r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12084
Expires: Thu, 10 Nov 2022 18:34:53 GMT
Date: Thu, 10 Nov 2022 15:13:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a19a5555cc9ea92581b0cc504cb64345
01a86ce33d5eb33420ed76266360f32c62a96f31
9ebd48b4053bb4a7a27718670c44075b1f35d037be7fd16750fcbc3ffd68b18c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6544
Cache-Control: max-age=162402
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:13:29 GMT
Etag: "636cd2eb-1d7"
Expires: Sat, 12 Nov 2022 12:20:11 GMT
Last-Modified: Thu, 10 Nov 2022 10:31:07 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2b57492bf85f4ae6abbd1641b17dc9ab
008e71ec05d47bf025ca64e17da2ea1bd8e71111
17894427c471f7fa02ca274795dc55df1bfc99d7bd83f9ee36249394035110fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4625
Expires: Thu, 10 Nov 2022 16:30:34 GMT
Date: Thu, 10 Nov 2022 15:13:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nwxanC+QZgRVZg5ZQgB5wi7FkIbwpp/7IBQ4f+aqFkIeqe8w/2/TMej1r0JmExsFtFgu0XDjO/Q=
x-amz-request-id: 5GQZKBMD378EGVPK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 10 Nov 2022 15:12:11 GMT
age: 78
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
loginadsuscreen38ad60.square.site/
199.34.228.39302 Found 410 B URL HTTP/1.1 loginadsuscreen38ad60.square.site/
IP 199.34.228.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7efd1784d3c090f7273bc43c997ed725
867b6dfb8510652366cab86ec8209f3066d3d090
0deacc8bd0c720f4765279cc8a54adc7d9a4bcc9b35451cee724edaba5ba22ae
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET / HTTP/1.1
Host: loginadsuscreen38ad60.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Thu, 10 Nov 2022 15:13:29 GMT
Location: https://loginadsuscreen38ad60.square.site
Set-Cookie: publishedsite-xsrf=eyJpdiI6IjErb2ltQTJ2c1YwU0xGMmE3dzJGOEE9PSIsInZhbHVlIjoiMVFmQlU2WkVKdE5GVXlvMWUwNlMzSWw0R1BJYmxtZEdkejliXC9jTU45b2lqdE4wXC82KzZMR1F4U05UQU1VaG5vNm8xYjNPeGJmd29GdW9POTFqelpZNzZrdDFybDd1bXNmUHJhUk1QeVFBMVdBcmt0bE51XC9WSWVSTGdUYVZiNUkiLCJtYWMiOiIxNzQxOTQyNDBjYTcxYWYzYzI2Y2Y5MzQ4NjJhODZhZGZlYzc1NjA4ZGUyZjhkMTY1MDkyZjJmOTI4MWRhYWQ2In0%3D; expires=Thu, 24-Nov-2022 15:13:29 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IjZKNCt6dmJqa2VqdEsyK0UrZXNhY0E9PSIsInZhbHVlIjoibTJPTkY0QlVobHZUdGdGaGZINzMyZWtBU09MK2dBeU5GNFdGOE9ybDMzbGFQUGR3Zm5pVDl6Y3ZpRWF1NDlOUkRUN3VUb2xhV2dGNEFzb0wyU3JzVlNtWW9jbEcrZ1dLOHFpY2VKNWFXU0RGaXFpUUFLQXIzWUJJQXU3SnhDOXAiLCJtYWMiOiI1ZjliMzQ2YzZmMjBkN2NlNGZjMTEyODczNGIwMDQ5M2I1MDQwOTY3NTI5YzZjMWZjZDEyNzQ0NmFlMTdmMzM1In0%3D; expires=Thu, 24-Nov-2022 15:13:29 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6ImhIdGN2TWdOaUhoanozTXA5dHhnRnc9PSIsInZhbHVlIjoiZnJXN20rcm1TeFhlNmR0aWV4KzREUG1Zd1RTMlJiQ1VRNjNLMlJHcmsrNGdRdUZ6M2xONVwvdnRwNEVsT1JcLzFlbnRxcFgzd1FZSndHTktlQlFxZU0ybVFXa1lwVW1cL2N6SmF4TkZ5SDFEdG93Nm1DSWMrQXNTczJid1VnYXJSeEIiLCJtYWMiOiI4NWIwZTRmMmRkM2NjYjcwOWYyMGU5MzQ2Njc1YzNhOTVkZmEyNGNhMTVhMDQ2NDkyZWM5ZDUyNzBkNTU4NDcxIn0%3D; expires=Thu, 24-Nov-2022 15:13:29 GMT; Max-Age=1209600; path=/; httponly
X-Host: grn134.sf2p.intern.weebly.net
X-Revision: 09db0b9815d1fe8dac449ecc2a7da2c932739637
X-Request-ID: be9337009adfa602e2db1893cf0963d8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 15:13:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 7157b570497b279d1e4e6b994d857820
1b6ea45a9dfdb8f7e600680ce2b7d527d0a555a9
87b0a04a89765e5fa1e752643175175bf62d103e0c008bb02f82065b3ee8feaf
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "87B0A04A89765E5FA1E752643175175BF62D103E0C008BB02F82065B3EE8FEAF"
Last-Modified: Thu, 10 Nov 2022 10:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3089
Expires: Thu, 10 Nov 2022 16:04:58 GMT
Date: Thu, 10 Nov 2022 15:13:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 081ea13ba4390a4baab25cf57c2672f3
30cc9c329228e3d7bc6041f1aa553f06f8136eed
5a48c189581edd8ae4a4e58e2d54359bb75ba769828436394e4c256fe861814e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3527
Cache-Control: max-age=154331
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:13:29 GMT
Etag: "636cbf2d-1d7"
Expires: Sat, 12 Nov 2022 10:05:40 GMT
Last-Modified: Thu, 10 Nov 2022 09:06:53 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.191.210.155101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.210.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6F0lQgufo+T9EsoGepsJZg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: u/NqckVqJd80Xi0XLU2pZer32pw=
loginadsuscreen38ad60.square.site/
199.34.228.40200 OK 8.8 kB URL HTTP/1.1 loginadsuscreen38ad60.square.site/
IP 199.34.228.40:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (19658)
Hash 876bf92d729370e6151d66dc8bbcc7d3
4af15f4bbdb9e74779f5444b59be79d1570e8ec8
b646cb266126ee69e00c559db909298dce6ee9f1af4daa889e84b2e46663c1e5
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET / HTTP/1.1
Host: loginadsuscreen38ad60.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Thu, 10 Nov 2022 15:13:30 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6ImVjbktZY2l4dkUrZWFpS09zUmJneVE9PSIsInZhbHVlIjoianJTOFF5cTYwMkx3bTZZWkpDZ0Nzak1WdUdxSmx1cE1aRHNxanFpb0FCek4xT215bklvaE1lQmN4OGp0SmFLSjJmZDE0XC9DR0dhSzV4d1F6eVVQbUdVUktWSHM2aWVGcUEyZnNOb1JOVXc3aEJ4eXBcL1BFUjZEN0dSN0NzeGVzQyIsIm1hYyI6IjlkMjk4Y2UwOGQ4OGJlMjVmN2M1NWEwODhlZmVmMDk3ODE0OTQzNGFiOGZkNWI0NDI2MjU1NTdjZTI5NjYwMGYifQ%3D%3D; expires=Thu, 24-Nov-2022 15:13:30 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IlwvYms5bHpVbnpiWUQyMUtHT0tsc1hnPT0iLCJ2YWx1ZSI6Ikdkb0FhenZJQzd3dzNZMEpFTzdlTHE3M1lnRytkQXNqaW9hMWZZSzV5djhQdFAwRmcrOCtTYXRRRHZmSDVEWGgrSFFlcGpLM1NyeVBCaFM4TlREMWNQOFJ0M1pRa2x4Y2dZczRyOXErNW9kT2VyVXF1dXZuK0RWZXQ1VTFZZXhBIiwibWFjIjoiNzQwZGVjYzhiNWIxMDg3NjU5MjcwOGFhZjU3YzhjNmU2ZjEwMjEyZWU2OGYzYzNmNmM3ZTYxNjMxMmY5NjQ3ZCJ9; expires=Thu, 24-Nov-2022 15:13:30 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6Im82MmM0MkRGVnF6Wm1Fd2swSSt0cWc9PSIsInZhbHVlIjoiWFFSSjFWb0taaURVZ1NwZVlZSGxhcTQxTU1TaEE4bEk1ajdzU3pNdVVxREdJeSszVXE0K1hkUHpTNW1hejhUZ1NWdkRxaDNGN2poTnJGTURSTEw2dzFFWlY2cnRcLzZBWmpZVHRLS0V1WkN5VkxKOTlSXC9yODhMSUNlRjdSVlY0WSIsIm1hYyI6Ijg0YmZjM2FjOTQ2MjFkYTAwMDA4OGY2ZjMyZDNmZjI3MjM1Y2VhNGRjNTU1NjE2NmZjODAyN2U2YTk0ZDZhNGMifQ%3D%3D; expires=Thu, 24-Nov-2022 15:13:30 GMT; Max-Age=1209600; path=/; httponly
X-Host: blu139.sf2p.intern.weebly.net
X-Revision: 09db0b9815d1fe8dac449ecc2a7da2c932739637
X-Request-ID: 97f1fb759f82c7fa1ac8749746928ed7
Content-Encoding: gzip
cdn3.editmysite.com/app/website/css/site.1212ec71ad4b7ff5f443.css
151.101.85.46200 OK 24 kB URL HTTP/2 cdn3.editmysite.com/app/website/css/site.1212ec71ad4b7ff5f443.css
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (64930), with no line terminators
Hash 95f18bd4635781a99daed1dd3de8adc1
ac08c18cc726deed47eb6b8f68ec3b5239a2fd91
ef25fa02ff6fba3fa3c90616e1ddbea7d9695867b40a81889074051552b7fff5
GET /app/website/css/site.1212ec71ad4b7ff5f443.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Wed, 09 Nov 2022 21:23:11 GMT
x-rgw-object-type: Normal
