r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6694
Expires: Sun, 27 Nov 2022 09:04:05 GMT
Date: Sun, 27 Nov 2022 07:12:31 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4038
Cache-Control: max-age=102355
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:12:31 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:38:26 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 06:17:36 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3295
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13619
Expires: Sun, 27 Nov 2022 10:59:30 GMT
Date: Sun, 27 Nov 2022 07:12:31 GMT
Connection: keep-alive
mail-109965.square.site/
199.34.228.39302 Found 370 B IP 199.34.228.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a07f46fe836545cf2e3a993375c05991
c0425ac65325c7a18548fd09f09aca8a0863fdf8
f18a082de45bfe730adad53c7c35adba9889cd68539adacce0c599c6c646a997
Analyzer Verdict Alert openphish BT Group plc
fortinet Phishing
GET / HTTP/1.1
Host: mail-109965.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Sun, 27 Nov 2022 07:12:31 GMT
Location: https://mail-109965.square.site
Set-Cookie: publishedsite-xsrf=eyJpdiI6IjN1K29rZlwvd3d5aUJ0SWN6TFVyWTVRPT0iLCJ2YWx1ZSI6InRTbDdVOTJ4TE1Zclh2SExIMzBqNnhHTmpTR1krZm5XNkMxRUxxUHA2bm4xXC8yR2tPQmRLS1g2TnU5c3lGYnR2WlFYUUdQTnNPK1wvZEkyQURmUWE4MnEyVDBncUNSblMwQmd3NklGY2NrM2VEYTNGK3ZEdUtxRWdqcnM0XC9zNGE5IiwibWFjIjoiZTQ2MjUyMGM1Y2Q1OTJkOTJjYzRkZWJkNTE1N2JkN2NkNDZlMGZhMWE3ZDUwODA5NzlhNDM0ZDQ3ZmY3N2NjNyJ9; expires=Sun, 11-Dec-2022 07:12:31 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IkFIMk5YVm1MSllJOVRraytpVHB3RlE9PSIsInZhbHVlIjoiYlFnRHNyVFdHU0NaMHFtYXlpbHJybkdBVU5NWWRPRXRiWjdpUDdnQnRSMnlheGRHakdVWXhja2FVbGNyMzBsYWQ0ZDBNYkFZTGVuelNGZGlxKyt2cGVhNFRwWWdVelA4XC9yYWlFbkh1ekR2Q08xWWNHbUtsWDM5ZDRFYWVhaHo4IiwibWFjIjoiN2U4MmRkOTliYjkxZmZkZTNlMTQyNTJlYzk2Y2VlNmRlYzUyZmRkYTljYWIxN2VkNmIzMWQ3NmY5Njk0ODI2ZCJ9; expires=Sun, 11-Dec-2022 07:12:31 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6IlwvUjlST2ZtOVcyWWNLK3R0RzVyRzdBPT0iLCJ2YWx1ZSI6ImdWWGxcL0hqWlF5YW5lNllHT1pcLzVRNGZJdHFmZU5oNUtyXC9HQ21lRWRcL3ZjdWtNRUlFM1ZJMVVYbjQxQ0o2TExhUWJKSFVPUHVKU0hcLzNxdFBVdEJXeGlRT2JBUWkrMWpwMERsd2U4YkZ6U3NsV1orUFRPa2syWUlIdldWQUJpekUiLCJtYWMiOiJlMDhiMmIwNWUzMDdkY2E0YTJmODk3YThiYTYwNDYyMWNkMjk1NDRhZGEyZmIxOTdjNzM3MTYwZDFhNmM2NTc4In0%3D; expires=Sun, 11-Dec-2022 07:12:31 GMT; Max-Age=1209600; path=/; httponly
X-Host: blu79.sf2p.intern.weebly.net
X-Revision: 8b6d9d887a47f8cceadf99cb849a3347de2cf18d
X-Request-ID: 966dd7f604655d247455e86c67ce347b
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: CcwUjnyr/KqUQZl9ynIXtbBPuVDrN1kZvib3YTnoT4EZfwb/ZbTZl7ol27omjVSEKkbacUIRIDc=
x-amz-request-id: 77ZCNNCJA0VYYBRJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 06:44:32 GMT
age: 1679
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 07:12:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 07:08:54 GMT
cache-control: public,max-age=3600
age: 218
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash fb70f93a930a515e710c906d7694b8a6
0ebbab2902243f75f8b84390528e1b72475b4bad
bdbfdd6e6623d96c3340a0f021e19ebe3c3fffb1bd974663ba1ae2af44569b16
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "BDBFDD6E6623D96C3340A0F021E19EBE3C3FFFB1BD974663BA1AE2AF44569B16"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3542
Expires: Sun, 27 Nov 2022 08:11:34 GMT
Date: Sun, 27 Nov 2022 07:12:32 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4633
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:12:32 GMT
Last-Modified: Sun, 27 Nov 2022 05:55:19 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
mail-109965.square.site/
199.34.228.40200 OK 9.3 kB IP 199.34.228.40:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (20702)
Hash 566eb762ecb05d336328a72c643d6808
fb96e2b41e3a66ea1b7b68e4c75683657b2aa72a
67ac1bd1f9bd954d6d868d038b1d66c7ada66d498f93b25f3e584c246e19274a
Analyzer Verdict Alert openphish BT Group plc
fortinet Phishing
GET / HTTP/1.1
Host: mail-109965.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sun, 27 Nov 2022 07:12:32 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6IlBuN08weGtGQTBRR2FSemRLeXZEeEE9PSIsInZhbHVlIjoidWJqMGJoeXpzUll6akRpUlU4ck5KZkpSZFpwWk55UENrMjdLRVhsZFdLTVVyeFNrRXpFUXFOUWNwQ2wyN0h4cE5ROGhHbytYdElPYzdTd3A5YWFrZ1lpbXFIUzhhVUdhajRuclZiY3BJYkxyQWNSSGtWRGxYWklUSHd5cFB1NkYiLCJtYWMiOiJhY2RiMzM4NDcwMmNmZjA4MTMyN2MyZjE4ZmE5NzE1YTY3NmQxOWE2MDVjODQ3NjI4NjY2MmY3ZTQwNTkwZjkwIn0%3D; expires=Sun, 11-Dec-2022 07:12:32 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IjV2TXk2YkJEOHkyT0dhbUlDYUg2NGc9PSIsInZhbHVlIjoiSWNteG1MZWRucDA0U0NaallYTkQyQ251QmRsT254UXJaSHQwU3pYQmg3WFBvd2FZM1FrVlVwR3Vsa09KMFhcL3dkOHM2aUpzTkFPWTFnalFmdk5yTFZNdnlQXC9mcmZZcGpNNHRDOU15RktBN3dmczhWc2JkTGVXZFFxWG1RelZ2biIsIm1hYyI6IjRlNWNmZTZmMzBiZDJlZTU5ZDAxODExZTcyMzRlNjViMGNkNTQ1YjczZDY2MWQzMDc1MjI5ZDA0YWI5YTIzNzYifQ%3D%3D; expires=Sun, 11-Dec-2022 07:12:32 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6ImduZFwvMFhqbGo4OHg1VzhJdkZEb2tnPT0iLCJ2YWx1ZSI6InZlS1lpSmNzc25uRzZhOHJRMkdBYmRLSitxVDNnblNrcVEyWWFRNUtnNERGVVlPYzEzRnpIUW5NamliSHI4NGVEZUpDSmpzVlNQd1M2NTVSV3lqQkh2STdWa1g0YVM4QXk2Mm1uNHJCbElpbXdFNGgwTlk2UTlGR1l0S1lhZWJNIiwibWFjIjoiMzY5YWEwYTg4NmJlYmI4OTEyN2ZjYTUxMmRkZjMwZWMzYmIyMTRhZjk3ZmQ0ZmYwODJhYWNiYWU2NGE4MTM2YyJ9; expires=Sun, 11-Dec-2022 07:12:32 GMT; Max-Age=1209600; path=/; httponly
X-Host: grn138.sf2p.intern.weebly.net
X-Revision: 8b6d9d887a47f8cceadf99cb849a3347de2cf18d
X-Request-ID: 461e46df441e9e1f9d46f4df43cf4362
Content-Encoding: gzip
push.services.mozilla.com/
52.39.94.191101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.94.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: q46DZbT/igMKE0t8EtAx1A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /AgZrmZLDjdU/m+db7GIvm3630A=
cdn2.editmysite.com/js/wsnbn/snowday262.js
151.101.85.46200 OK 26 kB URL HTTP/2 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (2512)
Hash 234327230add9a5a5d61a48829ea4565
7966cc0e4bd76f88ff193c8a99a067de804b7129
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-109965.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 18:03:15 GMT
etag: "637e6063-124fe"
expires: Thu, 08 Dec 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: grn145.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 07:12:32 GMT
age: 254031
x-served-by: cache-sjc10061-SJC, cache-bma1666-BMA
x-cache: HIT, HIT
x-cache-hits: 36, 2572
x-timer: S1669533153.749001,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25752
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/css/site.1212ec71ad4b7ff5f443.css
151.101.85.46200 OK 24 kB URL HTTP/2 cdn3.editmysite.com/app/website/css/site.1212ec71ad4b7ff5f443.css
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (64930), with no line terminators
Hash 95f18bd4635781a99daed1dd3de8adc1
ac08c18cc726deed47eb6b8f68ec3b5239a2fd91
