.238200 OK 1.5 kB URL HTTP/2 images.squarespace-cdn.com/content/v1/620cb5860dbe595aa7b49654/eb9b35d9-793a-4b59-be4a-aa662ed7a6cb/favicon.ico?format=100w
IP 151.101.0.238:0
File type PNG image data, 100 x 40, 8-bit gray+alpha, non-interlaced\012- data
Hash 4a8cd44f7a2b96cc921b32caeae37e62
74af52fafe9f3dc62df2b4ccd641b4273e5f06b2
6c7d5c5e7b467c14b65e3f797eafe53367552e4826a6f27ba66e4b63dda0d6d2
GET /content/v1/620cb5860dbe595aa7b49654/eb9b35d9-793a-4b59-be4a-aa662ed7a6cb/favicon.ico?format=100w HTTP/1.1
Host: images.squarespace-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
content-type: image/png
access-control-allow-origin: *
etag: COeNlbWvhvYCEAE=
cache-control: max-age=604800
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 18:49:48 GMT
age: 228320
x-served-by: cache-iad-kcgs7200119-IAD, cache-bma1641-BMA
x-cache: HIT, MISS
x-cache-hits: 4, 0
x-timer: S1675018189.857867,VS0,VE91
vary: Accept-Encoding
tracepoint: Fastly
content-length: 1546
X-Firefox-Spdy: h2
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/floating-cart.4814fbbf54a92e38c18f.js
151.101.0.238200 OK 302 B URL HTTP/2 static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/floating-cart.4814fbbf54a92e38c18f.js
IP 151.101.0.238:0
File type ASCII text, with very long lines (451), with no line terminators
Hash b3ab45e7fc0bf40bced473fb656724e5
5c5ccd8a141a60b6837a734aaffa77ab48627f40
9256ef531a9572053e4e8e2c683b25402a4767f0c780eaf844f1a3b391e996c4
GET /static/vta/5c5a519771c10ba3470d8101/scripts/floating-cart.4814fbbf54a92e38c18f.js HTTP/1.1
Host: static1.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=94608000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
pragma: cache
server: Squarespace
timing-allow-origin: *
x-content-type-options: nosniff
x-contextid: MDpO4L96/4i8CpWyC
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 18:49:48 GMT
age: 351167
x-served-by: cache-dfw-kdfw8210096-DFW, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 4, 20973
x-timer: S1675018189.970818,VS0,VE0
vary: Accept-Encoding
tracepoint: Fastly
content-length: 302
X-Firefox-Spdy: h2
p.typekit.net/p.gif?s=2&k=646866_620cb5860dbe595aa7b49654&ht=tk&h=www.leiaaesthetic.com&f=14032.14038.14034.14033.14039.14035&a=646866&js=1.21.0&app=typekit&e=js&_=1675018197526
23.36.76.122200 OK 35 B URL HTTP/2 p.typekit.net/p.gif?s=2&k=646866_620cb5860dbe595aa7b49654&ht=tk&h=www.leiaaesthetic.com&f=14032.14038.14034.14033.14039.14035&a=646866&js=1.21.0&app=typekit&e=js&_=1675018197526
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=2&k=646866_620cb5860dbe595aa7b49654&ht=tk&h=www.leiaaesthetic.com&f=14032.14038.14034.14033.14039.14035&a=646866&js=1.21.0&app=typekit&e=js&_=1675018197526 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
unused62: 8096267
date: Sun, 29 Jan 2023 18:49:49 GMT
X-Firefox-Spdy: h2
images.squarespace-cdn.com/content/v1/620cb5860dbe595aa7b49654/40dea6a4-1706-4760-b32b-5e8da9e3a66e/egg-isolated-beige-background_384104-148.jpeg?format=original
151.101.0.238200 OK 11 kB URL HTTP/2 images.squarespace-cdn.com/content/v1/620cb5860dbe595aa7b49654/40dea6a4-1706-4760-b32b-5e8da9e3a66e/egg-isolated-beige-background_384104-148.jpeg?format=original
IP 151.101.0.238:0
File type JPEG image data, progressive, precision 8, 626x417, components 3\012- data
Hash 6990d83040a1df280fff69f5ae62e6f8
931990c99c4b40ef611c624fcb09c2e0e9ece4c0
ec6d37b3da8d034d5fdc0447d025f5e25022e307d8f43302038d364cdf63c2e6
GET /content/v1/620cb5860dbe595aa7b49654/40dea6a4-1706-4760-b32b-5e8da9e3a66e/egg-isolated-beige-background_384104-148.jpeg?format=original HTTP/1.1
Host: images.squarespace-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
content-type: image/jpeg
access-control-allow-origin: *
etag: CIfSs7nog/YCEAE=
cache-control: max-age=604800
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 18:49:49 GMT
age: 403069
x-served-by: cache-iad-kjyo7100095-IAD, cache-bma1641-BMA
x-cache: HIT, MISS
x-cache-hits: 2, 0
x-timer: S1675018189.954475,VS0,VE92
vary: Accept-Encoding
tracepoint: Fastly
content-length: 11044
X-Firefox-Spdy: h2
www.leiaaesthetic.com/api/census/RecordHit
198.49.23.144200 OK 17 B URL HTTP/2 www.leiaaesthetic.com/api/census/RecordHit
IP 198.49.23.144:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer Verdict Alert fortinet Phishing
POST /api/census/RecordHit HTTP/1.1
Host: www.leiaaesthetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
X-CSRF-Token: BUrp8YgGpOcJYWFhNjdlY2ZjMWRmZjgyNGEwYjc3ZGRiNWY1NGU0
