r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 82788b8b26eeba7f492106ea47729bbb
823b2d3c336d11064a6b809057bed46bb65a7969
7671d088ba1420ffa01dbd63c5f7ab28d52d3591bc04c4cc182d1f9e64a7f2f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7671D088BA1420FFA01DBD63C5F7AB28D52D3591BC04C4CC182D1F9E64A7F2F8"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6705
Expires: Sat, 29 Oct 2022 16:59:22 GMT
Date: Sat, 29 Oct 2022 15:07:37 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 856ee3167a1a6efa13187b6d726d61e4
30d121bebc8f164b38d929e94193ca0caa9ce708
c79ab5ce8d207664a2e0b63762e68f1a906d68c31c59139965201c870619063a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5488
Cache-Control: max-age=158093
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 15:07:37 GMT
Etag: "635cf2d6-1d7"
Expires: Mon, 31 Oct 2022 11:02:30 GMT
Last-Modified: Sat, 29 Oct 2022 09:31:02 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 856ee3167a1a6efa13187b6d726d61e4
30d121bebc8f164b38d929e94193ca0caa9ce708
c79ab5ce8d207664a2e0b63762e68f1a906d68c31c59139965201c870619063a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5765
Cache-Control: max-age=158370
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 15:07:37 GMT
Etag: "635cf2d6-1d7"
Expires: Mon, 31 Oct 2022 11:07:07 GMT
Last-Modified: Sat, 29 Oct 2022 09:31:02 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 42d84e61e6aa4d3cce623adccfafc3e2
0dba69e98be53c153a6726ff934b2d55feb20d75
2f53662c68c9ea7be85837310861c8007fd039e5e4d8eb8f0d8948d5d1571a03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F53662C68C9EA7BE85837310861C8007FD039E5E4D8EB8F0D8948D5D1571A03"
Last-Modified: Thu, 27 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11104
Expires: Sat, 29 Oct 2022 18:12:41 GMT
Date: Sat, 29 Oct 2022 15:07:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: f8QzhBesBcmZA27NjdCjZa7C62isLWQRYyvSvf8TnTamiDmlGh918+Jpuwqhmk1Ubu0wIu+qdYk=
x-amz-request-id: NV5792ZW9WNVB49B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 29 Oct 2022 14:10:42 GMT
age: 3415
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
my-business-107111.square.site/
199.34.228.39302 Found 398 B URL HTTP/1.1 my-business-107111.square.site/
IP 199.34.228.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e10a2f805024dd37a08f1923d820a9fc
6d24d149e7fa8d6b40ec87345467da509b355b40
cf7578ba39e6522e5bb33fb57bd2b0e7278d11694ab898b337d8bc4bbade5590
Analyzer Verdict Alert openphish AOL Inc.
GET / HTTP/1.1
Host: my-business-107111.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Sat, 29 Oct 2022 15:07:37 GMT
Location: https://my-business-107111.square.site