ef25fa02ff6fba3fa3c90616e1ddbea7d9695867b40a81889074051552b7fff5
GET /app/website/css/site.1212ec71ad4b7ff5f443.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-109965.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Wed, 09 Nov 2022 21:23:11 GMT
x-rgw-object-type: Normal
etag: W/"c22f38a806467cd0cdff32ec647019f0"
x-amz-request-id: tx00000000000002d07c203-00636c1aa2-c67eadd-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 64414abb58e4acfdd0b6e55daa9d9489195edb4b
x-request-id: 463ecf92fd5e50a7617749451e59789e
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sun, 27 Nov 2022 07:12:32 GMT
via: 1.1 varnish
age: 1067310
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 11
x-timer: S1669533153.749174,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23817
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/css/wcko.577957259b9178e25575.css
151.101.85.46200 OK 23 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/css/wcko.577957259b9178e25575.css
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (64270), with no line terminators
Hash d4a7cac8be5683713ff6e8d0784011f2
e2a97aa958426f4a35d0428ba833ced0c6cc6042
286ee096d03d0f9e94833359780ff046c322ba1ea9be4a432a1ae6a89970ecb5
GET /app/checkout/assets/checkout/css/wcko.577957259b9178e25575.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-109965.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Wed, 09 Nov 2022 21:41:51 GMT
x-rgw-object-type: Normal
etag: W/"2a31fcbf4eb69762b720ec1ef08544e0"
x-amz-request-id: tx00000000000002d0bf7b3-00636c1f88-c67eadd-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sun, 27 Nov 2022 07:12:32 GMT
via: 1.1 varnish
age: 1502768
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 14
x-timer: S1669533153.749441,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22873
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
151.101.85.46200 OK 5.0 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (11882), with no line terminators
Hash 20a4e66f534b80396d40bbc4291b2172
d7c962996f2715d94483be2bf9b644c7185d7ec7
0f19e8ad1c9bd5ae2ae5141f31b4e491bb460558da0ac51cd402964e716880ac
GET /app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-109965.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Mar 2022 18:09:33 GMT
x-rgw-object-type: Normal
etag: W/"40372ca3b0cfa19f4e5d664243108364"
x-amz-request-id: tx00000000000005ce1aaac-0062434bb9-a9f1ce7-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sun, 27 Nov 2022 07:12:32 GMT
via: 1.1 varnish
age: 1057891
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 16
x-timer: S1669533153.754256,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4998
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/vue-modules.9bc3531c7b14b533b653.js
151.101.85.46200 OK 72 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/vue-modules.9bc3531c7b14b533b653.js
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (27432)
Hash f4b29141d74cfc31ae87b2379bf827c6
d3cecf2609cbc423e0a59e9cad96c96595fc550c
77ba93a6fbe46719dede0298898f4d896c073a42d0c093179615edf38f1fd0e5
GET /app/website/js/vue-modules.9bc3531c7b14b533b653.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-109965.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Mon, 24 Oct 2022 20:40:22 GMT
x-rgw-object-type: Normal
etag: W/"be42f69ec175a01b6e195526f58dae71"
x-amz-request-id: tx00000000000002109ab7c-006356f891-c695612-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/vue-modules.9bc3531c7b14b533b653.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 1d15aad34e0d20a973977ec67b3bf5090814a6cf
x-request-id: f2d07942d6e3e48efaf38632576a5abf
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sun, 27 Nov 2022 07:12:32 GMT
via: 1.1 varnish
age: 2090023
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 13
x-timer: S1669533153.754167,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 72192
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/runtime.804692d3761600aae434.js
151.101.85.46200 OK 25 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/runtime.804692d3761600aae434.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (50950)
Hash 3b60093f03d45e216f18b8d318e7d871
a6ce580f9ba25ef9188a8b88442da334336f27d7
179c3ed055b4d6728fcbb6d9ec17527d89711987880c89b1b34492b5d9c5034e
GET /app/website/js/runtime.804692d3761600aae434.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-109965.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Tue, 22 Nov 2022 21:36:59 GMT
x-rgw-object-type: Normal
etag: W/"80770f38983ca9114298689b2f771c1b"
x-amz-request-id: tx000000000000036fcbdf8-00637d4153-c6aed46-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/runtime.804692d3761600aae434.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 8b6d9d887a47f8cceadf99cb849a3347de2cf18d
x-request-id: de66cf5ce4d828ffa86ec169d38f2186
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sun, 27 Nov 2022 07:12:32 GMT
via: 1.1 varnish
age: 379915
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 14
x-timer: S1669533153.754166,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24966
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/site.8f328ad98fec9cda5623.js
151.101.85.46200 OK 624 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/site.8f328ad98fec9cda5623.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (50430)
Size 624 kB (623975 bytes)
Hash 535be035beccab2e29f494729228dc4b
d60eb0034b5f3a2b4a005070bee9507a5ee14746
541c8ccb46b1adbecbe40ddf1d075ba17b530a233a8cfd5413c3da9a2c8bc73e
GET /app/website/js/site.8f328ad98fec9cda5623.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-109965.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Tue, 22 Nov 2022 21:36:59 GMT
x-rgw-object-type: Normal
etag: W/"359b11869f7a104316adf383efc5bdee"
x-amz-request-id: tx0000000000000384172d7-00637d4150-c695612-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/site.8f328ad98fec9cda5623.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 8b6d9d887a47f8cceadf99cb849a3347de2cf18d
x-request-id: bf29b9340fd9be23a5d7dec7795fbd26
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sun, 27 Nov 2022 07:12:32 GMT
via: 1.1 varnish
age: 379916
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669533153.756060,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 623975
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.20.226:0
Hash 08088e9c1b319fbb8bb41df2e3c31d6a
c6f77015a289945b0c7dde112a9e611458c086a3
8ee83fd81a28a3bd4be642c083fde29f9893c731ee6ce81f9a97ddc0c35a8e67
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:12:32 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "32FA54D2FD5554AAFE21CADFF37B072B022AB404"
Expires: Sun, 27 Nov 2022 18:00:00 GMT
Last-Modified: Sun, 27 Nov 2022 06:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2931