etag: W/"c22f38a806467cd0cdff32ec647019f0"
x-amz-request-id: tx00000000000002d07c203-00636c1aa2-c67eadd-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: a80e6919be55cb6d5160dc63fd6f209d3a8ccad7
x-request-id: 6a2fef8e459a38814de85e0dcfa36c62
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 10 Nov 2022 15:13:30 GMT
via: 1.1 varnish
age: 64111
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1668093211.884006,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23817
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/css/wcko.577957259b9178e25575.css
151.101.85.46200 OK 23 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/css/wcko.577957259b9178e25575.css
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (64270), with no line terminators
Hash d4a7cac8be5683713ff6e8d0784011f2
e2a97aa958426f4a35d0428ba833ced0c6cc6042
286ee096d03d0f9e94833359780ff046c322ba1ea9be4a432a1ae6a89970ecb5
GET /app/checkout/assets/checkout/css/wcko.577957259b9178e25575.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Wed, 09 Nov 2022 21:41:51 GMT
x-rgw-object-type: Normal
etag: W/"2a31fcbf4eb69762b720ec1ef08544e0"
x-amz-request-id: tx00000000000002d0bf7b3-00636c1f88-c67eadd-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 10 Nov 2022 15:13:30 GMT
via: 1.1 varnish
age: 62827
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668093211.884226,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22873
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
151.101.85.46200 OK 5.0 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (11882), with no line terminators
Hash 20a4e66f534b80396d40bbc4291b2172
d7c962996f2715d94483be2bf9b644c7185d7ec7
0f19e8ad1c9bd5ae2ae5141f31b4e491bb460558da0ac51cd402964e716880ac
GET /app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Mar 2022 18:09:33 GMT
x-rgw-object-type: Normal
etag: W/"40372ca3b0cfa19f4e5d664243108364"
x-amz-request-id: tx00000000000005ce1aaac-0062434bb9-a9f1ce7-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 10 Nov 2022 15:13:30 GMT
via: 1.1 varnish
age: 1701138
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1668093211.889129,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4998
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/runtime.821fa2841d29b1744cf6.js
151.101.85.46200 OK 25 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/runtime.821fa2841d29b1744cf6.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (51009)
Hash 9abe82447eb1cba24fe3e7b20d243f80
9dc64c73fce11216b06b6f7be2d07a337596e17f
cde1636994cb7d70d08911e606af9d2e36c38dd191778b2e6fe399cf2d54ef1a
GET /app/website/js/runtime.821fa2841d29b1744cf6.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Wed, 09 Nov 2022 21:23:13 GMT
x-rgw-object-type: Normal
etag: W/"6b51d7d7f8f931dcd43a5a48fa7048fa"
x-amz-request-id: tx00000000000002d07c8de-00636c1aa9-c67eadd-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/runtime.821fa2841d29b1744cf6.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 09db0b9815d1fe8dac449ecc2a7da2c932739637
x-request-id: f7f94c4e8dd4b047cd8d229c14ecf39c
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 10 Nov 2022 15:13:30 GMT
via: 1.1 varnish
age: 64114
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 3
x-timer: S1668093211.892037,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24928
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/languages/en.d69f032602a9a8656bf8.js
151.101.85.46200 OK 151 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/languages/en.d69f032602a9a8656bf8.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 151 kB (151425 bytes)
Hash 614f055b0efefbf483b909e5dd20bd4b
2721e7fe99f743ec65a6782d0778e3a23cb17b5c
f602fdff3225656b0f2b2c829c952f284590b4fa25de447146a9208335a849ea
GET /app/website/js/languages/en.d69f032602a9a8656bf8.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Thu, 03 Nov 2022 23:25:35 GMT
x-rgw-object-type: Normal
etag: W/"88da55c6ac5b86a27462f8794b300ba2"
x-amz-request-id: tx0000000000000278488a3-0063644e55-c6aed46-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/languages/en.d69f032602a9a8656bf8.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 5b106465564fd8cfdc25e96fbccd2ff9dcb7a0ec
x-request-id: d06a245b8fc77a19a7522567339564c9
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 10 Nov 2022 15:13:30 GMT
via: 1.1 varnish
age: 574959
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668093211.895839,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 151425
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/vue-modules.9bc3531c7b14b533b653.js
151.101.85.46200 OK 72 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/vue-modules.9bc3531c7b14b533b653.js
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (27432)
Hash f4b29141d74cfc31ae87b2379bf827c6
d3cecf2609cbc423e0a59e9cad96c96595fc550c
77ba93a6fbe46719dede0298898f4d896c073a42d0c093179615edf38f1fd0e5
GET /app/website/js/vue-modules.9bc3531c7b14b533b653.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Mon, 24 Oct 2022 20:40:22 GMT
x-rgw-object-type: Normal
etag: W/"be42f69ec175a01b6e195526f58dae71"
x-amz-request-id: tx00000000000002109ab7c-006356f891-c695612-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/vue-modules.9bc3531c7b14b533b653.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 1d15aad34e0d20a973977ec67b3bf5090814a6cf
x-request-id: f2d07942d6e3e48efaf38632576a5abf
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 10 Nov 2022 15:13:30 GMT
via: 1.1 varnish
age: 650081
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668093211.897651,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 72192
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/site.53f73facd6e1a6ff4aa0.js
151.101.85.46200 OK 620 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/site.53f73facd6e1a6ff4aa0.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (50436)
Size 620 kB (619555 bytes)
Hash 381bbe29e5e33c7bc71f6de24f08bec7
bbbefc57158a609b32e6cb4b56f07029c340118f
c378d30145f13473aa1a80be9b82cf2628b53779b2c08bbfd035b2b89c745dd4
GET /app/website/js/site.53f73facd6e1a6ff4aa0.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Wed, 09 Nov 2022 21:23:13 GMT
x-rgw-object-type: Normal
etag: W/"aed131ca7d403a5cf60232831103e23d"
x-amz-request-id: tx00000000000002dee88f2-00636c1aa2-c669cc6-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/site.53f73facd6e1a6ff4aa0.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 09db0b9815d1fe8dac449ecc2a7da2c932739637
x-request-id: f0de1df07ef42bbcc9bcb3fe321ec4b9
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 10 Nov 2022 15:13:30 GMT
via: 1.1 varnish
age: 64111
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668093211.899128,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 619555
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.21.226:0
Hash 3a64f3355eb7215a8c385b272c6beabf
9655ba00a16cb2946f76bea70f717521ddeb8c5a
f2e0a05790fe581d51a7e7dcc6f4a0c318f6d20ef489d2793ff5647aafdb5a72