Set-Cookie: publishedsite-xsrf=eyJpdiI6IjJLZEx5RVBHc3d0bmRETk50TkdPdUE9PSIsInZhbHVlIjoiZmZBQ2d5cDVNc0s5NVhrN1BXVGhycVpBa3RMVk1cL3JTYTFtcG9jRm9cL2VEcWRhZkZZa3NcL2ozenNOak4wNGU1SFk3bzV1ZktEWjlnMEh5MXZZcURnWlBEXC8xYlRrMVk2UTdMOEdcL1hHZDhxMUtqdWZpZ0hibG55Wnk1TlQ2SCt5USIsIm1hYyI6ImNlNmQ2NTkwNWFmNjE1ODYzNDNkMzgyZTZlNzAwMWUwOGZhNDYzNTA3ZTVlYjNlMTQ2NWQzZjc3NmI5Y2QzZjIifQ%3D%3D; expires=Sat, 12-Nov-2022 15:07:37 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6InhPTm1mQ01MVXVIbkZQUmN1bGJDOWc9PSIsInZhbHVlIjoiZXBMUUg3eFk3TmhHb2RaV244bzJ5eHQyRDNpaW9GejAxam5XdU5sM0xGTmd1WlpGbjBhWW5NNlE0QlwvK0lDUUpTTCthc1A2dnhpb1NBZVwvUTQ5UjdvUjRzVGt2cjI5RDJpVXNEdjZoYU9kT3BDRWZscnVOTnJ6V3B4QkhOeGFkRiIsIm1hYyI6IjY1MDhmYWFkZjAyMjhiMTg4NmE1NzY4NWFkMzc0NDRjOGU4NDg4ZDM2Njc0MzU1ZDhmOGIyYzA3MjUwNzRhOTcifQ%3D%3D; expires=Sat, 12-Nov-2022 15:07:37 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6IktlVklGT0I2U1FXaTBsbFZoSldNVXc9PSIsInZhbHVlIjoibjhZWDlwZUFxdldNeDlTS2dobXRDSWZMdVBcL1RwOFVmaGNFbHFoaStSSkZMMjBJZnFsMXNVYnd6Vmo3TTI1aXByUkVIUU1FM1JWN2t3a1JlbXEyQlhwTW5PODN6Z1hzcVNyKzZVXC9XUGduaElPWWdaSjBjNnpCZjlKY3Zqc1lHcyIsIm1hYyI6IjI2NzI0NDY2ODZlMzUwYTY3ODhkOTBhYmYyZTRiYjRlODA3M2FiMzA4MTM1NjIwN2JjZmU0M2Q0OTM3MGNiNTEifQ%3D%3D; expires=Sat, 12-Nov-2022 15:07:37 GMT; Max-Age=1209600; path=/; httponly
X-Host: blu137.sf2p.intern.weebly.net
X-Revision: df06de977c5f034602842c92083bb7c84a9505b8
X-Request-ID: 4f26fa3c6e630e627cad8225315be434
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 29 Oct 2022 15:07:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 6cd2680ac4ec00712e95c62bafd1f3cf
a3bdf680e14757185b36d50063ffa045c337ca7e
d9a9295f1139e032c7b17e33779b05701e64585f0acb5bff27391d4f9d37d515
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "D9A9295F1139E032C7B17E33779B05701E64585F0ACB5BFF27391D4F9D37D515"
Last-Modified: Sat, 29 Oct 2022 10:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3236
Expires: Sat, 29 Oct 2022 16:01:34 GMT
Date: Sat, 29 Oct 2022 15:07:38 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d23430a3322d9d62a11844dcb41e6b36
b3798f6bdf72e31d2bd38ee609bb8f5701a337b1
2e310b291a80f54bac4ddca876398ec04a17517464b17f8f290ee0a3d3f28156
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5963
Cache-Control: max-age=153509
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 15:07:38 GMT
Etag: "635cdf14-1d7"
Expires: Mon, 31 Oct 2022 09:46:07 GMT
Last-Modified: Sat, 29 Oct 2022 08:06:44 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
my-business-107111.square.site/
199.34.228.39200 OK 8.9 kB URL HTTP/1.1 my-business-107111.square.site/
IP 199.34.228.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (19422)
Hash 11dcdc482f57d54bd3153dd9fc405d3e
83e3a000ad963cb8fc2a12c4a7a9ffae7383356b
c1f8267bbafada86e2c0e5b5b6fdcec424164cd2dc1a8e40adcfd99eea537d66
Analyzer Verdict Alert openphish AOL Inc.