Content-Length: 784
Origin: https://www.leiaaesthetic.com
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Cookie: crumb=BUrp8YgGpOcJYWFhNjdlY2ZjMWRmZjgyNGEwYjc3ZGRiNWY1NGU0; ss_cvr=117bac4d-cbf8-4e52-a699-b7799947394f|1675018197403|1675018197403|1675018197403|1; ss_cvt=1675018197403
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: application/json;charset=utf-8
date: Sun, 29 Jan 2023 18:49:49 GMT
server: Squarespace
strict-transport-security: max-age=43200
x-content-type-options: nosniff
x-contextid: ecJgDTJM/WMqChlAO
content-length: 17
X-Firefox-Spdy: h2
www.leiaaesthetic.com/api/census/button-render
198.49.23.144200 OK 17 B URL HTTP/2 www.leiaaesthetic.com/api/census/button-render
IP 198.49.23.144:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer Verdict Alert fortinet Phishing
POST /api/census/button-render HTTP/1.1
Host: www.leiaaesthetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-CSRF-Token: BUrp8YgGpOcJYWFhNjdlY2ZjMWRmZjgyNGEwYjc3ZGRiNWY1NGU0
Content-Length: 396
Origin: https://www.leiaaesthetic.com
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Cookie: crumb=BUrp8YgGpOcJYWFhNjdlY2ZjMWRmZjgyNGEwYjc3ZGRiNWY1NGU0; ss_cvr=117bac4d-cbf8-4e52-a699-b7799947394f|1675018197403|1675018197403|1675018197403|1; ss_cvt=1675018197403
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: application/json;charset=utf-8
date: Sun, 29 Jan 2023 18:49:49 GMT
server: Squarespace
strict-transport-security: max-age=43200
x-content-type-options: nosniff
x-contextid: ecJgDTJM/239Qmm5n
content-length: 17
X-Firefox-Spdy: h2
www.leiaaesthetic.com/api/census/button-render
198.49.23.144200 OK 17 B URL HTTP/2 www.leiaaesthetic.com/api/census/button-render
IP 198.49.23.144:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer Verdict Alert fortinet Phishing
POST /api/census/button-render HTTP/1.1
Host: www.leiaaesthetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-CSRF-Token: BUrp8YgGpOcJYWFhNjdlY2ZjMWRmZjgyNGEwYjc3ZGRiNWY1NGU0
Content-Length: 397
Origin: https://www.leiaaesthetic.com
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Cookie: crumb=BUrp8YgGpOcJYWFhNjdlY2ZjMWRmZjgyNGEwYjc3ZGRiNWY1NGU0; ss_cvr=117bac4d-cbf8-4e52-a699-b7799947394f|1675018197403|1675018197403|1675018197403|1; ss_cvt=1675018197403
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: application/json;charset=utf-8
date: Sun, 29 Jan 2023 18:49:49 GMT
server: Squarespace
strict-transport-security: max-age=43200
x-content-type-options: nosniff
x-contextid: ecJgDTJM/Hljy0zjO
content-length: 17
X-Firefox-Spdy: h2
www.leiaaesthetic.com/api/census/button-render
198.49.23.144200 OK 17 B URL HTTP/2 www.leiaaesthetic.com/api/census/button-render
IP 198.49.23.144:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer Verdict Alert fortinet Phishing
POST /api/census/button-render HTTP/1.1
Host: www.leiaaesthetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-CSRF-Token: BUrp8YgGpOcJYWFhNjdlY2ZjMWRmZjgyNGEwYjc3ZGRiNWY1NGU0
Content-Length: 402
Origin: https://www.leiaaesthetic.com
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Cookie: crumb=BUrp8YgGpOcJYWFhNjdlY2ZjMWRmZjgyNGEwYjc3ZGRiNWY1NGU0; ss_cvr=117bac4d-cbf8-4e52-a699-b7799947394f|1675018197403|1675018197403|1675018197403|1; ss_cvt=1675018197403
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: application/json;charset=utf-8
date: Sun, 29 Jan 2023 18:49:49 GMT
server: Squarespace
strict-transport-security: max-age=43200
x-content-type-options: nosniff
x-contextid: ecJgDTJM/4Nue05lJ
content-length: 17
X-Firefox-Spdy: h2
assets.squarespace.com/universal/scripts-compressed/common-aa081490e226e362278bd-min.en-US.js
151.101.64.237200 OK 503 B URL HTTP/2 assets.squarespace.com/universal/scripts-compressed/common-aa081490e226e362278bd-min.en-US.js
IP 151.101.64.237:0
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
GET /universal/scripts-compressed/common-aa081490e226e362278bd-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leiaaesthetic.com
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 27 Jan 2024 18:57:04 GMT
last-modified: Fri, 27 Jan 2023 18:44:59 GMT
etag: "144e42de500eea2e00637694d7fb0baa"
content-type: text/javascript
content-encoding: br
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 18:49:47 GMT
age: 172363
x-served-by: cache-iad-kiad7000173-IAD, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 56, 850
x-timer: S1675018188.880374,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-length: 281655