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:13:30 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "05FF025D6DDD0C8A6D64B81255C76F37E48D1FC8"
Expires: Fri, 11 Nov 2022 01:00:00 GMT
Last-Modified: Thu, 10 Nov 2022 13:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2380
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767fbb88ad86b51e-OSL
cdn3.editmysite.com/app/checkout/assets/checkout/imports.en.a740dfa509496ebf5542a3af88f41b43.js
151.101.85.46200 OK 3.5 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/imports.en.a740dfa509496ebf5542a3af88f41b43.js
IP 151.101.85.46:0
File type JSON data\012- , ASCII text, with very long lines (16751), with no line terminators
Hash 92e04c847891c2743ac6cc6f3385feec
715d4e2b6f696c6676114fffa86dfeed96723325
f49b3fbfaafde43b998c85bc29cbb6d506f8c0dac07e57680b1e187819e04926
GET /app/checkout/assets/checkout/imports.en.a740dfa509496ebf5542a3af88f41b43.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://loginadsuscreen38ad60.square.site/
Origin: https://loginadsuscreen38ad60.square.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Wed, 09 Nov 2022 23:25:37 GMT
x-rgw-object-type: Normal
etag: W/"a740dfa509496ebf5542a3af88f41b43"
x-amz-request-id: tx00000000000002dfabe8e-00636c3796-c699baa-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/imports.en.a740dfa509496ebf5542a3af88f41b43.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 10 Nov 2022 15:13:30 GMT
via: 1.1 varnish
age: 56673
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 3
x-timer: S1668093211.988659,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3549
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/locale-imports-map.be14e50d1628faa410488f65362a397d.json
151.101.85.46200 OK 325 B URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/locale-imports-map.be14e50d1628faa410488f65362a397d.json
IP 151.101.85.46:0
File type JSON data\012- , ASCII text, with very long lines (1611), with no line terminators
Hash be5c6eec9cf3e92f8df759e392e01209
e0bff726136f738e6a1fe3e991d9a64dcf46d23a
e630015425b5298e0f7db7e397850913ea94d317beba50978a9df8e8364334ae
GET /app/checkout/assets/checkout/locale-imports-map.be14e50d1628faa410488f65362a397d.json HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://loginadsuscreen38ad60.square.site/
Origin: https://loginadsuscreen38ad60.square.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json
last-modified: Mon, 07 Nov 2022 22:17:43 GMT
etag: W/"63698407-64b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 10 Nov 2022 15:13:30 GMT
via: 1.1 varnish
age: 227778
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1668093211.989248,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 325
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7472
Expires: Thu, 10 Nov 2022 17:18:03 GMT
Date: Thu, 10 Nov 2022 15:13:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7472
Expires: Thu, 10 Nov 2022 17:18:03 GMT
Date: Thu, 10 Nov 2022 15:13:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash feb275cc5fa7b13e70522cb76f001bbc
80ca9cf6cbbc73a884c3a839ace9a7aa191a8504
a5680637b55669355967b87fd4be4881a3e4dea746b7c420acf4dcb46b8a28de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8242
x-amzn-requestid: 1ab9c180-7e6b-4eae-a6cf-6a45c96fdc4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlrkE_2oAMFk2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1cb0-0089846803d11bb649874507;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kZPJ95WwFXhxoBwZIeTN2iRl3-XFPmooKSeFtLu3wIm4b8nabFY2mA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:46:29 GMT
etag: "80ca9cf6cbbc73a884c3a839ace9a7aa191a8504"
content-type: image/jpeg
age: 62822
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe468f92f-2486-4c80-ab37-4225f9f983cc.webp
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe468f92f-2486-4c80-ab37-4225f9f983cc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5fc04eddc597d6b10db5d59c53f20aec
dddc0da13526d24aaea990cc1d68d9212612da43
a7e2d1fd141c4383de3411be95b8875c9d969d5f001020793a2b4d939aaa780b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe468f92f-2486-4c80-ab37-4225f9f983cc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12268
x-amzn-requestid: cd9ea4f7-9a75-47b4-a0ad-817c821a592e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpZHbBIAMFfUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca2-69a98f453929cc817bead2c7;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Xq1vIovXXR0pPaaHjKWeLcZszoEkISrYvqKvshtQ9dFTf6CUwxmIWA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:45:34 GMT
age: 62877
etag: "dddc0da13526d24aaea990cc1d68d9212612da43"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb019e92-4345-4986-9822-55d2be3619e1.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb019e92-4345-4986-9822-55d2be3619e1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7af9a4c649c9ff2f48006dffde7fe73
a19bc4b970a451dc7fe45dd7e72a5640ee6c4cae
1ccf9503c2ecaeb6f64a8e4194575908ca8746c69bf2b6fb1a6a59cf2408dc2d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb019e92-4345-4986-9822-55d2be3619e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11722
x-amzn-requestid: bdba30aa-7c54-4163-8c09-e2c8948bba5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlomHKfoAMF30A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c9d-0497f5bc1d5c2fab268fb451;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GK6WMqg_ip9Lcv1UYCQMfdXqRsoxYKhv2fIaqz5tUx_HHw0Cv99Hcg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:50:11 GMT
age: 62600
etag: "a19bc4b970a451dc7fe45dd7e72a5640ee6c4cae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c2db9097ad95b726c65a3130483daf7
2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79
1da5e63e7a3e837c758bb365e5e99e6dfb6c54e9b2fe038c3eb1334a86dc4d74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7723
x-amzn-requestid: 1e07419e-8cd6-43d6-b0bb-61183502ee40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpGHFKIAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca0-751c8b152ea5c28f5a78bf46;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: BXdwO74rhbF9575IFRz-DNbcEFNiX7JiCtsvghmUE8zOju0eyuFjow==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:45:34 GMT
age: 62877
etag: "2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 178b1b5efcd0c5997d0e5b820193abe2
460630852800c0304295c78df268bfec64416f98
9822d2ef4199dcc01f81a8e6d3a91d9545466c17abfca4eb30e0a49ca8301da6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3445
x-amzn-requestid: 92b5ba7a-e45a-495c-89ae-9738fd5644bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWloyHMpoAMF-Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c9e-5508b96c349a34537809ef0e;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3-XU3AO60wbMDZcPshBPHvxEFAQHVs7-dlg52BfbxkSlDAEx9kaeeg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:58:41 GMT
age: 62090