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77090e5d6cff0b3d-OSL
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.20.226:0
Hash 08088e9c1b319fbb8bb41df2e3c31d6a
c6f77015a289945b0c7dde112a9e611458c086a3
8ee83fd81a28a3bd4be642c083fde29f9893c731ee6ce81f9a97ddc0c35a8e67
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:12:32 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "32FA54D2FD5554AAFE21CADFF37B072B022AB404"
Expires: Sun, 27 Nov 2022 18:00:00 GMT
Last-Modified: Sun, 27 Nov 2022 06:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2931
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77090e5d6e2ab511-OSL
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 55db134ccf69f19e5e47d0f5928b1ec0
2842af28b529a888b2ecf320276d36b45d2beac8
6a6d105bb385d753e9bcb6db819e1faef1d58ce7a1794e2374453bc0ae86bbb0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=126822
Date: Sun, 27 Nov 2022 07:12:33 GMT
Etag: "63825023-1d7"
Expires: Mon, 28 Nov 2022 18:26:15 GMT
Last-Modified: Sat, 26 Nov 2022 17:42:59 GMT
Server: ECS (dcb/7ECB)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WmqjlDIbLKzhh11bhd29RSkZJU7Zrf7OY6N0B_WXMsgpioyFL_srEw==
Age: 2596
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 55db134ccf69f19e5e47d0f5928b1ec0
2842af28b529a888b2ecf320276d36b45d2beac8
6a6d105bb385d753e9bcb6db819e1faef1d58ce7a1794e2374453bc0ae86bbb0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=128572
Date: Sun, 27 Nov 2022 07:12:33 GMT
Etag: "63825023-1d7"
Expires: Mon, 28 Nov 2022 18:55:25 GMT
Last-Modified: Sat, 26 Nov 2022 17:42:59 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Qxw5y4ht_wSUEw2EWRo5lZO6rBamJkAfyPKbfI56Di3yb6mccstT1Q==
Age: 4346
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
34.214.185.169200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 34.214.185.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://mail-109965.square.site/
Origin: https://mail-109965.square.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:12:33 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://mail-109965.square.site
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
34.214.185.169200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 34.214.185.169:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1942
Origin: https://mail-109965.square.site
Connection: keep-alive
Referer: https://mail-109965.square.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:12:33 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=aeec8e4c-eefb-4833-be10-b5ae3ef49127; Expires=Mon, 27 Nov 2023 07:12:33 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://mail-109965.square.site
access-control-allow-credentials: true
X-Firefox-Spdy: h2
sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
35.188.42.15200 OK 2 B URL HTTP/1.1 sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
IP 35.188.42.15:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mail-109965.square.site/
Content-Type: text/plain;charset=UTF-8
Origin: https://mail-109965.square.site
Content-Length: 429
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 07:12:33 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://mail-109965.square.site
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13997
Expires: Sun, 27 Nov 2022 11:05:50 GMT
Date: Sun, 27 Nov 2022 07:12:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13997
Expires: Sun, 27 Nov 2022 11:05:50 GMT
Date: Sun, 27 Nov 2022 07:12:33 GMT
Connection: keep-alive
mail-109965.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
199.34.228.40200 OK 894 B URL HTTP/1.1 mail-109965.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
IP 199.34.228.40:0
File type JSON data\012- , ASCII text, with very long lines (894), with no line terminators
Hash 78914922f142cb8f52fa654c3a72f0dd
9d12bf6efcd235605a22241a428a5bcafda22c71
accfa5a4d41dac425a5f602ff9ee74ccb0aaeb8a0d040e892779a08be3df8dd7
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig] HTTP/1.1
Host: mail-109965.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6IjV2TXk2YkJEOHkyT0dhbUlDYUg2NGc9PSIsInZhbHVlIjoiSWNteG1MZWRucDA0U0NaallYTkQyQ251QmRsT254UXJaSHQwU3pYQmg3WFBvd2FZM1FrVlVwR3Vsa09KMFhcL3dkOHM2aUpzTkFPWTFnalFmdk5yTFZNdnlQXC9mcmZZcGpNNHRDOU15RktBN3dmczhWc2JkTGVXZFFxWG1RelZ2biIsIm1hYyI6IjRlNWNmZTZmMzBiZDJlZTU5ZDAxODExZTcyMzRlNjViMGNkNTQ1YjczZDY2MWQzMDc1MjI5ZDA0YWI5YTIzNzYifQ==
Content-Length: 78
Origin: https://mail-109965.square.site
Connection: keep-alive
Referer: https://mail-109965.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6IlBuN08weGtGQTBRR2FSemRLeXZEeEE9PSIsInZhbHVlIjoidWJqMGJoeXpzUll6akRpUlU4ck5KZkpSZFpwWk55UENrMjdLRVhsZFdLTVVyeFNrRXpFUXFOUWNwQ2wyN0h4cE5ROGhHbytYdElPYzdTd3A5YWFrZ1lpbXFIUzhhVUdhajRuclZiY3BJYkxyQWNSSGtWRGxYWklUSHd5cFB1NkYiLCJtYWMiOiJhY2RiMzM4NDcwMmNmZjA4MTMyN2MyZjE4ZmE5NzE1YTY3NmQxOWE2MDVjODQ3NjI4NjY2MmY3ZTQwNTkwZjkwIn0%3D; XSRF-TOKEN=eyJpdiI6IjV2TXk2YkJEOHkyT0dhbUlDYUg2NGc9PSIsInZhbHVlIjoiSWNteG1MZWRucDA0U0NaallYTkQyQ251QmRsT254UXJaSHQwU3pYQmg3WFBvd2FZM1FrVlVwR3Vsa09KMFhcL3dkOHM2aUpzTkFPWTFnalFmdk5yTFZNdnlQXC9mcmZZcGpNNHRDOU15RktBN3dmczhWc2JkTGVXZFFxWG1RelZ2biIsIm1hYyI6IjRlNWNmZTZmMzBiZDJlZTU5ZDAxODExZTcyMzRlNjViMGNkNTQ1YjczZDY2MWQzMDc1MjI5ZDA0YWI5YTIzNzYifQ%3D%3D; PublishedSiteSession=eyJpdiI6ImduZFwvMFhqbGo4OHg1VzhJdkZEb2tnPT0iLCJ2YWx1ZSI6InZlS1lpSmNzc25uRzZhOHJRMkdBYmRLSitxVDNnblNrcVEyWWFRNUtnNERGVVlPYzEzRnpIUW5NamliSHI4NGVEZUpDSmpzVlNQd1M2NTVSV3lqQkh2STdWa1g0YVM4QXk2Mm1uNHJCbElpbXdFNGgwTlk2UTlGR1l0S1lhZWJNIiwibWFjIjoiMzY5YWEwYTg4NmJlYmI4OTEyN2ZjYTUxMmRkZjMwZWMzYmIyMTRhZjk3ZmQ0ZmYwODJhYWNiYWU2NGE4MTM2YyJ9; _snow_ses.8135=*; _snow_id.8135=c4f4e5f4-f25d-4380-ad1a-02eb0b28fc56.1669533153.1.1669533153.1669533153.8c2147f5-a366-49c3-9c87-9e7218d968d9; _dd_s=rum=1&id=d2faeb70-55c9-4700-9d4c-7b6f10d86a91&created=1669533153094&expire=1669534053094
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:12:33 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu49.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 894
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13997
Expires: Sun, 27 Nov 2022 11:05:50 GMT
Date: Sun, 27 Nov 2022 07:12:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13997
Expires: Sun, 27 Nov 2022 11:05:50 GMT
Date: Sun, 27 Nov 2022 07:12:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
age: 34219
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4565b77f-3e3b-4410-b35b-b4e9a478ce4f.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4565b77f-3e3b-4410-b35b-b4e9a478ce4f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc51742200b699c93a6ede66c7997d2a
1021cf938f62cf18466e2ff4d55ce8c52c0f9cf6
a7cc50883ac1a59fc14f0467551dec16cef3b033df599b23916427c5e42be1aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4565b77f-3e3b-4410-b35b-b4e9a478ce4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8145