GET / HTTP/1.1
Host: my-business-107111.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sat, 29 Oct 2022 15:07:38 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6IlVrTFJFZHozSzFcL1N5NWtRcG1kUThnPT0iLCJ2YWx1ZSI6IkxJV0Y2S3ZTdlBHXC84MnpKeThGalR2aEdQejNXQzU5a1FoTjR4S1k3NE9cL09tZ2xpVyt4OXdOWnR0SXY4V2Fzd0Uzd3lYZnhZcGtrWTVQYktQZVl2R0l1aGp5T1N0R1dWS3JLNG8rSjZlR1NNTWN6MkpsamZqS012OGtBRjl1SGoiLCJtYWMiOiJlMDIxMGE3OTkzYWZjYjY5NGNhMWFjYTljOTZhMDBhNmE0NTRjNGYzZTFhMDI3ZGFmYTU4MTMxODZlNzM0ZDFkIn0%3D; expires=Sat, 12-Nov-2022 15:07:38 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IlM2dDROS1BiNllCXC8yY0l2dXJ4QlZRPT0iLCJ2YWx1ZSI6IndBbG92RjgrMDh5eVFjYnlqSzdLMU1TdnBFYXlJcEVnZVJCbGF4ZEF5SFVDWURwc3E2STY0bDVqbTZsWkRxN0hFaGdBeENWcjBjOFp6blZXSGIwM0c0SXpEMTdqdThKOThiNHpoeHpvZlNWNTgrZVNhVHcxNjZueXc5b0hzXC9qNCIsIm1hYyI6ImJiNDM0MmFhMGU4ODE4N2MxYjAzY2Q2MzA3MDQyZmE4OGExMjdlOGQxNThjNDYxOGQzZGM2MDA5NzNiZTkxNTMifQ%3D%3D; expires=Sat, 12-Nov-2022 15:07:38 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6IjFhV3laVUJRTVVRRjhQc0JRNU9hRUE9PSIsInZhbHVlIjoibTVUXC9LeSs4c2pFRFdXT01OTkoyYktPSDZPTTVDWE9zMXd0K0lUSWdPV1dSYXFrMHgxbk41elM0d1dRYTZkM01TWkFHTWpYNU5yV1ZGc2xrRHZsSGFBY0xcL2ZlamkydGJadm5Zd2RMSDA5VmkxMTdPbEtFbk5cL05SYUhcLzQ2WkFEIiwibWFjIjoiMGE1MDEzOWQyOTFiN2Y0NzI5ZmI4NTYyYmYyYTIzMzk1YzU0Njk2NWFlNjhjMjY3NGNjMjMxOTQ1NTdjZGFkOSJ9; expires=Sat, 12-Nov-2022 15:07:38 GMT; Max-Age=1209600; path=/; httponly
X-Host: blu46.sf2p.intern.weebly.net
X-Revision: df06de977c5f034602842c92083bb7c84a9505b8
X-Request-ID: f500c22af4274b6dc69b2bb9bf310e87
Content-Encoding: gzip
push.services.mozilla.com/
35.83.91.138101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.91.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0T40xq+VZxVaS6Yyr3BOJQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NzpT26PJE/2Mgv9miL9sB6/oBCE=
cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
151.101.85.46200 OK 5.0 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (11882), with no line terminators
Hash 20a4e66f534b80396d40bbc4291b2172
d7c962996f2715d94483be2bf9b644c7185d7ec7
0f19e8ad1c9bd5ae2ae5141f31b4e491bb460558da0ac51cd402964e716880ac
GET /app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Mar 2022 18:09:33 GMT
x-rgw-object-type: Normal
etag: W/"40372ca3b0cfa19f4e5d664243108364"
x-amz-request-id: tx00000000000005ce1aaac-0062434bb9-a9f1ce7-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 29 Oct 2022 15:07:38 GMT
via: 1.1 varnish
age: 663986
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 6
x-timer: S1667056059.833984,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4998
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/css/wcko.37f5acd423a3e2f914c2.css
151.101.85.46200 OK 23 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/css/wcko.37f5acd423a3e2f914c2.css
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (64270), with no line terminators
Hash 13f1127781c97e2f69c076d7796fe821
3df504b0f62a55d30d6e73e12fe9a79a9e3d368b
ecf5efc9ee2e30408a7299e306583b5712fa468f39be78b66202d3073abe1cf9
GET /app/checkout/assets/checkout/css/wcko.37f5acd423a3e2f914c2.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Thu, 27 Oct 2022 18:29:19 GMT
x-rgw-object-type: Normal
etag: W/"d512aa3dd87c86a1682ad98e732008e5"
x-amz-request-id: tx0000000000000223d1b64-00635acec6-c67eadd-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 29 Oct 2022 15:07:38 GMT
via: 1.1 varnish
age: 160461
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 6
x-timer: S1667056059.836233,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22852
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/css/site.ad066ff14cd4b1dc283c.css
151.101.85.46200 OK 24 kB URL HTTP/2 cdn3.editmysite.com/app/website/css/site.ad066ff14cd4b1dc283c.css
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (65065), with no line terminators
Hash 03b8aa4c31ccf14ba5dcc7c864890756
d5daa96bb89c46eaf4c8c41eea6bb22a4584ffd5
bebe7f8c9afdcb6f97478e42daf3f7ad06787e3c71f7d9acc36331efae6f5505
GET /app/website/css/site.ad066ff14cd4b1dc283c.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Fri, 28 Oct 2022 20:59:13 GMT
x-rgw-object-type: Normal
etag: W/"5e0f567d3140bf3ce74cd6ecf08c9a6d"