etag: "460630852800c0304295c78df268bfec64416f98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a929256680885031f55121c35d626bcc
9caf2466f70995d5763b970f916c4944b364a4ff
9366db1c171fe9dae5946198415c9a02005a432fccd359896f94bce874c91027
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9283
x-amzn-requestid: c800cccd-80cc-4cd6-8856-66cfd07141c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWmC2HnpIAMF3kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1d45-686eac2b6c65b8dd41dfb44a;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: y9jHtcAFR3KyG8gWBDJ13rjekqGz6dUoqn0d_yHYW9beFkeCGSxbsA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:51:10 GMT
etag: "9caf2466f70995d5763b970f916c4944b364a4ff"
content-type: image/jpeg
age: 62541
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 5fd1a0370030e26cd68d4850edb8b1c2
8c6ca8901825121d71e2c58a8857df1c812dd0c3
13560240c37855238160e38cc4ecc2c4867497cc5e5638e029bca66bde4ceced
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=97874
Date: Thu, 10 Nov 2022 15:13:31 GMT
Etag: "636be6b6-1d7"
Expires: Fri, 11 Nov 2022 18:24:45 GMT
Last-Modified: Wed, 09 Nov 2022 17:43:18 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4xOb03RO8yAjwdpaEkKxFkH1PSk1o9symsXcobQAd0NhdtiyNYQmXQ==
Age: 2487
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 5fd1a0370030e26cd68d4850edb8b1c2
8c6ca8901825121d71e2c58a8857df1c812dd0c3
13560240c37855238160e38cc4ecc2c4867497cc5e5638e029bca66bde4ceced
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101515
Date: Thu, 10 Nov 2022 15:13:31 GMT
Etag: "636be6b6-1d7"
Expires: Fri, 11 Nov 2022 19:25:26 GMT
Last-Modified: Wed, 09 Nov 2022 17:43:18 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HhJNww3iP9u7LFCldF0i69I8IjVSd0dC1A5OVOlJVwQamjAeoa7WWg==
Age: 6128
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://loginadsuscreen38ad60.square.site/
Origin: https://loginadsuscreen38ad60.square.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 15:13:31 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://loginadsuscreen38ad60.square.site
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
35.188.42.15200 OK 2 B URL HTTP/1.1 sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
IP 35.188.42.15:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://loginadsuscreen38ad60.square.site/
Content-Type: text/plain;charset=UTF-8
Origin: https://loginadsuscreen38ad60.square.site
Content-Length: 429
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 15:13:31 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://loginadsuscreen38ad60.square.site
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
loginadsuscreen38ad60.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
199.34.228.40200 OK 894 B URL HTTP/1.1 loginadsuscreen38ad60.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
IP 199.34.228.40:0
File type JSON data\012- , ASCII text, with very long lines (894), with no line terminators
Hash e081c2199cf725707a34f8cc383ae8a4
2cad985085f34e2e8f59ba4324e45083bf61628d
47ab093e387d66fbe9365ebe4c7f55a94dd818e1e4ddd02e1a212aaf601dec0b
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig] HTTP/1.1
Host: loginadsuscreen38ad60.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6IlwvYms5bHpVbnpiWUQyMUtHT0tsc1hnPT0iLCJ2YWx1ZSI6Ikdkb0FhenZJQzd3dzNZMEpFTzdlTHE3M1lnRytkQXNqaW9hMWZZSzV5djhQdFAwRmcrOCtTYXRRRHZmSDVEWGgrSFFlcGpLM1NyeVBCaFM4TlREMWNQOFJ0M1pRa2x4Y2dZczRyOXErNW9kT2VyVXF1dXZuK0RWZXQ1VTFZZXhBIiwibWFjIjoiNzQwZGVjYzhiNWIxMDg3NjU5MjcwOGFhZjU3YzhjNmU2ZjEwMjEyZWU2OGYzYzNmNmM3ZTYxNjMxMmY5NjQ3ZCJ9
Content-Length: 78
Origin: https://loginadsuscreen38ad60.square.site
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6ImVjbktZY2l4dkUrZWFpS09zUmJneVE9PSIsInZhbHVlIjoianJTOFF5cTYwMkx3bTZZWkpDZ0Nzak1WdUdxSmx1cE1aRHNxanFpb0FCek4xT215bklvaE1lQmN4OGp0SmFLSjJmZDE0XC9DR0dhSzV4d1F6eVVQbUdVUktWSHM2aWVGcUEyZnNOb1JOVXc3aEJ4eXBcL1BFUjZEN0dSN0NzeGVzQyIsIm1hYyI6IjlkMjk4Y2UwOGQ4OGJlMjVmN2M1NWEwODhlZmVmMDk3ODE0OTQzNGFiOGZkNWI0NDI2MjU1NTdjZTI5NjYwMGYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IlwvYms5bHpVbnpiWUQyMUtHT0tsc1hnPT0iLCJ2YWx1ZSI6Ikdkb0FhenZJQzd3dzNZMEpFTzdlTHE3M1lnRytkQXNqaW9hMWZZSzV5djhQdFAwRmcrOCtTYXRRRHZmSDVEWGgrSFFlcGpLM1NyeVBCaFM4TlREMWNQOFJ0M1pRa2x4Y2dZczRyOXErNW9kT2VyVXF1dXZuK0RWZXQ1VTFZZXhBIiwibWFjIjoiNzQwZGVjYzhiNWIxMDg3NjU5MjcwOGFhZjU3YzhjNmU2ZjEwMjEyZWU2OGYzYzNmNmM3ZTYxNjMxMmY5NjQ3ZCJ9; PublishedSiteSession=eyJpdiI6Im82MmM0MkRGVnF6Wm1Fd2swSSt0cWc9PSIsInZhbHVlIjoiWFFSSjFWb0taaURVZ1NwZVlZSGxhcTQxTU1TaEE4bEk1ajdzU3pNdVVxREdJeSszVXE0K1hkUHpTNW1hejhUZ1NWdkRxaDNGN2poTnJGTURSTEw2dzFFWlY2cnRcLzZBWmpZVHRLS0V1WkN5VkxKOTlSXC9yODhMSUNlRjdSVlY0WSIsIm1hYyI6Ijg0YmZjM2FjOTQ2MjFkYTAwMDA4OGY2ZjMyZDNmZjI3MjM1Y2VhNGRjNTU1NjE2NmZjODAyN2U2YTk0ZDZhNGMifQ%3D%3D; _snow_ses.1c6f=*; _snow_id.1c6f=c92292cb-5b1a-4e37-bdab-1aadc6868caa.1668093207.1.1668093207.1668093207.a919dc25-ef43-4207-aecd-c30ce8e5513b; _dd_s=rum=1&id=7d2f8d32-b1e5-4471-937c-f568cfd3808f&created=1668093207556&expire=1668094107556
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:13:31 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn85.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 894
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1952
Origin: https://loginadsuscreen38ad60.square.site
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 15:13:31 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=cdf7d7d1-c3f6-46d2-b632-b50632531b14; Expires=Fri, 10 Nov 2023 15:13:31 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://loginadsuscreen38ad60.square.site
access-control-allow-credentials: true
X-Firefox-Spdy: h2
loginadsuscreen38ad60.square.site/uploads/b/f12e7020-606a-11ed-bfc5-b5942332a5f2/icon_180x180_ios_MjIxMz.png?width=180
199.34.228.40200 OK 1.2 kB URL HTTP/1.1 loginadsuscreen38ad60.square.site/uploads/b/f12e7020-606a-11ed-bfc5-b5942332a5f2/icon_180x180_ios_MjIxMz.png?width=180
IP 199.34.228.40:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1fa1baa5cdf663a450f792f474554abb
8c3785d966edc223aeb81d3466b708774c03baa0
2b8ab5a958501c917206f247841e19baff5643013591e8ed74fd40a63547678d
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET /uploads/b/f12e7020-606a-11ed-bfc5-b5942332a5f2/icon_180x180_ios_MjIxMz.png?width=180 HTTP/1.1
Host: loginadsuscreen38ad60.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6ImVjbktZY2l4dkUrZWFpS09zUmJneVE9PSIsInZhbHVlIjoianJTOFF5cTYwMkx3bTZZWkpDZ0Nzak1WdUdxSmx1cE1aRHNxanFpb0FCek4xT215bklvaE1lQmN4OGp0SmFLSjJmZDE0XC9DR0dhSzV4d1F6eVVQbUdVUktWSHM2aWVGcUEyZnNOb1JOVXc3aEJ4eXBcL1BFUjZEN0dSN0NzeGVzQyIsIm1hYyI6IjlkMjk4Y2UwOGQ4OGJlMjVmN2M1NWEwODhlZmVmMDk3ODE0OTQzNGFiOGZkNWI0NDI2MjU1NTdjZTI5NjYwMGYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IlwvYms5bHpVbnpiWUQyMUtHT0tsc1hnPT0iLCJ2YWx1ZSI6Ikdkb0FhenZJQzd3dzNZMEpFTzdlTHE3M1lnRytkQXNqaW9hMWZZSzV5djhQdFAwRmcrOCtTYXRRRHZmSDVEWGgrSFFlcGpLM1NyeVBCaFM4TlREMWNQOFJ0M1pRa2x4Y2dZczRyOXErNW9kT2VyVXF1dXZuK0RWZXQ1VTFZZXhBIiwibWFjIjoiNzQwZGVjYzhiNWIxMDg3NjU5MjcwOGFhZjU3YzhjNmU2ZjEwMjEyZWU2OGYzYzNmNmM3ZTYxNjMxMmY5NjQ3ZCJ9; PublishedSiteSession=eyJpdiI6Im82MmM0MkRGVnF6Wm1Fd2swSSt0cWc9PSIsInZhbHVlIjoiWFFSSjFWb0taaURVZ1NwZVlZSGxhcTQxTU1TaEE4bEk1ajdzU3pNdVVxREdJeSszVXE0K1hkUHpTNW1hejhUZ1NWdkRxaDNGN2poTnJGTURSTEw2dzFFWlY2cnRcLzZBWmpZVHRLS0V1WkN5VkxKOTlSXC9yODhMSUNlRjdSVlY0WSIsIm1hYyI6Ijg0YmZjM2FjOTQ2MjFkYTAwMDA4OGY2ZjMyZDNmZjI3MjM1Y2VhNGRjNTU1NjE2NmZjODAyN2U2YTk0ZDZhNGMifQ%3D%3D; _snow_ses.1c6f=*; _snow_id.1c6f=c92292cb-5b1a-4e37-bdab-1aadc6868caa.1668093207.1.1668093207.1668093207.a919dc25-ef43-4207-aecd-c30ce8e5513b; _dd_s=rum=1&id=7d2f8d32-b1e5-4471-937c-f568cfd3808f&created=1668093207556&expire=1668094107556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 15:13:32 GMT