x-amzn-requestid: 8aaa302d-30b2-4fb0-aafe-e63f3d9bf680
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCSogEkHIAMFtxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d97cf-660d88387db5e9a145718d46;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:47:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5XZhJ2zj6Ca5gubdHU0DyM-doTvt2pU38IBKx_vLKtDdN2G8VUW-fg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 19:43:10 GMT
age: 41363
etag: "1021cf938f62cf18466e2ff4d55ce8c52c0f9cf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: K2eKLQhrsCdd4ASsfEibRuZAYW4CpPTlO3fZs7xdoKrw1HBxfTGkEA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
age: 34219
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F597d0b25-8af2-425a-be32-195ac8e4bc00.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F597d0b25-8af2-425a-be32-195ac8e4bc00.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 514b4077fad50ba782e4bbb2c95c6852
4770f56d4d9489df43f33952e4bfa84d8e46414e
a97ce7c911625345342731b96cf423ee36182e101e3039694a666d6508a702ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F597d0b25-8af2-425a-be32-195ac8e4bc00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4374
x-amzn-requestid: 16fa9401-4b57-4300-9377-3a7d96de3a38
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGB7uFWJIAMFfTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f16b1-3386c7b54d828c3b1393b9ce;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:01:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6XMNeYqDwM9yHZf1rkBRhZ6k_iZE92MWKavu0vlQnT2jZ--tswQwWw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 07:07:11 GMT
age: 322
etag: "4770f56d4d9489df43f33952e4bfa84d8e46414e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 892849386662d30042f01ab952a3ec14
3b349ac17a00d68875e64bee110ec85d07cffda2
893797d55f15081d45af7a31af9fefe106ace9ba236e9b113787d07ab416faf9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9926
x-amzn-requestid: 4e2c72af-2cce-4740-9962-6a7f9e217272
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b_cVCHwEoAMF3lQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c7420-51c2e04b4fae5b576a679db5;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 07:02:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rZTk5ONMhQB66WF0VWIRmlTOdzEJO-NJVl4TCibzbH2fZXY_9Mx9kQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 18:42:19 GMT
age: 45014
etag: "3b349ac17a00d68875e64bee110ec85d07cffda2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76c00eceed956377d7469ef58b0815cb
97a135335f5b1b042adeb385718f8808cb78528b
81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
content-type: image/jpeg
age: 34219
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mail-109965.square.site/uploads/b/cd2f16d0-6ca0-11ed-96d0-45e4266d864f/icon_180x180_ios_Mjk2MT.png?width=180
199.34.228.40200 OK 486 B URL HTTP/1.1 mail-109965.square.site/uploads/b/cd2f16d0-6ca0-11ed-96d0-45e4266d864f/icon_180x180_ios_Mjk2MT.png?width=180
IP 199.34.228.40:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 647b1a5e193154587793e700deedd475
96c559ccb31f2bc66416db9ddf1ab6f744d604b8
2b91d08dcca93d5a9b0ba7e947e6b4a370a4521ccfd8ac553b0f36707a947278
GET /uploads/b/cd2f16d0-6ca0-11ed-96d0-45e4266d864f/icon_180x180_ios_Mjk2MT.png?width=180 HTTP/1.1
Host: mail-109965.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-109965.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6IlBuN08weGtGQTBRR2FSemRLeXZEeEE9PSIsInZhbHVlIjoidWJqMGJoeXpzUll6akRpUlU4ck5KZkpSZFpwWk55UENrMjdLRVhsZFdLTVVyeFNrRXpFUXFOUWNwQ2wyN0h4cE5ROGhHbytYdElPYzdTd3A5YWFrZ1lpbXFIUzhhVUdhajRuclZiY3BJYkxyQWNSSGtWRGxYWklUSHd5cFB1NkYiLCJtYWMiOiJhY2RiMzM4NDcwMmNmZjA4MTMyN2MyZjE4ZmE5NzE1YTY3NmQxOWE2MDVjODQ3NjI4NjY2MmY3ZTQwNTkwZjkwIn0%3D; XSRF-TOKEN=eyJpdiI6IjV2TXk2YkJEOHkyT0dhbUlDYUg2NGc9PSIsInZhbHVlIjoiSWNteG1MZWRucDA0U0NaallYTkQyQ251QmRsT254UXJaSHQwU3pYQmg3WFBvd2FZM1FrVlVwR3Vsa09KMFhcL3dkOHM2aUpzTkFPWTFnalFmdk5yTFZNdnlQXC9mcmZZcGpNNHRDOU15RktBN3dmczhWc2JkTGVXZFFxWG1RelZ2biIsIm1hYyI6IjRlNWNmZTZmMzBiZDJlZTU5ZDAxODExZTcyMzRlNjViMGNkNTQ1YjczZDY2MWQzMDc1MjI5ZDA0YWI5YTIzNzYifQ%3D%3D; PublishedSiteSession=eyJpdiI6ImduZFwvMFhqbGo4OHg1VzhJdkZEb2tnPT0iLCJ2YWx1ZSI6InZlS1lpSmNzc25uRzZhOHJRMkdBYmRLSitxVDNnblNrcVEyWWFRNUtnNERGVVlPYzEzRnpIUW5NamliSHI4NGVEZUpDSmpzVlNQd1M2NTVSV3lqQkh2STdWa1g0YVM4QXk2Mm1uNHJCbElpbXdFNGgwTlk2UTlGR1l0S1lhZWJNIiwibWFjIjoiMzY5YWEwYTg4NmJlYmI4OTEyN2ZjYTUxMmRkZjMwZWMzYmIyMTRhZjk3ZmQ0ZmYwODJhYWNiYWU2NGE4MTM2YyJ9; _snow_ses.8135=*; _snow_id.8135=c4f4e5f4-f25d-4380-ad1a-02eb0b28fc56.1669533153.1.1669533153.1669533153.8c2147f5-a366-49c3-9c87-9e7218d968d9; _dd_s=rum=1&id=d2faeb70-55c9-4700-9d4c-7b6f10d86a91&created=1669533153094&expire=1669534053094
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 07:12:34 GMT
Content-Type: image/webp
Content-Length: 486
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "jk70ZGrsvleVTgNDcXWm7nQsPBubfTuHeckrVGrZ2es"
Fastly-Io-Info: ifsz=997 idim=180x180 ifmt=png ofsz=486 odim=180x180 ofmt=webp
Fastly-Stats: io=1
Fastly-Transform-Stats: tus=2103 cr=2.05
X-Amz-Request-Id: tx00000000000003b282468-00638306a8-c699baa-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: zb111
X-Storage-Object: b111151e033920c775b2ac184db63070474c040c51844f3d6968a5e5f493df52
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-sjc10020-SJC, cache-pao17456-PAO
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1669533154.100773,VS0,VE11
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn148.sf2p.intern.weebly.net
mail-109965.square.site/app/website/cms/api/v1/users/143978272/customers/coordinates
199.34.228.40200 OK 70 B URL HTTP/1.1 mail-109965.square.site/app/website/cms/api/v1/users/143978272/customers/coordinates
IP 199.34.228.40:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9752b06c768724a72741cf9388713596
3c05993fc47e53d1edaa9c03779565a7753f3a61
1d97b677c782c9ae57c8b4dcb6afd88a8068ea3cd133a00cf1050dfe0b4d835c
Analyzer Verdict Alert openphish BT Group plc
fortinet Phishing
GET /app/website/cms/api/v1/users/143978272/customers/coordinates HTTP/1.1
Host: mail-109965.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IjV2TXk2YkJEOHkyT0dhbUlDYUg2NGc9PSIsInZhbHVlIjoiSWNteG1MZWRucDA0U0NaallYTkQyQ251QmRsT254UXJaSHQwU3pYQmg3WFBvd2FZM1FrVlVwR3Vsa09KMFhcL3dkOHM2aUpzTkFPWTFnalFmdk5yTFZNdnlQXC9mcmZZcGpNNHRDOU15RktBN3dmczhWc2JkTGVXZFFxWG1RelZ2biIsIm1hYyI6IjRlNWNmZTZmMzBiZDJlZTU5ZDAxODExZTcyMzRlNjViMGNkNTQ1YjczZDY2MWQzMDc1MjI5ZDA0YWI5YTIzNzYifQ==
Connection: keep-alive