x-amz-request-id: tx00000000000002408e7e6-00635c4303-c669cc6-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: df06de977c5f034602842c92083bb7c84a9505b8
x-request-id: 05aed19adf1cca7c191e7fd0456884d8
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 29 Oct 2022 15:07:38 GMT
via: 1.1 varnish
age: 65180
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 6
x-timer: S1667056059.837547,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23543
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/wsnbn/snowday262.js
151.101.85.46200 OK 26 kB URL HTTP/2 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (2512)
Hash 234327230add9a5a5d61a48829ea4565
7966cc0e4bd76f88ff193c8a99a067de804b7129
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Tue, 25 Oct 2022 21:36:16 GMT
etag: "635856d0-124fe"
expires: Thu, 10 Nov 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: blu69.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 29 Oct 2022 15:07:38 GMT
age: 196136
x-served-by: cache-sjc10061-SJC, cache-bma1682-BMA
x-cache: HIT, HIT
x-cache-hits: 48, 2324
x-timer: S1667056059.836808,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25752
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/runtime.850790ad4dbe9bda94a4.js
151.101.85.46200 OK 25 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/runtime.850790ad4dbe9bda94a4.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (50442)
Hash 3a5dd384d6f8e80a4a17ce398e1bd07c
96888c215c794a0e8dec0f4153247eeb34d18aa3
1cecb4f053fdfefdf602f9a15bc8ea90e226ea752cf98bafc3bd28500eed6a57
GET /app/website/js/runtime.850790ad4dbe9bda94a4.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 28 Oct 2022 20:59:14 GMT
x-rgw-object-type: Normal
etag: W/"e2821f6f84361934cc01cc5287a4f11f"
x-amz-request-id: tx000000000000023fee326-00635c4303-c699baa-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/runtime.850790ad4dbe9bda94a4.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 12fed59afa6f3c4e50b48da4560c75c888c54ab9
x-request-id: af631918c6e9b5e3c25052256250efe5
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 29 Oct 2022 15:07:38 GMT
via: 1.1 varnish
age: 65181
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 7
x-timer: S1667056059.841070,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24959
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/languages/en.7593c1330562b08c973e.js
151.101.85.46200 OK 151 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/languages/en.7593c1330562b08c973e.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 151 kB (151321 bytes)
Hash 6ac98b62d7a11c91f14c4e54e7d0e395
8d65555623f83eef6481d04ea06f5a3c1babf8eb
3153c2cfacbb300e251367013328bb47412d101324b34d733afd91de31747f56
GET /app/website/js/languages/en.7593c1330562b08c973e.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Thu, 27 Oct 2022 18:30:37 GMT
x-rgw-object-type: Normal
etag: W/"41c5534142ef026f42027a2aed899bec"
x-amz-request-id: tx00000000000002328c23c-00635aceab-c669cc6-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/languages/en.7593c1330562b08c973e.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 237ae4dda96b66c359ea08adc4f80fb4f7a70558
x-request-id: 9b81ce6a3d73e4d8105a958217e4df84
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 29 Oct 2022 15:07:38 GMT
via: 1.1 varnish
age: 160461
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1667056059.847746,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 151321
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.20.226:0
Hash 97adcd8dfd6391fe6148616693f96d10
caa3fbd515b3f400e0ebb2e5fe39198d6efd5510
9f443d6ab0de3ca3dc02b51e250750999274deb439aad0ad02ac72d0f14029ef
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 15:07:38 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "A104AFACE73AEC2A023376EA0355F91DC6BA50E8"
Expires: Sun, 30 Oct 2022 02:00:00 GMT
Last-Modified: Sat, 29 Oct 2022 14:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1657
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 761cd2708f44b512-OSL
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.20.226:0
Hash 97adcd8dfd6391fe6148616693f96d10
caa3fbd515b3f400e0ebb2e5fe39198d6efd5510
9f443d6ab0de3ca3dc02b51e250750999274deb439aad0ad02ac72d0f14029ef