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10100
Expires: Sun, 29 Jan 2023 21:38:09 GMT
Date: Sun, 29 Jan 2023 18:49:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10100
Expires: Sun, 29 Jan 2023 21:38:09 GMT
Date: Sun, 29 Jan 2023 18:49:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10100
Expires: Sun, 29 Jan 2023 21:38:09 GMT
Date: Sun, 29 Jan 2023 18:49:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:56:46 GMT
age: 75183
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ed721e83648418f4a5d64f9d038fd1a
7a311c79e311448941a8d624c1064b1a2d97cfbd
b961e73aaba814eec66532ceeafad5191371fc762b05338990e8cc9c8ecfcbff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6875
x-amzn-requestid: 5fb13e91-8750-4dd9-90a2-f1218ea6009b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fS9t2E0AoAMF_LA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d10ff2-22e819312302377c4bf698ff;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 11:18:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QH_-DX5fiBhfS9MVH6pJi57mqFRRPSPf0iDbp_5BHE1jUqCZvvPesQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 08:01:17 GMT
age: 38912
etag: "7a311c79e311448941a8d624c1064b1a2d97cfbd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-5082e2dab696b020ac83a-min.en-US.js
151.101.64.237200 OK 12 kB URL HTTP/2 assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-5082e2dab696b020ac83a-min.en-US.js
IP 151.101.64.237:0
Hash 10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /universal/scripts-compressed/extract-css-moment-js-vendor-5082e2dab696b020ac83a-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leiaaesthetic.com
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 21 Nov 2023 17:23:55 GMT
last-modified: Mon, 21 Nov 2022 16:44:05 GMT
etag: "c790849e8518999c8594a0bbb6597784"
content-type: text/javascript
content-encoding: br
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 18:49:47 GMT
age: 5966753
x-served-by: cache-iad-kcgs7200082-IAD, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 40001
x-timer: S1675018188.885106,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-length: 87950
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43c4a8e963936a8064dbd2bd3c67b905
8508727c97127c98b886833af28b3470306216c2
070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8652
x-amzn-requestid: 21c734f0-cd73-4691-812e-7cd3908f8f89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRbH4HtPIAMFUGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d07232-291e20fb41c53db7664d04b2;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 00:05:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: j2zDtHz3pZLHJKG3-PaITyUzHOQBEELzuDIt7sbB8X_B10OxG394tg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 06:49:29 GMT
age: 43220
etag: "8508727c97127c98b886833af28b3470306216c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 20:46:16 GMT
age: 79413
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: a13a8181-5783-42c1-9fda-1fcf8db4f0f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVpetFv-oAMF_Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d222c4-68165b34525ca2a054f0b505;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 06:50:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rJbdYq3bZDatEVvC83VR5WiWOFwNwVZEB16ez21KdnQJJrgJ-yKPCg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 14:55:48 GMT
age: 14041
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
assets.squarespace.com/universal/scripts-compressed/common-vendors-232ea070335df80d4cbe6-min.en-US.js
151.101.64.237200 OK 0 B URL HTTP/2 assets.squarespace.com/universal/scripts-compressed/common-vendors-232ea070335df80d4cbe6-min.en-US.js
IP 151.101.64.237:0
GET /universal/scripts-compressed/common-vendors-232ea070335df80d4cbe6-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leiaaesthetic.com
Connection: keep-alive
Referer: https://www.leiaaesthetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 27 Jan 2024 18:24:50 GMT
last-modified: Fri, 27 Jan 2023 18:17:27 GMT
etag: "a09ef85e1575fd12d79cb5e99729b89d"
content-type: text/javascript
content-encoding: br
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 18:49:47 GMT
age: 174297
x-served-by: cache-iad-kjyo7100125-IAD, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 28, 814
x-timer: S1675018188.890760,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-length: 166440
X-Firefox-Spdy: h2