Content-Type: image/webp
Content-Length: 1196
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "XsTLQJ9LtXyrv0GKeDZfkFravvqMvz5Qd7Ku9oSX41I"
Fastly-Io-Info: ifsz=2060 idim=180x180 ifmt=png ofsz=1196 odim=180x180 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx00000000000002d9cb182-00636d0418-c67eadd-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: z5210
X-Storage-Object: 52106c6e00fd411a769064c9c0c18ef6d60a78a9719c491da1bf689e6691f150
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 3130
X-Served-By: cache-sjc10038-SJC, cache-pao17422-PAO
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
X-Timer: S1668093212.235433,VS0,VE1
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu76.sf2p.intern.weebly.net
loginadsuscreen38ad60.square.site/app/website/cms/api/v1/users/143801093/customers/coordinates
199.34.228.40200 OK 70 B URL HTTP/1.1 loginadsuscreen38ad60.square.site/app/website/cms/api/v1/users/143801093/customers/coordinates
IP 199.34.228.40:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9752b06c768724a72741cf9388713596
3c05993fc47e53d1edaa9c03779565a7753f3a61
1d97b677c782c9ae57c8b4dcb6afd88a8068ea3cd133a00cf1050dfe0b4d835c
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET /app/website/cms/api/v1/users/143801093/customers/coordinates HTTP/1.1
Host: loginadsuscreen38ad60.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IlwvYms5bHpVbnpiWUQyMUtHT0tsc1hnPT0iLCJ2YWx1ZSI6Ikdkb0FhenZJQzd3dzNZMEpFTzdlTHE3M1lnRytkQXNqaW9hMWZZSzV5djhQdFAwRmcrOCtTYXRRRHZmSDVEWGgrSFFlcGpLM1NyeVBCaFM4TlREMWNQOFJ0M1pRa2x4Y2dZczRyOXErNW9kT2VyVXF1dXZuK0RWZXQ1VTFZZXhBIiwibWFjIjoiNzQwZGVjYzhiNWIxMDg3NjU5MjcwOGFhZjU3YzhjNmU2ZjEwMjEyZWU2OGYzYzNmNmM3ZTYxNjMxMmY5NjQ3ZCJ9
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6ImVjbktZY2l4dkUrZWFpS09zUmJneVE9PSIsInZhbHVlIjoianJTOFF5cTYwMkx3bTZZWkpDZ0Nzak1WdUdxSmx1cE1aRHNxanFpb0FCek4xT215bklvaE1lQmN4OGp0SmFLSjJmZDE0XC9DR0dhSzV4d1F6eVVQbUdVUktWSHM2aWVGcUEyZnNOb1JOVXc3aEJ4eXBcL1BFUjZEN0dSN0NzeGVzQyIsIm1hYyI6IjlkMjk4Y2UwOGQ4OGJlMjVmN2M1NWEwODhlZmVmMDk3ODE0OTQzNGFiOGZkNWI0NDI2MjU1NTdjZTI5NjYwMGYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IlwvYms5bHpVbnpiWUQyMUtHT0tsc1hnPT0iLCJ2YWx1ZSI6Ikdkb0FhenZJQzd3dzNZMEpFTzdlTHE3M1lnRytkQXNqaW9hMWZZSzV5djhQdFAwRmcrOCtTYXRRRHZmSDVEWGgrSFFlcGpLM1NyeVBCaFM4TlREMWNQOFJ0M1pRa2x4Y2dZczRyOXErNW9kT2VyVXF1dXZuK0RWZXQ1VTFZZXhBIiwibWFjIjoiNzQwZGVjYzhiNWIxMDg3NjU5MjcwOGFhZjU3YzhjNmU2ZjEwMjEyZWU2OGYzYzNmNmM3ZTYxNjMxMmY5NjQ3ZCJ9; PublishedSiteSession=eyJpdiI6Im82MmM0MkRGVnF6Wm1Fd2swSSt0cWc9PSIsInZhbHVlIjoiWFFSSjFWb0taaURVZ1NwZVlZSGxhcTQxTU1TaEE4bEk1ajdzU3pNdVVxREdJeSszVXE0K1hkUHpTNW1hejhUZ1NWdkRxaDNGN2poTnJGTURSTEw2dzFFWlY2cnRcLzZBWmpZVHRLS0V1WkN5VkxKOTlSXC9yODhMSUNlRjdSVlY0WSIsIm1hYyI6Ijg0YmZjM2FjOTQ2MjFkYTAwMDA4OGY2ZjMyZDNmZjI3MjM1Y2VhNGRjNTU1NjE2NmZjODAyN2U2YTk0ZDZhNGMifQ%3D%3D; _snow_ses.1c6f=*; _snow_id.1c6f=c92292cb-5b1a-4e37-bdab-1aadc6868caa.1668093207.1.1668093207.1668093207.a919dc25-ef43-4207-aecd-c30ce8e5513b; _dd_s=rum=1&id=7d2f8d32-b1e5-4471-937c-f568cfd3808f&created=1668093207556&expire=1668094107556
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Thu, 10 Nov 2022 15:13:32 GMT
Set-Cookie: websitespring-xsrf=eyJpdiI6ImRycmlyV0hMMVI1SDdsWnV1V0UyUHc9PSIsInZhbHVlIjoiU0p0MlltOUp1R291Zlo5emZsbWg4ZE5ZVmd5RmJVTjdMa24zQlwvZWJwM01FbDhPZk1FdkVXdEVib0xndDJ0XC80NWw4N2dPcVB6Z2x0V254NXd2T25KZ2piSmdxV0lIeWRHNkxuT2NNbEJ2WlNrY2hsWDdoOW9PU1ZVYjFVRVFkUiIsIm1hYyI6IjQwODM5YzFjZTU4YmI0MTYxNWViYmRlZmI1Nzc4Njk1MDQ0ODY4MDM5ZGIxNTJlNTQwZTE1YzQxYTBhNjQ4ZDAifQ%3D%3D; expires=Thu, 24-Nov-2022 15:13:32 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IllpOVFqSFpNUEdncllIT1Y5T1N6UHc9PSIsInZhbHVlIjoidTE2NFRzRDNlb0N3WFR0K3RqNUtaTVNIVkYzaW0wSlJvcUdHcWVFYzRQSWNsSm1UTHNoVXFmR0VLTXM2eHFXK1wvZWt5STQ3eVp3T3pCK1NKN2wzTnFKTk1qT1RrSnkxcnc4Y1JtazBrQWhYbE1xTzc0amNCUkVFWGtRUVRqTzFXIiwibWFjIjoiZTgyYTliYzUzYmJiMWEyNTBkNGUxN2VlOGZiOWIxYWMyOGQ0ZWVlZDRhNGI4YzU3NDA1YTFkMjRlYWMyODM3YyJ9; expires=Thu, 24-Nov-2022 15:13:32 GMT; Max-Age=1209600; path=/
X-Host: blu42.sf2p.intern.weebly.net
X-Revision: 09db0b9815d1fe8dac449ecc2a7da2c932739637
X-Request-ID: 375117c3c89c6693146b921f4f00fe4e
Content-Encoding: gzip
loginadsuscreen38ad60.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
199.34.228.40200 OK 201 B URL HTTP/1.1 loginadsuscreen38ad60.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
IP 199.34.228.40:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bbf985fd86ef8add09a38860a98def2f
2804fa968da1e1b8be4b6f150438e45f4150d3c0
236153652c6f09415db4ee8f8b9a98827da5987a001a136d94d87f401ef6f160
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments] HTTP/1.1
Host: loginadsuscreen38ad60.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6IlwvYms5bHpVbnpiWUQyMUtHT0tsc1hnPT0iLCJ2YWx1ZSI6Ikdkb0FhenZJQzd3dzNZMEpFTzdlTHE3M1lnRytkQXNqaW9hMWZZSzV5djhQdFAwRmcrOCtTYXRRRHZmSDVEWGgrSFFlcGpLM1NyeVBCaFM4TlREMWNQOFJ0M1pRa2x4Y2dZczRyOXErNW9kT2VyVXF1dXZuK0RWZXQ1VTFZZXhBIiwibWFjIjoiNzQwZGVjYzhiNWIxMDg3NjU5MjcwOGFhZjU3YzhjNmU2ZjEwMjEyZWU2OGYzYzNmNmM3ZTYxNjMxMmY5NjQ3ZCJ9
Content-Length: 83
Origin: https://loginadsuscreen38ad60.square.site
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6ImVjbktZY2l4dkUrZWFpS09zUmJneVE9PSIsInZhbHVlIjoianJTOFF5cTYwMkx3bTZZWkpDZ0Nzak1WdUdxSmx1cE1aRHNxanFpb0FCek4xT215bklvaE1lQmN4OGp0SmFLSjJmZDE0XC9DR0dhSzV4d1F6eVVQbUdVUktWSHM2aWVGcUEyZnNOb1JOVXc3aEJ4eXBcL1BFUjZEN0dSN0NzeGVzQyIsIm1hYyI6IjlkMjk4Y2UwOGQ4OGJlMjVmN2M1NWEwODhlZmVmMDk3ODE0OTQzNGFiOGZkNWI0NDI2MjU1NTdjZTI5NjYwMGYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IlwvYms5bHpVbnpiWUQyMUtHT0tsc1hnPT0iLCJ2YWx1ZSI6Ikdkb0FhenZJQzd3dzNZMEpFTzdlTHE3M1lnRytkQXNqaW9hMWZZSzV5djhQdFAwRmcrOCtTYXRRRHZmSDVEWGgrSFFlcGpLM1NyeVBCaFM4TlREMWNQOFJ0M1pRa2x4Y2dZczRyOXErNW9kT2VyVXF1dXZuK0RWZXQ1VTFZZXhBIiwibWFjIjoiNzQwZGVjYzhiNWIxMDg3NjU5MjcwOGFhZjU3YzhjNmU2ZjEwMjEyZWU2OGYzYzNmNmM3ZTYxNjMxMmY5NjQ3ZCJ9; PublishedSiteSession=eyJpdiI6Im82MmM0MkRGVnF6Wm1Fd2swSSt0cWc9PSIsInZhbHVlIjoiWFFSSjFWb0taaURVZ1NwZVlZSGxhcTQxTU1TaEE4bEk1ajdzU3pNdVVxREdJeSszVXE0K1hkUHpTNW1hejhUZ1NWdkRxaDNGN2poTnJGTURSTEw2dzFFWlY2cnRcLzZBWmpZVHRLS0V1WkN5VkxKOTlSXC9yODhMSUNlRjdSVlY0WSIsIm1hYyI6Ijg0YmZjM2FjOTQ2MjFkYTAwMDA4OGY2ZjMyZDNmZjI3MjM1Y2VhNGRjNTU1NjE2NmZjODAyN2U2YTk0ZDZhNGMifQ%3D%3D; _snow_ses.1c6f=*; _snow_id.1c6f=c92292cb-5b1a-4e37-bdab-1aadc6868caa.1668093207.1.1668093207.1668093207.a919dc25-ef43-4207-aecd-c30ce8e5513b; _dd_s=rum=1&id=7d2f8d32-b1e5-4471-937c-f568cfd3808f&created=1668093207556&expire=1668094107556