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 15:07:38 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "A104AFACE73AEC2A023376EA0355F91DC6BA50E8"
Expires: Sun, 30 Oct 2022 02:00:00 GMT
Last-Modified: Sat, 29 Oct 2022 14:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1657
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 761cd2708bf5b52d-OSL
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 07bfb4297f8ef9ddab3cd1b918d05183
20f58d8f05a70ebaf1b5af3b07131f74888c4a30
d2efd0dd7f4c6d389d16540e36f705b0408d120efb9452f2500e9bd6fd369b01
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98390
Date: Sat, 29 Oct 2022 15:07:39 GMT
Etag: "635c068d-1d7"
Expires: Sun, 30 Oct 2022 18:27:29 GMT
Last-Modified: Fri, 28 Oct 2022 16:42:53 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bqrWCBVDRHAcLp9M6LF7WR5JgrSVCvv3uW5zkTom8lHvepf5i7Johg==
Age: 6276
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 07bfb4297f8ef9ddab3cd1b918d05183
20f58d8f05a70ebaf1b5af3b07131f74888c4a30
d2efd0dd7f4c6d389d16540e36f705b0408d120efb9452f2500e9bd6fd369b01
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=95361
Date: Sat, 29 Oct 2022 15:07:39 GMT
Etag: "635c068d-1d7"
Expires: Sun, 30 Oct 2022 17:37:00 GMT
Last-Modified: Fri, 28 Oct 2022 16:42:53 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EfhWp0rtdGazNHJA3ICzbvs_epHel2YNNx6rZjTf82Xl64r6jzu6Rw==
Age: 3247
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://my-business-107111.square.site/
Origin: https://my-business-107111.square.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 29 Oct 2022 15:07:39 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://my-business-107111.square.site
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/vue-modules.9bc3531c7b14b533b653.js
151.101.85.46200 OK 41 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/vue-modules.9bc3531c7b14b533b653.js
IP 151.101.85.46:0
Hash ade801c572e692ed6abe4213896eccc8
82a61609a657857d3a2b2a4e12d7db9546221f22
f321df4af5ea5d9ad9d0840c3f6b332567584620efedd1fade186123abc7479e
GET /app/website/js/vue-modules.9bc3531c7b14b533b653.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Mon, 24 Oct 2022 20:40:22 GMT
x-rgw-object-type: Normal
etag: W/"be42f69ec175a01b6e195526f58dae71"
x-amz-request-id: tx000000000000020dcf4f1-006356f88c-c699baa-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/vue-modules.9bc3531c7b14b533b653.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 7b0a5922cd6192ffeaa71064fca8d7ba81e3c40a
x-request-id: 4791013499f819b029380daa5b7e28b4
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 29 Oct 2022 15:07:38 GMT
via: 1.1 varnish
age: 411777
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 8
x-timer: S1667056059.844821,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 72192
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 10bb93a98239b802cfec26cfddeccc4d
c4f43ee05234b55bd797f96d1659b2411b44af75
be5d3d66888797f522e871f4cfccccadcf2e6a215e73a8b58d1fffc9945a69d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE5D3D66888797F522E871F4CFCCCCADCF2E6A215E73A8B58D1FFFC9945A69D3"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8961
Expires: Sat, 29 Oct 2022 17:37:00 GMT
Date: Sat, 29 Oct 2022 15:07:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 10bb93a98239b802cfec26cfddeccc4d
c4f43ee05234b55bd797f96d1659b2411b44af75
be5d3d66888797f522e871f4cfccccadcf2e6a215e73a8b58d1fffc9945a69d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE5D3D66888797F522E871F4CFCCCCADCF2E6A215E73A8B58D1FFFC9945A69D3"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8961
Expires: Sat, 29 Oct 2022 17:37:00 GMT
Date: Sat, 29 Oct 2022 15:07:39 GMT
Connection: keep-alive
cdn3.editmysite.com/app/website/js/site.59071c49da14147c4b21.js
151.101.85.46200 OK 503 B URL HTTP/2 cdn3.editmysite.com/app/website/js/site.59071c49da14147c4b21.js
IP 151.101.85.46:0
Hash 10bb93a98239b802cfec26cfddeccc4d
c4f43ee05234b55bd797f96d1659b2411b44af75
be5d3d66888797f522e871f4cfccccadcf2e6a215e73a8b58d1fffc9945a69d3
GET /app/website/js/site.59071c49da14147c4b21.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 28 Oct 2022 20:59:14 GMT
x-rgw-object-type: Normal
etag: W/"ef14a2592418f2d85e85b42630dd5bfd"