Referer: https://mail-109965.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6IlBuN08weGtGQTBRR2FSemRLeXZEeEE9PSIsInZhbHVlIjoidWJqMGJoeXpzUll6akRpUlU4ck5KZkpSZFpwWk55UENrMjdLRVhsZFdLTVVyeFNrRXpFUXFOUWNwQ2wyN0h4cE5ROGhHbytYdElPYzdTd3A5YWFrZ1lpbXFIUzhhVUdhajRuclZiY3BJYkxyQWNSSGtWRGxYWklUSHd5cFB1NkYiLCJtYWMiOiJhY2RiMzM4NDcwMmNmZjA4MTMyN2MyZjE4ZmE5NzE1YTY3NmQxOWE2MDVjODQ3NjI4NjY2MmY3ZTQwNTkwZjkwIn0%3D; XSRF-TOKEN=eyJpdiI6IjV2TXk2YkJEOHkyT0dhbUlDYUg2NGc9PSIsInZhbHVlIjoiSWNteG1MZWRucDA0U0NaallYTkQyQ251QmRsT254UXJaSHQwU3pYQmg3WFBvd2FZM1FrVlVwR3Vsa09KMFhcL3dkOHM2aUpzTkFPWTFnalFmdk5yTFZNdnlQXC9mcmZZcGpNNHRDOU15RktBN3dmczhWc2JkTGVXZFFxWG1RelZ2biIsIm1hYyI6IjRlNWNmZTZmMzBiZDJlZTU5ZDAxODExZTcyMzRlNjViMGNkNTQ1YjczZDY2MWQzMDc1MjI5ZDA0YWI5YTIzNzYifQ%3D%3D; PublishedSiteSession=eyJpdiI6ImduZFwvMFhqbGo4OHg1VzhJdkZEb2tnPT0iLCJ2YWx1ZSI6InZlS1lpSmNzc25uRzZhOHJRMkdBYmRLSitxVDNnblNrcVEyWWFRNUtnNERGVVlPYzEzRnpIUW5NamliSHI4NGVEZUpDSmpzVlNQd1M2NTVSV3lqQkh2STdWa1g0YVM4QXk2Mm1uNHJCbElpbXdFNGgwTlk2UTlGR1l0S1lhZWJNIiwibWFjIjoiMzY5YWEwYTg4NmJlYmI4OTEyN2ZjYTUxMmRkZjMwZWMzYmIyMTRhZjk3ZmQ0ZmYwODJhYWNiYWU2NGE4MTM2YyJ9; _snow_ses.8135=*; _snow_id.8135=c4f4e5f4-f25d-4380-ad1a-02eb0b28fc56.1669533153.1.1669533153.1669533153.8c2147f5-a366-49c3-9c87-9e7218d968d9; _dd_s=rum=1&id=d2faeb70-55c9-4700-9d4c-7b6f10d86a91&created=1669533153094&expire=1669534053094
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sun, 27 Nov 2022 07:12:34 GMT
Set-Cookie: websitespring-xsrf=eyJpdiI6InFHXC9RdEF0NjhndFwvdUFQM2pXR2xDZz09IiwidmFsdWUiOiIzMStITWdvbllGQUtJMk1LVjZvaExiNnVTRHArWGdPdTI3RFZXa1JucXY1RlIwUjRrM2ROSk1FbFwva0NRN1VaK3V2RUt2YWpTQmFzSFBmTmlDVVJ5dXVRT004RGxOUE92R2dJQXduTzFvdXJVZGUwQm12RG1sajV2U3hubXV2dUkiLCJtYWMiOiI1MDViNTQ4Mzg1NDJhMzcyNzdlN2I4ODkzOWU5MGRjNTU5Mzg0NWI0OGI4MWExY2RlMGI5Y2Q3Y2Y0NDljODY4In0%3D; expires=Sun, 11-Dec-2022 07:12:34 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6ImdLdVl4Z29EVE5rS3NoQ3NBbmJhcnc9PSIsInZhbHVlIjoiYUMyN29ad1dvajR5N0J5S2g5TzVPZDhTT1Z4M25sWGY5RUhSb3phWkJZaThERHRJMjVydjltT0hpNEpDTFYxb3NrODNocVJrcmgyVzN2WFcrVnRDc080OTJKYXRrMmloZ29pSjJ3UUt0RCtQVzQ5SDVpY3RcL3k1RjVhSm9iMEtMIiwibWFjIjoiZmM3MzNlOTQxZmQ3N2MwYmE3ODg0ZmEyNDUyYWY4NjdmOTNjZjI1NDI0YjFjOWQzODg4ZGY2YTEwMzQ3Y2JkMyJ9; expires=Sun, 11-Dec-2022 07:12:34 GMT; Max-Age=1209600; path=/
X-Host: blu149.sf2p.intern.weebly.net
X-Revision: 8b6d9d887a47f8cceadf99cb849a3347de2cf18d
X-Request-ID: 93e5cfbb276b1a3e818bf21de5953db7
Content-Encoding: gzip
mail-109965.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
199.34.228.40200 OK 201 B URL HTTP/1.1 mail-109965.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
IP 199.34.228.40:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bbf985fd86ef8add09a38860a98def2f
2804fa968da1e1b8be4b6f150438e45f4150d3c0
236153652c6f09415db4ee8f8b9a98827da5987a001a136d94d87f401ef6f160
POST /ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments] HTTP/1.1
Host: mail-109965.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6IjV2TXk2YkJEOHkyT0dhbUlDYUg2NGc9PSIsInZhbHVlIjoiSWNteG1MZWRucDA0U0NaallYTkQyQ251QmRsT254UXJaSHQwU3pYQmg3WFBvd2FZM1FrVlVwR3Vsa09KMFhcL3dkOHM2aUpzTkFPWTFnalFmdk5yTFZNdnlQXC9mcmZZcGpNNHRDOU15RktBN3dmczhWc2JkTGVXZFFxWG1RelZ2biIsIm1hYyI6IjRlNWNmZTZmMzBiZDJlZTU5ZDAxODExZTcyMzRlNjViMGNkNTQ1YjczZDY2MWQzMDc1MjI5ZDA0YWI5YTIzNzYifQ==
Content-Length: 83
Origin: https://mail-109965.square.site
Connection: keep-alive
Referer: https://mail-109965.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6IlBuN08weGtGQTBRR2FSemRLeXZEeEE9PSIsInZhbHVlIjoidWJqMGJoeXpzUll6akRpUlU4ck5KZkpSZFpwWk55UENrMjdLRVhsZFdLTVVyeFNrRXpFUXFOUWNwQ2wyN0h4cE5ROGhHbytYdElPYzdTd3A5YWFrZ1lpbXFIUzhhVUdhajRuclZiY3BJYkxyQWNSSGtWRGxYWklUSHd5cFB1NkYiLCJtYWMiOiJhY2RiMzM4NDcwMmNmZjA4MTMyN2MyZjE4ZmE5NzE1YTY3NmQxOWE2MDVjODQ3NjI4NjY2MmY3ZTQwNTkwZjkwIn0%3D; XSRF-TOKEN=eyJpdiI6IjV2TXk2YkJEOHkyT0dhbUlDYUg2NGc9PSIsInZhbHVlIjoiSWNteG1MZWRucDA0U0NaallYTkQyQ251QmRsT254UXJaSHQwU3pYQmg3WFBvd2FZM1FrVlVwR3Vsa09KMFhcL3dkOHM2aUpzTkFPWTFnalFmdk5yTFZNdnlQXC9mcmZZcGpNNHRDOU15RktBN3dmczhWc2JkTGVXZFFxWG1RelZ2biIsIm1hYyI6IjRlNWNmZTZmMzBiZDJlZTU5ZDAxODExZTcyMzRlNjViMGNkNTQ1YjczZDY2MWQzMDc1MjI5ZDA0YWI5YTIzNzYifQ%3D%3D; PublishedSiteSession=eyJpdiI6ImduZFwvMFhqbGo4OHg1VzhJdkZEb2tnPT0iLCJ2YWx1ZSI6InZlS1lpSmNzc25uRzZhOHJRMkdBYmRLSitxVDNnblNrcVEyWWFRNUtnNERGVVlPYzEzRnpIUW5NamliSHI4NGVEZUpDSmpzVlNQd1M2NTVSV3lqQkh2STdWa1g0YVM4QXk2Mm1uNHJCbElpbXdFNGgwTlk2UTlGR1l0S1lhZWJNIiwibWFjIjoiMzY5YWEwYTg4NmJlYmI4OTEyN2ZjYTUxMmRkZjMwZWMzYmIyMTRhZjk3ZmQ0ZmYwODJhYWNiYWU2NGE4MTM2YyJ9; _snow_ses.8135=*; _snow_id.8135=c4f4e5f4-f25d-4380-ad1a-02eb0b28fc56.1669533153.1.1669533153.1669533153.8c2147f5-a366-49c3-9c87-9e7218d968d9; _dd_s=rum=1&id=d2faeb70-55c9-4700-9d4c-7b6f10d86a91&created=1669533153094&expire=1669534053094
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:12:34 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn86.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 201
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
mail-109965.square.site/square.ico
199.34.228.40200 OK 6.5 kB URL HTTP/1.1 mail-109965.square.site/square.ico
IP 199.34.228.40:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash d810985ef4dc1c0bd5811e36d13c8ca3
2b45bb77c68c937af6a2d9854dc82301526473aa
770e0889aefd823056c7cdbb066a445be0f0754c1b4d4cba877e120fdbcb63e6
Analyzer Verdict Alert openphish BT Group plc
fortinet Phishing
GET /square.ico HTTP/1.1
Host: mail-109965.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-109965.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6IlBuN08weGtGQTBRR2FSemRLeXZEeEE9PSIsInZhbHVlIjoidWJqMGJoeXpzUll6akRpUlU4ck5KZkpSZFpwWk55UENrMjdLRVhsZFdLTVVyeFNrRXpFUXFOUWNwQ2wyN0h4cE5ROGhHbytYdElPYzdTd3A5YWFrZ1lpbXFIUzhhVUdhajRuclZiY3BJYkxyQWNSSGtWRGxYWklUSHd5cFB1NkYiLCJtYWMiOiJhY2RiMzM4NDcwMmNmZjA4MTMyN2MyZjE4ZmE5NzE1YTY3NmQxOWE2MDVjODQ3NjI4NjY2MmY3ZTQwNTkwZjkwIn0%3D; XSRF-TOKEN=eyJpdiI6IjV2TXk2YkJEOHkyT0dhbUlDYUg2NGc9PSIsInZhbHVlIjoiSWNteG1MZWRucDA0U0NaallYTkQyQ251QmRsT254UXJaSHQwU3pYQmg3WFBvd2FZM1FrVlVwR3Vsa09KMFhcL3dkOHM2aUpzTkFPWTFnalFmdk5yTFZNdnlQXC9mcmZZcGpNNHRDOU15RktBN3dmczhWc2JkTGVXZFFxWG1RelZ2biIsIm1hYyI6IjRlNWNmZTZmMzBiZDJlZTU5ZDAxODExZTcyMzRlNjViMGNkNTQ1YjczZDY2MWQzMDc1MjI5ZDA0YWI5YTIzNzYifQ%3D%3D; PublishedSiteSession=eyJpdiI6ImduZFwvMFhqbGo4OHg1VzhJdkZEb2tnPT0iLCJ2YWx1ZSI6InZlS1lpSmNzc25uRzZhOHJRMkdBYmRLSitxVDNnblNrcVEyWWFRNUtnNERGVVlPYzEzRnpIUW5NamliSHI4NGVEZUpDSmpzVlNQd1M2NTVSV3lqQkh2STdWa1g0YVM4QXk2Mm1uNHJCbElpbXdFNGgwTlk2UTlGR1l0S1lhZWJNIiwibWFjIjoiMzY5YWEwYTg4NmJlYmI4OTEyN2ZjYTUxMmRkZjMwZWMzYmIyMTRhZjk3ZmQ0ZmYwODJhYWNiYWU2NGE4MTM2YyJ9; _snow_ses.8135=*; _snow_id.8135=c4f4e5f4-f25d-4380-ad1a-02eb0b28fc56.1669533153.1.1669533153.1669533153.8c2147f5-a366-49c3-9c87-9e7218d968d9; _dd_s=rum=1&id=d2faeb70-55c9-4700-9d4c-7b6f10d86a91&created=1669533153094&expire=1669534053094
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 07:12:34 GMT
Content-Type: image/x-icon
Content-Length: 6518
Connection: keep-alive
Last-Modified: Tue, 02 Apr 2019 14:51:59 GMT
x-rgw-object-type: Normal
ETag: "d810985ef4dc1c0bd5811e36d13c8ca3"
x-amz-request-id: tx000000000000001a88764-00628473fc-b9fbc20-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn150.sf2p.intern.weebly.net