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:13:32 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn125.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 201
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
cdn5.editmysite.com/app/store/api/v23/editor/users/143801093/sites/270864070205183307/store-locations?page=1&per_page=100&include=address&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1
151.101.85.46200 OK 1.3 kB URL HTTP/2 cdn5.editmysite.com/app/store/api/v23/editor/users/143801093/sites/270864070205183307/store-locations?page=1&per_page=100&include=address&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1
IP 151.101.85.46:0
File type JSON data\012- , ASCII text, with very long lines (3729), with no line terminators
Hash b6c12f011f6e224c981b8f411530a289
06ec8bbec6743dd200342a73b8fd6a031a76d265
67625731e5070d9e2e0d7feb2cc0685f354fe9cad90c7e44c61d330123de5585
GET /app/store/api/v23/editor/users/143801093/sites/270864070205183307/store-locations?page=1&per_page=100&include=address&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1 HTTP/1.1
Host: cdn5.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://loginadsuscreen38ad60.square.site
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/json
cache-control: s-maxage=604800
etag: W/"e98f866e7e93d1420bd6fdd4fef50ab2"
access-control-allow-methods: GET, HEAD
fullcache: m
x-revision: c8a52f2bc42159bcc3dd2dbff8d52aaf0736030a
x-request-id: a9d5bfaa9dc23c9230dc80dcc1efab52
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 10 Nov 2022 15:13:32 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668093212.377346,VS0,VE270
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1338
X-Firefox-Spdy: h2
loginadsuscreen38ad60.square.site/square.ico
199.34.228.40200 OK 6.5 kB URL HTTP/1.1 loginadsuscreen38ad60.square.site/square.ico
IP 199.34.228.40:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash d810985ef4dc1c0bd5811e36d13c8ca3
2b45bb77c68c937af6a2d9854dc82301526473aa
770e0889aefd823056c7cdbb066a445be0f0754c1b4d4cba877e120fdbcb63e6
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET /square.ico HTTP/1.1
Host: loginadsuscreen38ad60.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6ImVjbktZY2l4dkUrZWFpS09zUmJneVE9PSIsInZhbHVlIjoianJTOFF5cTYwMkx3bTZZWkpDZ0Nzak1WdUdxSmx1cE1aRHNxanFpb0FCek4xT215bklvaE1lQmN4OGp0SmFLSjJmZDE0XC9DR0dhSzV4d1F6eVVQbUdVUktWSHM2aWVGcUEyZnNOb1JOVXc3aEJ4eXBcL1BFUjZEN0dSN0NzeGVzQyIsIm1hYyI6IjlkMjk4Y2UwOGQ4OGJlMjVmN2M1NWEwODhlZmVmMDk3ODE0OTQzNGFiOGZkNWI0NDI2MjU1NTdjZTI5NjYwMGYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IlwvYms5bHpVbnpiWUQyMUtHT0tsc1hnPT0iLCJ2YWx1ZSI6Ikdkb0FhenZJQzd3dzNZMEpFTzdlTHE3M1lnRytkQXNqaW9hMWZZSzV5djhQdFAwRmcrOCtTYXRRRHZmSDVEWGgrSFFlcGpLM1NyeVBCaFM4TlREMWNQOFJ0M1pRa2x4Y2dZczRyOXErNW9kT2VyVXF1dXZuK0RWZXQ1VTFZZXhBIiwibWFjIjoiNzQwZGVjYzhiNWIxMDg3NjU5MjcwOGFhZjU3YzhjNmU2ZjEwMjEyZWU2OGYzYzNmNmM3ZTYxNjMxMmY5NjQ3ZCJ9; PublishedSiteSession=eyJpdiI6Im82MmM0MkRGVnF6Wm1Fd2swSSt0cWc9PSIsInZhbHVlIjoiWFFSSjFWb0taaURVZ1NwZVlZSGxhcTQxTU1TaEE4bEk1ajdzU3pNdVVxREdJeSszVXE0K1hkUHpTNW1hejhUZ1NWdkRxaDNGN2poTnJGTURSTEw2dzFFWlY2cnRcLzZBWmpZVHRLS0V1WkN5VkxKOTlSXC9yODhMSUNlRjdSVlY0WSIsIm1hYyI6Ijg0YmZjM2FjOTQ2MjFkYTAwMDA4OGY2ZjMyZDNmZjI3MjM1Y2VhNGRjNTU1NjE2NmZjODAyN2U2YTk0ZDZhNGMifQ%3D%3D; _snow_ses.1c6f=*; _snow_id.1c6f=c92292cb-5b1a-4e37-bdab-1aadc6868caa.1668093207.1.1668093207.1668093207.a919dc25-ef43-4207-aecd-c30ce8e5513b; _dd_s=rum=1&id=7d2f8d32-b1e5-4471-937c-f568cfd3808f&created=1668093207556&expire=1668094107556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 15:13:32 GMT
Content-Type: image/x-icon
Content-Length: 6518
Connection: keep-alive
Last-Modified: Tue, 02 Apr 2019 14:51:59 GMT
x-rgw-object-type: Normal
ETag: "d810985ef4dc1c0bd5811e36d13c8ca3"
x-amz-request-id: tx000000000000001ac6ae5-00628473fa-b9fbc64-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu142.sf2p.intern.weebly.net
X-Revision: 09db0b9815d1fe8dac449ecc2a7da2c932739637
X-Request-ID: e7391cfe228205601bf67e19cdb8ef8b
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 2392
Origin: https://loginadsuscreen38ad60.square.site
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Cookie: sp=cdf7d7d1-c3f6-46d2-b632-b50632531b14
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 15:13:32 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=cdf7d7d1-c3f6-46d2-b632-b50632531b14; Expires=Fri, 10 Nov 2023 15:13:32 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://loginadsuscreen38ad60.square.site
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ebe6e6121fb51729e2663a5890ba1e36
daeeda991c31af1364d633739bfd70ebab8c7d4c
68fad581d49d2ee5855dd579dc1676dae9ff9880ccc21225c50bc3853f4b14a5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5102
Cache-Control: max-age=150489
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 15:13:33 GMT
Etag: "636caa08-1d7"
Expires: Sat, 12 Nov 2022 09:01:42 GMT
Last-Modified: Thu, 10 Nov 2022 07:36:40 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1851
Origin: https://loginadsuscreen38ad60.square.site
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Cookie: sp=cdf7d7d1-c3f6-46d2-b632-b50632531b14
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 15:13:33 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=cdf7d7d1-c3f6-46d2-b632-b50632531b14; Expires=Fri, 10 Nov 2023 15:13:33 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://loginadsuscreen38ad60.square.site
access-control-allow-credentials: true
X-Firefox-Spdy: h2
loginadsuscreen38ad60.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
199.34.228.40200 OK 182 B URL HTTP/1.1 loginadsuscreen38ad60.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
IP 199.34.228.40:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6f6b6b81dd3714cd388808342e960a10
f34bc92a2c7a4dfe56bd6f069ad601e6a61e3b61
2eb22bb7b96aaee11236fcf99e822ede29d3a2ddf2d6f019bb70005b5a1540ef
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder] HTTP/1.1
Host: loginadsuscreen38ad60.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6IllpOVFqSFpNUEdncllIT1Y5T1N6UHc9PSIsInZhbHVlIjoidTE2NFRzRDNlb0N3WFR0K3RqNUtaTVNIVkYzaW0wSlJvcUdHcWVFYzRQSWNsSm1UTHNoVXFmR0VLTXM2eHFXK1wvZWt5STQ3eVp3T3pCK1NKN2wzTnFKTk1qT1RrSnkxcnc4Y1JtazBrQWhYbE1xTzc0amNCUkVFWGtRUVRqTzFXIiwibWFjIjoiZTgyYTliYzUzYmJiMWEyNTBkNGUxN2VlOGZiOWIxYWMyOGQ0ZWVlZDRhNGI4YzU3NDA1YTFkMjRlYWMyODM3YyJ9
Content-Length: 89
Origin: https://loginadsuscreen38ad60.square.site