x-amz-request-id: tx0000000000000231c8fbe-00635c42fe-c67eadd-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/site.59071c49da14147c4b21.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: df06de977c5f034602842c92083bb7c84a9505b8
x-request-id: 77da5c9c4c1a9b89439bbae8151f65ab
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 29 Oct 2022 15:07:38 GMT
via: 1.1 varnish
age: 65181
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1667056059.845036,VS0,VE2
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 615223
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 10bb93a98239b802cfec26cfddeccc4d
c4f43ee05234b55bd797f96d1659b2411b44af75
be5d3d66888797f522e871f4cfccccadcf2e6a215e73a8b58d1fffc9945a69d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE5D3D66888797F522E871F4CFCCCCADCF2E6A215E73A8B58D1FFFC9945A69D3"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8961
Expires: Sat, 29 Oct 2022 17:37:00 GMT
Date: Sat, 29 Oct 2022 15:07:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 10bb93a98239b802cfec26cfddeccc4d
c4f43ee05234b55bd797f96d1659b2411b44af75
be5d3d66888797f522e871f4cfccccadcf2e6a215e73a8b58d1fffc9945a69d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE5D3D66888797F522E871F4CFCCCCADCF2E6A215E73A8B58D1FFFC9945A69D3"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8961
Expires: Sat, 29 Oct 2022 17:37:00 GMT
Date: Sat, 29 Oct 2022 15:07:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c7269e7-b618-4700-9a4e-8dd88078670e.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c7269e7-b618-4700-9a4e-8dd88078670e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 810ba4a29aeb678e3a85cefce6ef81f6
af589048cc676d45060198d7fce3a338d681d201
3503f05f67b381aef650141a5ad2083890a197231cf6dfde99c2fb3ff4de57e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c7269e7-b618-4700-9a4e-8dd88078670e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9718
x-amzn-requestid: e7339861-3974-4569-b282-502667c970fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCIxHPToAMFoLQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a37-661fecca54b9a038565e0fcb;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 0Rwj6cW5bSmvUt1d92sn_CPelMoM0-VFSd7M9NeerwIiuUATUGpKqQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:59:11 GMT
etag: "af589048cc676d45060198d7fce3a338d681d201"
content-type: image/jpeg
age: 61708
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1996
Origin: https://my-business-107111.square.site
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 29 Oct 2022 15:07:39 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c; Expires=Sun, 29 Oct 2023 15:07:39 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://my-business-107111.square.site
access-control-allow-credentials: true
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d544611-f308-4821-aef5-0888cd93d455.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d544611-f308-4821-aef5-0888cd93d455.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e5a94f3f4cc8fc9b1b9d161d66ba89f
2e335c2640807df30375b6763dce3b1eb3128351
28f2277ba3e82c78a223b2dbaf5335b4696cf0b42b84663472f26eae6210abfb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d544611-f308-4821-aef5-0888cd93d455.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15666
x-amzn-requestid: 9f48b346-edb5-4e09-90c9-edc028d94a01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apNEyE72IAMFlzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359f551-7ba4a5cd0fd7842268b6a05e;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 03:04:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5fnDSMWXZK6WobKJY0MqxXZkKbfVpMFsXXkfDnIEmgXp_nHetSjbYg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 04:30:29 GMT
age: 38230
etag: "2e335c2640807df30375b6763dce3b1eb3128351"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd830c901-a7fd-448a-9a5c-b65235a10127.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd830c901-a7fd-448a-9a5c-b65235a10127.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ccb6be5f8a61354dfff4fa9d48852fe
33b4a66a9693ca4c327c13303cb4f1aa4354b261
aa48f106bdfd580cea5f691ddf2c7e0445a30d89526355953ae9d87881ad6495