X-Revision: 8b6d9d887a47f8cceadf99cb849a3347de2cf18d
X-Request-ID: 4c721cc5564ec533b6bd7baf0a4284dd
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
34.214.185.169200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 34.214.185.169:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 2382
Origin: https://mail-109965.square.site
Connection: keep-alive
Referer: https://mail-109965.square.site/
Cookie: sp=aeec8e4c-eefb-4833-be10-b5ae3ef49127
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:12:34 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=aeec8e4c-eefb-4833-be10-b5ae3ef49127; Expires=Mon, 27 Nov 2023 07:12:34 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://mail-109965.square.site
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 715d3636f22891d31ab12bd37d0829ca
f7266ed116a1c7d746a7addf96850c9556c4227a
e3cd98a6b6b84d9b599d82f8bdc6cc5dcab29058865a84b74bdf9d8493b5bdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4148
Cache-Control: max-age=91991
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:12:35 GMT
Etag: "6381c206-1d7"
Expires: Mon, 28 Nov 2022 08:45:46 GMT
Last-Modified: Sat, 26 Nov 2022 07:36:38 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 715d3636f22891d31ab12bd37d0829ca
f7266ed116a1c7d746a7addf96850c9556c4227a
e3cd98a6b6b84d9b599d82f8bdc6cc5dcab29058865a84b74bdf9d8493b5bdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4148
Cache-Control: max-age=91991
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:12:35 GMT
Etag: "6381c206-1d7"
Expires: Mon, 28 Nov 2022 08:45:46 GMT
Last-Modified: Sat, 26 Nov 2022 07:36:38 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
34.214.185.169200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 34.214.185.169:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1841
Origin: https://mail-109965.square.site
Connection: keep-alive
Referer: https://mail-109965.square.site/
Cookie: sp=aeec8e4c-eefb-4833-be10-b5ae3ef49127
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:12:35 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=aeec8e4c-eefb-4833-be10-b5ae3ef49127; Expires=Mon, 27 Nov 2023 07:12:35 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://mail-109965.square.site
access-control-allow-credentials: true
X-Firefox-Spdy: h2
mail-109965.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
199.34.228.40200 OK 79 B URL HTTP/1.1 mail-109965.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
IP 199.34.228.40:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 26e70d9925604cbe0c7e866fc54d87f4
ef5b3fb91cf2534cbf57806d14b21f0a5ae5c259
c0e7b562566962eced45cdf3319b692c55f3df7c3c6d39436a9d21bae2d2e049
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable] HTTP/1.1
Host: mail-109965.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6ImdLdVl4Z29EVE5rS3NoQ3NBbmJhcnc9PSIsInZhbHVlIjoiYUMyN29ad1dvajR5N0J5S2g5TzVPZDhTT1Z4M25sWGY5RUhSb3phWkJZaThERHRJMjVydjltT0hpNEpDTFYxb3NrODNocVJrcmgyVzN2WFcrVnRDc080OTJKYXRrMmloZ29pSjJ3UUt0RCtQVzQ5SDVpY3RcL3k1RjVhSm9iMEtMIiwibWFjIjoiZmM3MzNlOTQxZmQ3N2MwYmE3ODg0ZmEyNDUyYWY4NjdmOTNjZjI1NDI0YjFjOWQzODg4ZGY2YTEwMzQ3Y2JkMyJ9
Content-Length: 77
Origin: https://mail-109965.square.site
Connection: keep-alive
Referer: https://mail-109965.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6IlBuN08weGtGQTBRR2FSemRLeXZEeEE9PSIsInZhbHVlIjoidWJqMGJoeXpzUll6akRpUlU4ck5KZkpSZFpwWk55UENrMjdLRVhsZFdLTVVyeFNrRXpFUXFOUWNwQ2wyN0h4cE5ROGhHbytYdElPYzdTd3A5YWFrZ1lpbXFIUzhhVUdhajRuclZiY3BJYkxyQWNSSGtWRGxYWklUSHd5cFB1NkYiLCJtYWMiOiJhY2RiMzM4NDcwMmNmZjA4MTMyN2MyZjE4ZmE5NzE1YTY3NmQxOWE2MDVjODQ3NjI4NjY2MmY3ZTQwNTkwZjkwIn0%3D; XSRF-TOKEN=eyJpdiI6ImdLdVl4Z29EVE5rS3NoQ3NBbmJhcnc9PSIsInZhbHVlIjoiYUMyN29ad1dvajR5N0J5S2g5TzVPZDhTT1Z4M25sWGY5RUhSb3phWkJZaThERHRJMjVydjltT0hpNEpDTFYxb3NrODNocVJrcmgyVzN2WFcrVnRDc080OTJKYXRrMmloZ29pSjJ3UUt0RCtQVzQ5SDVpY3RcL3k1RjVhSm9iMEtMIiwibWFjIjoiZmM3MzNlOTQxZmQ3N2MwYmE3ODg0ZmEyNDUyYWY4NjdmOTNjZjI1NDI0YjFjOWQzODg4ZGY2YTEwMzQ3Y2JkMyJ9; PublishedSiteSession=eyJpdiI6ImduZFwvMFhqbGo4OHg1VzhJdkZEb2tnPT0iLCJ2YWx1ZSI6InZlS1lpSmNzc25uRzZhOHJRMkdBYmRLSitxVDNnblNrcVEyWWFRNUtnNERGVVlPYzEzRnpIUW5NamliSHI4NGVEZUpDSmpzVlNQd1M2NTVSV3lqQkh2STdWa1g0YVM4QXk2Mm1uNHJCbElpbXdFNGgwTlk2UTlGR1l0S1lhZWJNIiwibWFjIjoiMzY5YWEwYTg4NmJlYmI4OTEyN2ZjYTUxMmRkZjMwZWMzYmIyMTRhZjk3ZmQ0ZmYwODJhYWNiYWU2NGE4MTM2YyJ9; _snow_ses.8135=*; _snow_id.8135=c4f4e5f4-f25d-4380-ad1a-02eb0b28fc56.1669533153.1.1669533154.1669533153.8c2147f5-a366-49c3-9c87-9e7218d968d9; _dd_s=rum=1&id=d2faeb70-55c9-4700-9d4c-7b6f10d86a91&created=1669533153094&expire=1669534053094; websitespring-xsrf=eyJpdiI6InFHXC9RdEF0NjhndFwvdUFQM2pXR2xDZz09IiwidmFsdWUiOiIzMStITWdvbllGQUtJMk1LVjZvaExiNnVTRHArWGdPdTI3RFZXa1JucXY1RlIwUjRrM2ROSk1FbFwva0NRN1VaK3V2RUt2YWpTQmFzSFBmTmlDVVJ5dXVRT004RGxOUE92R2dJQXduTzFvdXJVZGUwQm12RG1sajV2U3hubXV2dUkiLCJtYWMiOiI1MDViNTQ4Mzg1NDJhMzcyNzdlN2I4ODkzOWU5MGRjNTU5Mzg0NWI0OGI4MWExY2RlMGI5Y2Q3Y2Y0NDljODY4In0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:12:35 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu69.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 79
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
mail-109965.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
199.34.228.40200 OK 182 B URL HTTP/1.1 mail-109965.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
IP 199.34.228.40:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6f6b6b81dd3714cd388808342e960a10
f34bc92a2c7a4dfe56bd6f069ad601e6a61e3b61
2eb22bb7b96aaee11236fcf99e822ede29d3a2ddf2d6f019bb70005b5a1540ef
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder] HTTP/1.1
Host: mail-109965.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6ImdLdVl4Z29EVE5rS3NoQ3NBbmJhcnc9PSIsInZhbHVlIjoiYUMyN29ad1dvajR5N0J5S2g5TzVPZDhTT1Z4M25sWGY5RUhSb3phWkJZaThERHRJMjVydjltT0hpNEpDTFYxb3NrODNocVJrcmgyVzN2WFcrVnRDc080OTJKYXRrMmloZ29pSjJ3UUt0RCtQVzQ5SDVpY3RcL3k1RjVhSm9iMEtMIiwibWFjIjoiZmM3MzNlOTQxZmQ3N2MwYmE3ODg0ZmEyNDUyYWY4NjdmOTNjZjI1NDI0YjFjOWQzODg4ZGY2YTEwMzQ3Y2JkMyJ9
Content-Length: 89
Origin: https://mail-109965.square.site
Connection: keep-alive