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6ImVjbktZY2l4dkUrZWFpS09zUmJneVE9PSIsInZhbHVlIjoianJTOFF5cTYwMkx3bTZZWkpDZ0Nzak1WdUdxSmx1cE1aRHNxanFpb0FCek4xT215bklvaE1lQmN4OGp0SmFLSjJmZDE0XC9DR0dhSzV4d1F6eVVQbUdVUktWSHM2aWVGcUEyZnNOb1JOVXc3aEJ4eXBcL1BFUjZEN0dSN0NzeGVzQyIsIm1hYyI6IjlkMjk4Y2UwOGQ4OGJlMjVmN2M1NWEwODhlZmVmMDk3ODE0OTQzNGFiOGZkNWI0NDI2MjU1NTdjZTI5NjYwMGYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IllpOVFqSFpNUEdncllIT1Y5T1N6UHc9PSIsInZhbHVlIjoidTE2NFRzRDNlb0N3WFR0K3RqNUtaTVNIVkYzaW0wSlJvcUdHcWVFYzRQSWNsSm1UTHNoVXFmR0VLTXM2eHFXK1wvZWt5STQ3eVp3T3pCK1NKN2wzTnFKTk1qT1RrSnkxcnc4Y1JtazBrQWhYbE1xTzc0amNCUkVFWGtRUVRqTzFXIiwibWFjIjoiZTgyYTliYzUzYmJiMWEyNTBkNGUxN2VlOGZiOWIxYWMyOGQ0ZWVlZDRhNGI4YzU3NDA1YTFkMjRlYWMyODM3YyJ9; PublishedSiteSession=eyJpdiI6Im82MmM0MkRGVnF6Wm1Fd2swSSt0cWc9PSIsInZhbHVlIjoiWFFSSjFWb0taaURVZ1NwZVlZSGxhcTQxTU1TaEE4bEk1ajdzU3pNdVVxREdJeSszVXE0K1hkUHpTNW1hejhUZ1NWdkRxaDNGN2poTnJGTURSTEw2dzFFWlY2cnRcLzZBWmpZVHRLS0V1WkN5VkxKOTlSXC9yODhMSUNlRjdSVlY0WSIsIm1hYyI6Ijg0YmZjM2FjOTQ2MjFkYTAwMDA4OGY2ZjMyZDNmZjI3MjM1Y2VhNGRjNTU1NjE2NmZjODAyN2U2YTk0ZDZhNGMifQ%3D%3D; _snow_ses.1c6f=*; _snow_id.1c6f=c92292cb-5b1a-4e37-bdab-1aadc6868caa.1668093207.1.1668093209.1668093207.a919dc25-ef43-4207-aecd-c30ce8e5513b; _dd_s=rum=1&id=7d2f8d32-b1e5-4471-937c-f568cfd3808f&created=1668093207556&expire=1668094107556; websitespring-xsrf=eyJpdiI6ImRycmlyV0hMMVI1SDdsWnV1V0UyUHc9PSIsInZhbHVlIjoiU0p0MlltOUp1R291Zlo5emZsbWg4ZE5ZVmd5RmJVTjdMa24zQlwvZWJwM01FbDhPZk1FdkVXdEVib0xndDJ0XC80NWw4N2dPcVB6Z2x0V254NXd2T25KZ2piSmdxV0lIeWRHNkxuT2NNbEJ2WlNrY2hsWDdoOW9PU1ZVYjFVRVFkUiIsIm1hYyI6IjQwODM5YzFjZTU4YmI0MTYxNWViYmRlZmI1Nzc4Njk1MDQ0ODY4MDM5ZGIxNTJlNTQwZTE1YzQxYTBhNjQ4ZDAifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:13:33 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu81.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 182
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
loginadsuscreen38ad60.square.site/uploads/b/484b1f92104ad47e16830bc4f66dc172bbd0ee1be019dd8238d454d52e8486c2/att%20g_1668025075.png?width=400
199.34.228.40200 OK 3.6 kB URL HTTP/1.1 loginadsuscreen38ad60.square.site/uploads/b/484b1f92104ad47e16830bc4f66dc172bbd0ee1be019dd8238d454d52e8486c2/att%20g_1668025075.png?width=400
IP 199.34.228.40:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5e34d4a472aa1de22a69cf21aa12dccb
84448dc2a0891b9667a1bc3a3dd8f96c633db089
173adf59c49cb4546d4ee4f5b79a1123830853638c84e0d16872bcbbfe464d4f
GET /uploads/b/484b1f92104ad47e16830bc4f66dc172bbd0ee1be019dd8238d454d52e8486c2/att%20g_1668025075.png?width=400 HTTP/1.1
Host: loginadsuscreen38ad60.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6ImVjbktZY2l4dkUrZWFpS09zUmJneVE9PSIsInZhbHVlIjoianJTOFF5cTYwMkx3bTZZWkpDZ0Nzak1WdUdxSmx1cE1aRHNxanFpb0FCek4xT215bklvaE1lQmN4OGp0SmFLSjJmZDE0XC9DR0dhSzV4d1F6eVVQbUdVUktWSHM2aWVGcUEyZnNOb1JOVXc3aEJ4eXBcL1BFUjZEN0dSN0NzeGVzQyIsIm1hYyI6IjlkMjk4Y2UwOGQ4OGJlMjVmN2M1NWEwODhlZmVmMDk3ODE0OTQzNGFiOGZkNWI0NDI2MjU1NTdjZTI5NjYwMGYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IllpOVFqSFpNUEdncllIT1Y5T1N6UHc9PSIsInZhbHVlIjoidTE2NFRzRDNlb0N3WFR0K3RqNUtaTVNIVkYzaW0wSlJvcUdHcWVFYzRQSWNsSm1UTHNoVXFmR0VLTXM2eHFXK1wvZWt5STQ3eVp3T3pCK1NKN2wzTnFKTk1qT1RrSnkxcnc4Y1JtazBrQWhYbE1xTzc0amNCUkVFWGtRUVRqTzFXIiwibWFjIjoiZTgyYTliYzUzYmJiMWEyNTBkNGUxN2VlOGZiOWIxYWMyOGQ0ZWVlZDRhNGI4YzU3NDA1YTFkMjRlYWMyODM3YyJ9; PublishedSiteSession=eyJpdiI6Im82MmM0MkRGVnF6Wm1Fd2swSSt0cWc9PSIsInZhbHVlIjoiWFFSSjFWb0taaURVZ1NwZVlZSGxhcTQxTU1TaEE4bEk1ajdzU3pNdVVxREdJeSszVXE0K1hkUHpTNW1hejhUZ1NWdkRxaDNGN2poTnJGTURSTEw2dzFFWlY2cnRcLzZBWmpZVHRLS0V1WkN5VkxKOTlSXC9yODhMSUNlRjdSVlY0WSIsIm1hYyI6Ijg0YmZjM2FjOTQ2MjFkYTAwMDA4OGY2ZjMyZDNmZjI3MjM1Y2VhNGRjNTU1NjE2NmZjODAyN2U2YTk0ZDZhNGMifQ%3D%3D; _snow_ses.1c6f=*; _snow_id.1c6f=c92292cb-5b1a-4e37-bdab-1aadc6868caa.1668093207.1.1668093209.1668093207.a919dc25-ef43-4207-aecd-c30ce8e5513b; _dd_s=rum=1&id=7d2f8d32-b1e5-4471-937c-f568cfd3808f&created=1668093207556&expire=1668094107556; websitespring-xsrf=eyJpdiI6ImRycmlyV0hMMVI1SDdsWnV1V0UyUHc9PSIsInZhbHVlIjoiU0p0MlltOUp1R291Zlo5emZsbWg4ZE5ZVmd5RmJVTjdMa24zQlwvZWJwM01FbDhPZk1FdkVXdEVib0xndDJ0XC80NWw4N2dPcVB6Z2x0V254NXd2T25KZ2piSmdxV0lIeWRHNkxuT2NNbEJ2WlNrY2hsWDdoOW9PU1ZVYjFVRVFkUiIsIm1hYyI6IjQwODM5YzFjZTU4YmI0MTYxNWViYmRlZmI1Nzc4Njk1MDQ0ODY4MDM5ZGIxNTJlNTQwZTE1YzQxYTBhNjQ4ZDAifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 15:13:33 GMT
Content-Type: image/webp
Content-Length: 3580
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "TZl/gZOnHgTmakCcYpFtwEGgq3mDcCFFWGgUbyjsMP8"
Fastly-Io-Info: ifsz=4562 idim=350x144 ifmt=png ofsz=3580 odim=350x144 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx000000000000023fba258-0062fa525d-c03521c-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: z288e
X-Storage-Object: 288edb7129b8e3fbf69bf52491fc22aaea4a2b4161cf1916033dc2e461b62551
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 3130
X-Served-By: cache-sjc10083-SJC, cache-pao17454-PAO
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
X-Timer: S1668093213.114542,VS0,VE1
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu76.sf2p.intern.weebly.net
loginadsuscreen38ad60.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
199.34.228.40200 OK 79 B URL HTTP/1.1 loginadsuscreen38ad60.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
IP 199.34.228.40:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 26e70d9925604cbe0c7e866fc54d87f4
ef5b3fb91cf2534cbf57806d14b21f0a5ae5c259
c0e7b562566962eced45cdf3319b692c55f3df7c3c6d39436a9d21bae2d2e049
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable] HTTP/1.1
Host: loginadsuscreen38ad60.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6IllpOVFqSFpNUEdncllIT1Y5T1N6UHc9PSIsInZhbHVlIjoidTE2NFRzRDNlb0N3WFR0K3RqNUtaTVNIVkYzaW0wSlJvcUdHcWVFYzRQSWNsSm1UTHNoVXFmR0VLTXM2eHFXK1wvZWt5STQ3eVp3T3pCK1NKN2wzTnFKTk1qT1RrSnkxcnc4Y1JtazBrQWhYbE1xTzc0amNCUkVFWGtRUVRqTzFXIiwibWFjIjoiZTgyYTliYzUzYmJiMWEyNTBkNGUxN2VlOGZiOWIxYWMyOGQ0ZWVlZDRhNGI4YzU3NDA1YTFkMjRlYWMyODM3YyJ9
Content-Length: 77
Origin: https://loginadsuscreen38ad60.square.site
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6ImVjbktZY2l4dkUrZWFpS09zUmJneVE9PSIsInZhbHVlIjoianJTOFF5cTYwMkx3bTZZWkpDZ0Nzak1WdUdxSmx1cE1aRHNxanFpb0FCek4xT215bklvaE1lQmN4OGp0SmFLSjJmZDE0XC9DR0dhSzV4d1F6eVVQbUdVUktWSHM2aWVGcUEyZnNOb1JOVXc3aEJ4eXBcL1BFUjZEN0dSN0NzeGVzQyIsIm1hYyI6IjlkMjk4Y2UwOGQ4OGJlMjVmN2M1NWEwODhlZmVmMDk3ODE0OTQzNGFiOGZkNWI0NDI2MjU1NTdjZTI5NjYwMGYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IllpOVFqSFpNUEdncllIT1Y5T1N6UHc9PSIsInZhbHVlIjoidTE2NFRzRDNlb0N3WFR0K3RqNUtaTVNIVkYzaW0wSlJvcUdHcWVFYzRQSWNsSm1UTHNoVXFmR0VLTXM2eHFXK1wvZWt5STQ3eVp3T3pCK1NKN2wzTnFKTk1qT1RrSnkxcnc4Y1JtazBrQWhYbE1xTzc0amNCUkVFWGtRUVRqTzFXIiwibWFjIjoiZTgyYTliYzUzYmJiMWEyNTBkNGUxN2VlOGZiOWIxYWMyOGQ0ZWVlZDRhNGI4YzU3NDA1YTFkMjRlYWMyODM3YyJ9; PublishedSiteSession=eyJpdiI6Im82MmM0MkRGVnF6Wm1Fd2swSSt0cWc9PSIsInZhbHVlIjoiWFFSSjFWb0taaURVZ1NwZVlZSGxhcTQxTU1TaEE4bEk1ajdzU3pNdVVxREdJeSszVXE0K1hkUHpTNW1hejhUZ1NWdkRxaDNGN2poTnJGTURSTEw2dzFFWlY2cnRcLzZBWmpZVHRLS0V1WkN5VkxKOTlSXC9yODhMSUNlRjdSVlY0WSIsIm1hYyI6Ijg0YmZjM2FjOTQ2MjFkYTAwMDA4OGY2ZjMyZDNmZjI3MjM1Y2VhNGRjNTU1NjE2NmZjODAyN2U2YTk0ZDZhNGMifQ%3D%3D; _snow_ses.1c6f=*; _snow_id.1c6f=c92292cb-5b1a-4e37-bdab-1aadc6868caa.1668093207.1.1668093209.1668093207.a919dc25-ef43-4207-aecd-c30ce8e5513b; _dd_s=rum=1&id=7d2f8d32-b1e5-4471-937c-f568cfd3808f&created=1668093207556&expire=1668094107556; websitespring-xsrf=eyJpdiI6ImRycmlyV0hMMVI1SDdsWnV1V0UyUHc9PSIsInZhbHVlIjoiU0p0MlltOUp1R291Zlo5emZsbWg4ZE5ZVmd5RmJVTjdMa24zQlwvZWJwM01FbDhPZk1FdkVXdEVib0xndDJ0XC80NWw4N2dPcVB6Z2x0V254NXd2T25KZ2piSmdxV0lIeWRHNkxuT2NNbEJ2WlNrY2hsWDdoOW9PU1ZVYjFVRVFkUiIsIm1hYyI6IjQwODM5YzFjZTU4YmI0MTYxNWViYmRlZmI1Nzc4Njk1MDQ0ODY4MDM5ZGIxNTJlNTQwZTE1YzQxYTBhNjQ4ZDAifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 15:13:33 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn69.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 79