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd830c901-a7fd-448a-9a5c-b65235a10127.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15494
x-amzn-requestid: 5c6a874b-b97e-44ba-93e2-ebc4517220d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apSLZGNGoAMFrgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359fd7b-0a756fdd554b64381bf74525;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 03:39:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IZrTbVtjoc8LALwjuxZKdHwsRJ6EOAPwdJgdAFxYcNKdIVtVV7mSsQ==
via: 1.1 c4e77f714a7aade06aaed8bdc8b66fca.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 09:48:52 GMT
age: 19127
etag: "33b4a66a9693ca4c327c13303cb4f1aa4354b261"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F493e6c0e-987f-4e8a-b2a1-5fe4f452da17.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F493e6c0e-987f-4e8a-b2a1-5fe4f452da17.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3044824aa388754b4834dc79496d135b
ee65caaa8a746599f6c29d74900472a98c121499
1e7f15e9d74e3559bbe51f66a861045d02a1cb227c978ba09c47e52972095930
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F493e6c0e-987f-4e8a-b2a1-5fe4f452da17.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6036
x-amzn-requestid: 3614efdd-d9db-4461-a335-30cfc17cf8b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCGmEyVoAMFnPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a2a-5f619a592c75e97c3dc2689a;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: W1LaF7xWMkFRekTvIhe1Ft7v8vQMW-_sLLrjtu5SluHUg48esy5cdA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:51:02 GMT
age: 62197
etag: "ee65caaa8a746599f6c29d74900472a98c121499"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49fb8fa0-61f2-4078-986f-12a6dab52ed2.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49fb8fa0-61f2-4078-986f-12a6dab52ed2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8326b70116b95839cb92a20987ff62bf
e39efc9edc67abdbc8b67e56ea3aa3f169600055
9bb70165db081deb009c8da7f4fcafff66bf4f3ce68c88dd11b21ab1665f8a30
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49fb8fa0-61f2-4078-986f-12a6dab52ed2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8381
x-amzn-requestid: affd1381-e8d6-406e-bdfd-43095e110aa9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCJEHAUoAMFQPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a39-738547cc62556b0f6cc604cf;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:37 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FpVYEpuzxdqeInQrm5_-ZU4tLonMfDWY3D3DxRd0JD3uh4emzrgklA==
via: 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 22:02:40 GMT
age: 61499
etag: "e39efc9edc67abdbc8b67e56ea3aa3f169600055"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ed0e856-e7a8-4b66-8b47-6376c7ef215f.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ed0e856-e7a8-4b66-8b47-6376c7ef215f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29f8a8bdab8c8b28242ea7227be2d471
aa097b7f69b5369277d405238bbbb19081c3c3da
ec9a37f12ce0fb63e907ac3e5cbba04f392dfe44432422a839fc9c6ea66ec176
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ed0e856-e7a8-4b66-8b47-6376c7ef215f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8239
x-amzn-requestid: 7dd9eebd-2c20-4e7c-ba5d-349dc15abe61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCGmH3eIAMFhcA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a2a-3dfa40935763bd2641e7e53a;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:22 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9tjWGS2L9mjQHuhRpOmnR5jIxAys2om70GRzupGsQ4rZZPaz7uITog==
via: 1.1 fec77e486350d1bd33f526a760d8b5a4.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 22:02:40 GMT
age: 61499
etag: "aa097b7f69b5369277d405238bbbb19081c3c3da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
my-business-107111.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
199.34.228.39200 OK 894 B URL HTTP/1.1 my-business-107111.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
IP 199.34.228.39:0
File type JSON data\012- , ASCII text, with very long lines (894), with no line terminators
Hash 3f5ab55db6efc1847ef0c9f2553e2ead
c2c9115dfa7f8b333d49140f576db7068709a3ee
176415a23c2b4b9a09af46f171ddc186f5f8e40d19894861db2e81afedff0fb9
Analyzer Verdict Alert openphish AOL Inc.