Referer: https://mail-109965.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6IlBuN08weGtGQTBRR2FSemRLeXZEeEE9PSIsInZhbHVlIjoidWJqMGJoeXpzUll6akRpUlU4ck5KZkpSZFpwWk55UENrMjdLRVhsZFdLTVVyeFNrRXpFUXFOUWNwQ2wyN0h4cE5ROGhHbytYdElPYzdTd3A5YWFrZ1lpbXFIUzhhVUdhajRuclZiY3BJYkxyQWNSSGtWRGxYWklUSHd5cFB1NkYiLCJtYWMiOiJhY2RiMzM4NDcwMmNmZjA4MTMyN2MyZjE4ZmE5NzE1YTY3NmQxOWE2MDVjODQ3NjI4NjY2MmY3ZTQwNTkwZjkwIn0%3D; XSRF-TOKEN=eyJpdiI6ImdLdVl4Z29EVE5rS3NoQ3NBbmJhcnc9PSIsInZhbHVlIjoiYUMyN29ad1dvajR5N0J5S2g5TzVPZDhTT1Z4M25sWGY5RUhSb3phWkJZaThERHRJMjVydjltT0hpNEpDTFYxb3NrODNocVJrcmgyVzN2WFcrVnRDc080OTJKYXRrMmloZ29pSjJ3UUt0RCtQVzQ5SDVpY3RcL3k1RjVhSm9iMEtMIiwibWFjIjoiZmM3MzNlOTQxZmQ3N2MwYmE3ODg0ZmEyNDUyYWY4NjdmOTNjZjI1NDI0YjFjOWQzODg4ZGY2YTEwMzQ3Y2JkMyJ9; PublishedSiteSession=eyJpdiI6ImduZFwvMFhqbGo4OHg1VzhJdkZEb2tnPT0iLCJ2YWx1ZSI6InZlS1lpSmNzc25uRzZhOHJRMkdBYmRLSitxVDNnblNrcVEyWWFRNUtnNERGVVlPYzEzRnpIUW5NamliSHI4NGVEZUpDSmpzVlNQd1M2NTVSV3lqQkh2STdWa1g0YVM4QXk2Mm1uNHJCbElpbXdFNGgwTlk2UTlGR1l0S1lhZWJNIiwibWFjIjoiMzY5YWEwYTg4NmJlYmI4OTEyN2ZjYTUxMmRkZjMwZWMzYmIyMTRhZjk3ZmQ0ZmYwODJhYWNiYWU2NGE4MTM2YyJ9; _snow_ses.8135=*; _snow_id.8135=c4f4e5f4-f25d-4380-ad1a-02eb0b28fc56.1669533153.1.1669533154.1669533153.8c2147f5-a366-49c3-9c87-9e7218d968d9; _dd_s=rum=1&id=d2faeb70-55c9-4700-9d4c-7b6f10d86a91&created=1669533153094&expire=1669534053094; websitespring-xsrf=eyJpdiI6InFHXC9RdEF0NjhndFwvdUFQM2pXR2xDZz09IiwidmFsdWUiOiIzMStITWdvbllGQUtJMk1LVjZvaExiNnVTRHArWGdPdTI3RFZXa1JucXY1RlIwUjRrM2ROSk1FbFwva0NRN1VaK3V2RUt2YWpTQmFzSFBmTmlDVVJ5dXVRT004RGxOUE92R2dJQXduTzFvdXJVZGUwQm12RG1sajV2U3hubXV2dUkiLCJtYWMiOiI1MDViNTQ4Mzg1NDJhMzcyNzdlN2I4ODkzOWU5MGRjNTU5Mzg0NWI0OGI4MWExY2RlMGI5Y2Q3Y2Y0NDljODY4In0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:12:35 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu71.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 182
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
mail-109965.square.site/uploads/b/c714d9506e27afceda2261ab510d808a90f0808474c6a5a3d742e143ac8131bb/badru%20bt_1669367497.png?width=400
199.34.228.40200 OK 3.6 kB URL HTTP/1.1 mail-109965.square.site/uploads/b/c714d9506e27afceda2261ab510d808a90f0808474c6a5a3d742e143ac8131bb/badru%20bt_1669367497.png?width=400
IP 199.34.228.40:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d66ffc6d42bd41d690084fdc033cb40c
b558f2562142048920c6cf551b2b786a2dc14ac7
f052ae6ddd54826877d31d423102bb8e51d255b600263d52b3fdf795875d84ca
Analyzer Verdict Alert openphish BT Group plc
fortinet Phishing
GET /uploads/b/c714d9506e27afceda2261ab510d808a90f0808474c6a5a3d742e143ac8131bb/badru%20bt_1669367497.png?width=400 HTTP/1.1
Host: mail-109965.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-109965.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6IlBuN08weGtGQTBRR2FSemRLeXZEeEE9PSIsInZhbHVlIjoidWJqMGJoeXpzUll6akRpUlU4ck5KZkpSZFpwWk55UENrMjdLRVhsZFdLTVVyeFNrRXpFUXFOUWNwQ2wyN0h4cE5ROGhHbytYdElPYzdTd3A5YWFrZ1lpbXFIUzhhVUdhajRuclZiY3BJYkxyQWNSSGtWRGxYWklUSHd5cFB1NkYiLCJtYWMiOiJhY2RiMzM4NDcwMmNmZjA4MTMyN2MyZjE4ZmE5NzE1YTY3NmQxOWE2MDVjODQ3NjI4NjY2MmY3ZTQwNTkwZjkwIn0%3D; XSRF-TOKEN=eyJpdiI6ImdLdVl4Z29EVE5rS3NoQ3NBbmJhcnc9PSIsInZhbHVlIjoiYUMyN29ad1dvajR5N0J5S2g5TzVPZDhTT1Z4M25sWGY5RUhSb3phWkJZaThERHRJMjVydjltT0hpNEpDTFYxb3NrODNocVJrcmgyVzN2WFcrVnRDc080OTJKYXRrMmloZ29pSjJ3UUt0RCtQVzQ5SDVpY3RcL3k1RjVhSm9iMEtMIiwibWFjIjoiZmM3MzNlOTQxZmQ3N2MwYmE3ODg0ZmEyNDUyYWY4NjdmOTNjZjI1NDI0YjFjOWQzODg4ZGY2YTEwMzQ3Y2JkMyJ9; PublishedSiteSession=eyJpdiI6ImduZFwvMFhqbGo4OHg1VzhJdkZEb2tnPT0iLCJ2YWx1ZSI6InZlS1lpSmNzc25uRzZhOHJRMkdBYmRLSitxVDNnblNrcVEyWWFRNUtnNERGVVlPYzEzRnpIUW5NamliSHI4NGVEZUpDSmpzVlNQd1M2NTVSV3lqQkh2STdWa1g0YVM4QXk2Mm1uNHJCbElpbXdFNGgwTlk2UTlGR1l0S1lhZWJNIiwibWFjIjoiMzY5YWEwYTg4NmJlYmI4OTEyN2ZjYTUxMmRkZjMwZWMzYmIyMTRhZjk3ZmQ0ZmYwODJhYWNiYWU2NGE4MTM2YyJ9; _snow_ses.8135=*; _snow_id.8135=c4f4e5f4-f25d-4380-ad1a-02eb0b28fc56.1669533153.1.1669533154.1669533153.8c2147f5-a366-49c3-9c87-9e7218d968d9; _dd_s=rum=1&id=d2faeb70-55c9-4700-9d4c-7b6f10d86a91&created=1669533153094&expire=1669534053094; websitespring-xsrf=eyJpdiI6InFHXC9RdEF0NjhndFwvdUFQM2pXR2xDZz09IiwidmFsdWUiOiIzMStITWdvbllGQUtJMk1LVjZvaExiNnVTRHArWGdPdTI3RFZXa1JucXY1RlIwUjRrM2ROSk1FbFwva0NRN1VaK3V2RUt2YWpTQmFzSFBmTmlDVVJ5dXVRT004RGxOUE92R2dJQXduTzFvdXJVZGUwQm12RG1sajV2U3hubXV2dUkiLCJtYWMiOiI1MDViNTQ4Mzg1NDJhMzcyNzdlN2I4ODkzOWU5MGRjNTU5Mzg0NWI0OGI4MWExY2RlMGI5Y2Q3Y2Y0NDljODY4In0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 07:12:35 GMT
Content-Type: image/webp
Content-Length: 3646
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "OJzklZnJzdkea8tZSbemKrI5qkXgkjfJHWQLUHjQE5c"
Fastly-Io-Info: ifsz=4425 idim=225x225 ifmt=png ofsz=3646 odim=225x225 ofmt=webp
Fastly-Stats: io=1
Fastly-Transform-Stats: tus=3359 cr=1.21
X-Amz-Request-Id: tx000000000000039c1d925-0063809dfa-c669cc6-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: z67ed
X-Storage-Object: 67edc2fb216da26cf34dcac2bf5b51a2cfa39d903e12e5071a12814cd016fe4f
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-sjc10079-SJC, cache-pao17450-PAO
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
X-Timer: S1669533155.100340,VS0,VE33
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu18.sf2p.intern.weebly.net
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-8b6d9d8&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=d7c7c33f-cafd-44ad-b177-9a077b43ec84&batch_time=1669533154561
3.233.159.173202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-8b6d9d8&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=d7c7c33f-cafd-44ad-b177-9a077b43ec84&batch_time=1669533154561
IP 3.233.159.173:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 60d8c9a769d3cafa6e35590fd0d7f68c
7e09505934e839900f6315ec16cf794a3dc80ab5
ea2932f5bef26b181de29df373e8098c6de28b18e47474becadf03c3744634be
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-8b6d9d8&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=d7c7c33f-cafd-44ad-b177-9a077b43ec84&batch_time=1669533154561 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15652
Origin: https://mail-109965.square.site
Connection: keep-alive
Referer: https://mail-109965.square.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Sun, 27 Nov 2022 07:12:35 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-8b6d9d8&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=bfe0a530-0f36-4018-8ed7-bafd5c4aee91&batch_time=1669533154598
3.233.159.173202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-8b6d9d8&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=bfe0a530-0f36-4018-8ed7-bafd5c4aee91&batch_time=1669533154598
IP 3.233.159.173:0
File type JSON data\012- , ASCII text, with no line terminators
Hash db7aa437c8cc81804f38478b0aa85d1f
973d4f7192af01a5aeb94a1bdfaf6af7f63496f3
5c733e596eba9c6b6263e0df37bbf167312954927e5f9e2b2cd04474c19dfb00
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-8b6d9d8&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=bfe0a530-0f36-4018-8ed7-bafd5c4aee91&batch_time=1669533154598 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15757
Origin: https://mail-109965.square.site
Connection: keep-alive
Referer: https://mail-109965.square.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Sun, 27 Nov 2022 07:12:35 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
mail-109965.square.site/app/website/square.ico
199.34.228.40200 OK 6.5 kB URL HTTP/1.1 mail-109965.square.site/app/website/square.ico
IP 199.34.228.40:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash d810985ef4dc1c0bd5811e36d13c8ca3
2b45bb77c68c937af6a2d9854dc82301526473aa