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-09db0b9&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=2c65565c-bdc5-435b-bedc-a6f53f356af9&batch_time=1668093208920
3.233.153.128202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-09db0b9&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=2c65565c-bdc5-435b-bedc-a6f53f356af9&batch_time=1668093208920
IP 3.233.153.128:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2c77f81b516078bf101349442fe4ce3f
c946170792d6b1b4d07d00c4df1dd320df0e128c
0eb6d6e348aaa70480da038eaba8ebf588b2445718973c100e0632f6327b29b2
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-09db0b9&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=2c65565c-bdc5-435b-bedc-a6f53f356af9&batch_time=1668093208920 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15909
Origin: https://loginadsuscreen38ad60.square.site
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Thu, 10 Nov 2022 15:13:33 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-09db0b9&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=5041e2ee-f3ae-44d4-bc86-c6d1dab66578&batch_time=1668093209082
3.233.153.128202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-09db0b9&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=5041e2ee-f3ae-44d4-bc86-c6d1dab66578&batch_time=1668093209082
IP 3.233.153.128:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8309e5b1135aeebf897719c0246dc305
2fa4df4c5b03572c6d0e84a556cbc8b8a776c485
6d8bf10ffc58829224a4fbb35e9143acbe7bf662ef1daf098c8497606ae73248
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-09db0b9&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=5041e2ee-f3ae-44d4-bc86-c6d1dab66578&batch_time=1668093209082 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15975
Origin: https://loginadsuscreen38ad60.square.site
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Thu, 10 Nov 2022 15:13:33 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
loginadsuscreen38ad60.square.site/app/website/square.ico
199.34.228.40200 OK 6.5 kB URL HTTP/1.1 loginadsuscreen38ad60.square.site/app/website/square.ico
IP 199.34.228.40:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash d810985ef4dc1c0bd5811e36d13c8ca3
2b45bb77c68c937af6a2d9854dc82301526473aa
770e0889aefd823056c7cdbb066a445be0f0754c1b4d4cba877e120fdbcb63e6
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET /app/website/square.ico HTTP/1.1
Host: loginadsuscreen38ad60.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6ImVjbktZY2l4dkUrZWFpS09zUmJneVE9PSIsInZhbHVlIjoianJTOFF5cTYwMkx3bTZZWkpDZ0Nzak1WdUdxSmx1cE1aRHNxanFpb0FCek4xT215bklvaE1lQmN4OGp0SmFLSjJmZDE0XC9DR0dhSzV4d1F6eVVQbUdVUktWSHM2aWVGcUEyZnNOb1JOVXc3aEJ4eXBcL1BFUjZEN0dSN0NzeGVzQyIsIm1hYyI6IjlkMjk4Y2UwOGQ4OGJlMjVmN2M1NWEwODhlZmVmMDk3ODE0OTQzNGFiOGZkNWI0NDI2MjU1NTdjZTI5NjYwMGYifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IllpOVFqSFpNUEdncllIT1Y5T1N6UHc9PSIsInZhbHVlIjoidTE2NFRzRDNlb0N3WFR0K3RqNUtaTVNIVkYzaW0wSlJvcUdHcWVFYzRQSWNsSm1UTHNoVXFmR0VLTXM2eHFXK1wvZWt5STQ3eVp3T3pCK1NKN2wzTnFKTk1qT1RrSnkxcnc4Y1JtazBrQWhYbE1xTzc0amNCUkVFWGtRUVRqTzFXIiwibWFjIjoiZTgyYTliYzUzYmJiMWEyNTBkNGUxN2VlOGZiOWIxYWMyOGQ0ZWVlZDRhNGI4YzU3NDA1YTFkMjRlYWMyODM3YyJ9; PublishedSiteSession=eyJpdiI6Im82MmM0MkRGVnF6Wm1Fd2swSSt0cWc9PSIsInZhbHVlIjoiWFFSSjFWb0taaURVZ1NwZVlZSGxhcTQxTU1TaEE4bEk1ajdzU3pNdVVxREdJeSszVXE0K1hkUHpTNW1hejhUZ1NWdkRxaDNGN2poTnJGTURSTEw2dzFFWlY2cnRcLzZBWmpZVHRLS0V1WkN5VkxKOTlSXC9yODhMSUNlRjdSVlY0WSIsIm1hYyI6Ijg0YmZjM2FjOTQ2MjFkYTAwMDA4OGY2ZjMyZDNmZjI3MjM1Y2VhNGRjNTU1NjE2NmZjODAyN2U2YTk0ZDZhNGMifQ%3D%3D; _snow_ses.1c6f=*; _snow_id.1c6f=c92292cb-5b1a-4e37-bdab-1aadc6868caa.1668093207.1.1668093209.1668093207.a919dc25-ef43-4207-aecd-c30ce8e5513b; _dd_s=rum=1&id=7d2f8d32-b1e5-4471-937c-f568cfd3808f&created=1668093207556&expire=1668094107556; websitespring-xsrf=eyJpdiI6ImRycmlyV0hMMVI1SDdsWnV1V0UyUHc9PSIsInZhbHVlIjoiU0p0MlltOUp1R291Zlo5emZsbWg4ZE5ZVmd5RmJVTjdMa24zQlwvZWJwM01FbDhPZk1FdkVXdEVib0xndDJ0XC80NWw4N2dPcVB6Z2x0V254NXd2T25KZ2piSmdxV0lIeWRHNkxuT2NNbEJ2WlNrY2hsWDdoOW9PU1ZVYjFVRVFkUiIsIm1hYyI6IjQwODM5YzFjZTU4YmI0MTYxNWViYmRlZmI1Nzc4Njk1MDQ0ODY4MDM5ZGIxNTJlNTQwZTE1YzQxYTBhNjQ4ZDAifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 15:13:33 GMT
Content-Type: image/x-icon
Content-Length: 6518
Connection: keep-alive
Last-Modified: Tue, 02 Apr 2019 14:51:59 GMT
x-rgw-object-type: Normal
ETag: "d810985ef4dc1c0bd5811e36d13c8ca3"
x-amz-request-id: tx000000000000001aa728b-00628473fa-b9fbc7f-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu122.sf2p.intern.weebly.net
X-Revision: 09db0b9815d1fe8dac449ecc2a7da2c932739637
X-Request-ID: ae49f3e199ccec1e19a075c276b6f8ba
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c73f10e-9c01-44bd-95d2-c18ba845fe07.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c73f10e-9c01-44bd-95d2-c18ba845fe07.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2917b487c605eb7f53d20ff3b4fbfef0
5dd8989fb1129638361c16ad2a1fde93a4c4aafd
aaf620d791f23829e15a454b3faf5b47a0f00ff37ada91d6de5c62c322fe90ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c73f10e-9c01-44bd-95d2-c18ba845fe07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8875
x-amzn-requestid: 1374243f-4fd8-4405-8f8a-946a8f92c457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniEw2oAMFtfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-195c58a826eae13b58d21aa0;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MfDIK2PCS_o7UuNXVSNOb3YbR_P8vlF7xw75qf8WdbjRr8hzCVYu6A==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:46:28 GMT
age: 62830
etag: "5dd8989fb1129638361c16ad2a1fde93a4c4aafd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/wsnbn/snowday262.js
151.101.85.46200 OK 0 B URL HTTP/2 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP 151.101.85.46:0
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://loginadsuscreen38ad60.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 00:31:12 GMT
etag: "636af4d0-124fe"
expires: Thu, 24 Nov 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: grn91.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 10 Nov 2022 15:13:30 GMT
age: 23689
x-served-by: cache-sjc10061-SJC, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 49, 499
x-timer: S1668093211.899832,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25752
X-Firefox-Spdy: h2