770e0889aefd823056c7cdbb066a445be0f0754c1b4d4cba877e120fdbcb63e6
Analyzer Verdict Alert openphish BT Group plc
fortinet Phishing
GET /app/website/square.ico HTTP/1.1
Host: mail-109965.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-109965.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6IlBuN08weGtGQTBRR2FSemRLeXZEeEE9PSIsInZhbHVlIjoidWJqMGJoeXpzUll6akRpUlU4ck5KZkpSZFpwWk55UENrMjdLRVhsZFdLTVVyeFNrRXpFUXFOUWNwQ2wyN0h4cE5ROGhHbytYdElPYzdTd3A5YWFrZ1lpbXFIUzhhVUdhajRuclZiY3BJYkxyQWNSSGtWRGxYWklUSHd5cFB1NkYiLCJtYWMiOiJhY2RiMzM4NDcwMmNmZjA4MTMyN2MyZjE4ZmE5NzE1YTY3NmQxOWE2MDVjODQ3NjI4NjY2MmY3ZTQwNTkwZjkwIn0%3D; XSRF-TOKEN=eyJpdiI6ImdLdVl4Z29EVE5rS3NoQ3NBbmJhcnc9PSIsInZhbHVlIjoiYUMyN29ad1dvajR5N0J5S2g5TzVPZDhTT1Z4M25sWGY5RUhSb3phWkJZaThERHRJMjVydjltT0hpNEpDTFYxb3NrODNocVJrcmgyVzN2WFcrVnRDc080OTJKYXRrMmloZ29pSjJ3UUt0RCtQVzQ5SDVpY3RcL3k1RjVhSm9iMEtMIiwibWFjIjoiZmM3MzNlOTQxZmQ3N2MwYmE3ODg0ZmEyNDUyYWY4NjdmOTNjZjI1NDI0YjFjOWQzODg4ZGY2YTEwMzQ3Y2JkMyJ9; PublishedSiteSession=eyJpdiI6ImduZFwvMFhqbGo4OHg1VzhJdkZEb2tnPT0iLCJ2YWx1ZSI6InZlS1lpSmNzc25uRzZhOHJRMkdBYmRLSitxVDNnblNrcVEyWWFRNUtnNERGVVlPYzEzRnpIUW5NamliSHI4NGVEZUpDSmpzVlNQd1M2NTVSV3lqQkh2STdWa1g0YVM4QXk2Mm1uNHJCbElpbXdFNGgwTlk2UTlGR1l0S1lhZWJNIiwibWFjIjoiMzY5YWEwYTg4NmJlYmI4OTEyN2ZjYTUxMmRkZjMwZWMzYmIyMTRhZjk3ZmQ0ZmYwODJhYWNiYWU2NGE4MTM2YyJ9; _snow_ses.8135=*; _snow_id.8135=c4f4e5f4-f25d-4380-ad1a-02eb0b28fc56.1669533153.1.1669533154.1669533153.8c2147f5-a366-49c3-9c87-9e7218d968d9; _dd_s=rum=1&id=d2faeb70-55c9-4700-9d4c-7b6f10d86a91&created=1669533153094&expire=1669534053094; websitespring-xsrf=eyJpdiI6InFHXC9RdEF0NjhndFwvdUFQM2pXR2xDZz09IiwidmFsdWUiOiIzMStITWdvbllGQUtJMk1LVjZvaExiNnVTRHArWGdPdTI3RFZXa1JucXY1RlIwUjRrM2ROSk1FbFwva0NRN1VaK3V2RUt2YWpTQmFzSFBmTmlDVVJ5dXVRT004RGxOUE92R2dJQXduTzFvdXJVZGUwQm12RG1sajV2U3hubXV2dUkiLCJtYWMiOiI1MDViNTQ4Mzg1NDJhMzcyNzdlN2I4ODkzOWU5MGRjNTU5Mzg0NWI0OGI4MWExY2RlMGI5Y2Q3Y2Y0NDljODY4In0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 07:12:35 GMT
Content-Type: image/x-icon
Content-Length: 6518
Connection: keep-alive
Last-Modified: Tue, 02 Apr 2019 14:51:59 GMT
x-rgw-object-type: Normal
ETag: "d810985ef4dc1c0bd5811e36d13c8ca3"
x-amz-request-id: tx000000000000001a88764-00628473fc-b9fbc20-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu139.sf2p.intern.weebly.net
X-Revision: 8b6d9d887a47f8cceadf99cb849a3347de2cf18d
X-Request-ID: 150ff342c487f2aadcc842c6ac429773
mail-109965.square.site/uploads/b/c714d9506e27afceda2261ab510d808a90f0808474c6a5a3d742e143ac8131bb/bt%20logo_1669367933.jpg?width=800
199.34.228.40200 OK 68 kB URL HTTP/1.1 mail-109965.square.site/uploads/b/c714d9506e27afceda2261ab510d808a90f0808474c6a5a3d742e143ac8131bb/bt%20logo_1669367933.jpg?width=800
IP 199.34.228.40:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 759x528, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1bc4731ea15e05e4602d7d3b6f409a4e
1bed5f80cf93c088e438edda34e039c444d942ad
ca6906601c7cc09a15022b371f4acb7200877eccc9d42f9f4a6c9c5d2528faef
Analyzer Verdict Alert openphish BT Group plc
fortinet Phishing
GET /uploads/b/c714d9506e27afceda2261ab510d808a90f0808474c6a5a3d742e143ac8131bb/bt%20logo_1669367933.jpg?width=800 HTTP/1.1
Host: mail-109965.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-109965.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6IlBuN08weGtGQTBRR2FSemRLeXZEeEE9PSIsInZhbHVlIjoidWJqMGJoeXpzUll6akRpUlU4ck5KZkpSZFpwWk55UENrMjdLRVhsZFdLTVVyeFNrRXpFUXFOUWNwQ2wyN0h4cE5ROGhHbytYdElPYzdTd3A5YWFrZ1lpbXFIUzhhVUdhajRuclZiY3BJYkxyQWNSSGtWRGxYWklUSHd5cFB1NkYiLCJtYWMiOiJhY2RiMzM4NDcwMmNmZjA4MTMyN2MyZjE4ZmE5NzE1YTY3NmQxOWE2MDVjODQ3NjI4NjY2MmY3ZTQwNTkwZjkwIn0%3D; XSRF-TOKEN=eyJpdiI6ImdLdVl4Z29EVE5rS3NoQ3NBbmJhcnc9PSIsInZhbHVlIjoiYUMyN29ad1dvajR5N0J5S2g5TzVPZDhTT1Z4M25sWGY5RUhSb3phWkJZaThERHRJMjVydjltT0hpNEpDTFYxb3NrODNocVJrcmgyVzN2WFcrVnRDc080OTJKYXRrMmloZ29pSjJ3UUt0RCtQVzQ5SDVpY3RcL3k1RjVhSm9iMEtMIiwibWFjIjoiZmM3MzNlOTQxZmQ3N2MwYmE3ODg0ZmEyNDUyYWY4NjdmOTNjZjI1NDI0YjFjOWQzODg4ZGY2YTEwMzQ3Y2JkMyJ9; PublishedSiteSession=eyJpdiI6ImduZFwvMFhqbGo4OHg1VzhJdkZEb2tnPT0iLCJ2YWx1ZSI6InZlS1lpSmNzc25uRzZhOHJRMkdBYmRLSitxVDNnblNrcVEyWWFRNUtnNERGVVlPYzEzRnpIUW5NamliSHI4NGVEZUpDSmpzVlNQd1M2NTVSV3lqQkh2STdWa1g0YVM4QXk2Mm1uNHJCbElpbXdFNGgwTlk2UTlGR1l0S1lhZWJNIiwibWFjIjoiMzY5YWEwYTg4NmJlYmI4OTEyN2ZjYTUxMmRkZjMwZWMzYmIyMTRhZjk3ZmQ0ZmYwODJhYWNiYWU2NGE4MTM2YyJ9; _snow_ses.8135=*; _snow_id.8135=c4f4e5f4-f25d-4380-ad1a-02eb0b28fc56.1669533153.1.1669533154.1669533153.8c2147f5-a366-49c3-9c87-9e7218d968d9; _dd_s=rum=1&id=d2faeb70-55c9-4700-9d4c-7b6f10d86a91&created=1669533153094&expire=1669534053094; websitespring-xsrf=eyJpdiI6InFHXC9RdEF0NjhndFwvdUFQM2pXR2xDZz09IiwidmFsdWUiOiIzMStITWdvbllGQUtJMk1LVjZvaExiNnVTRHArWGdPdTI3RFZXa1JucXY1RlIwUjRrM2ROSk1FbFwva0NRN1VaK3V2RUt2YWpTQmFzSFBmTmlDVVJ5dXVRT004RGxOUE92R2dJQXduTzFvdXJVZGUwQm12RG1sajV2U3hubXV2dUkiLCJtYWMiOiI1MDViNTQ4Mzg1NDJhMzcyNzdlN2I4ODkzOWU5MGRjNTU5Mzg0NWI0OGI4MWExY2RlMGI5Y2Q3Y2Y0NDljODY4In0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 07:12:35 GMT
Content-Type: image/webp
Content-Length: 67746
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "6N029V5icM04IYaTC2Sk98DFADM6CqFMFGzEN7Jp1Ks"
Fastly-Io-Info: ifsz=93963 idim=759x528 ifmt=jpeg ofsz=67746 odim=759x528 ofmt=webp
Fastly-Stats: io=1
Fastly-Transform-Stats: tus=51052 cr=1.39
X-Amz-Request-Id: tx00000000000002f32054b-00636dedd1-c669cc6-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: ze6f3
X-Storage-Object: e6f39290229b517e0025412702d900018bcbe37e9fa4e32b7bbbacdbb8038dc2
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 1072
X-Served-By: cache-sjc10081-SJC, cache-pao17441-PAO
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
X-Timer: S1669533155.246416,VS0,VE1
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn111.sf2p.intern.weebly.net
cdn3.editmysite.com/app/website/js/languages/en.d69f032602a9a8656bf8.js
151.101.85.46200 OK 0 B URL HTTP/2 cdn3.editmysite.com/app/website/js/languages/en.d69f032602a9a8656bf8.js
IP 151.101.85.46:0
GET /app/website/js/languages/en.d69f032602a9a8656bf8.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-109965.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Thu, 03 Nov 2022 23:25:35 GMT
x-rgw-object-type: Normal
etag: W/"88da55c6ac5b86a27462f8794b300ba2"
x-amz-request-id: tx0000000000000278488a3-0063644e55-c6aed46-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/languages/en.d69f032602a9a8656bf8.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 5b106465564fd8cfdc25e96fbccd2ff9dcb7a0ec
x-request-id: d06a245b8fc77a19a7522567339564c9
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sun, 27 Nov 2022 07:12:32 GMT
via: 1.1 varnish
age: 2014900
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669533153.755450,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 151425
X-Firefox-Spdy: h2