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig] HTTP/1.1
Host: my-business-107111.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6IlM2dDROS1BiNllCXC8yY0l2dXJ4QlZRPT0iLCJ2YWx1ZSI6IndBbG92RjgrMDh5eVFjYnlqSzdLMU1TdnBFYXlJcEVnZVJCbGF4ZEF5SFVDWURwc3E2STY0bDVqbTZsWkRxN0hFaGdBeENWcjBjOFp6blZXSGIwM0c0SXpEMTdqdThKOThiNHpoeHpvZlNWNTgrZVNhVHcxNjZueXc5b0hzXC9qNCIsIm1hYyI6ImJiNDM0MmFhMGU4ODE4N2MxYjAzY2Q2MzA3MDQyZmE4OGExMjdlOGQxNThjNDYxOGQzZGM2MDA5NzNiZTkxNTMifQ==
Content-Length: 78
Origin: https://my-business-107111.square.site
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IlVrTFJFZHozSzFcL1N5NWtRcG1kUThnPT0iLCJ2YWx1ZSI6IkxJV0Y2S3ZTdlBHXC84MnpKeThGalR2aEdQejNXQzU5a1FoTjR4S1k3NE9cL09tZ2xpVyt4OXdOWnR0SXY4V2Fzd0Uzd3lYZnhZcGtrWTVQYktQZVl2R0l1aGp5T1N0R1dWS3JLNG8rSjZlR1NNTWN6MkpsamZqS012OGtBRjl1SGoiLCJtYWMiOiJlMDIxMGE3OTkzYWZjYjY5NGNhMWFjYTljOTZhMDBhNmE0NTRjNGYzZTFhMDI3ZGFmYTU4MTMxODZlNzM0ZDFkIn0%3D; XSRF-TOKEN=eyJpdiI6IlM2dDROS1BiNllCXC8yY0l2dXJ4QlZRPT0iLCJ2YWx1ZSI6IndBbG92RjgrMDh5eVFjYnlqSzdLMU1TdnBFYXlJcEVnZVJCbGF4ZEF5SFVDWURwc3E2STY0bDVqbTZsWkRxN0hFaGdBeENWcjBjOFp6blZXSGIwM0c0SXpEMTdqdThKOThiNHpoeHpvZlNWNTgrZVNhVHcxNjZueXc5b0hzXC9qNCIsIm1hYyI6ImJiNDM0MmFhMGU4ODE4N2MxYjAzY2Q2MzA3MDQyZmE4OGExMjdlOGQxNThjNDYxOGQzZGM2MDA5NzNiZTkxNTMifQ%3D%3D; PublishedSiteSession=eyJpdiI6IjFhV3laVUJRTVVRRjhQc0JRNU9hRUE9PSIsInZhbHVlIjoibTVUXC9LeSs4c2pFRFdXT01OTkoyYktPSDZPTTVDWE9zMXd0K0lUSWdPV1dSYXFrMHgxbk41elM0d1dRYTZkM01TWkFHTWpYNU5yV1ZGc2xrRHZsSGFBY0xcL2ZlamkydGJadm5Zd2RMSDA5VmkxMTdPbEtFbk5cL05SYUhcLzQ2WkFEIiwibWFjIjoiMGE1MDEzOWQyOTFiN2Y0NzI5ZmI4NTYyYmYyYTIzMzk1YzU0Njk2NWFlNjhjMjY3NGNjMjMxOTQ1NTdjZGFkOSJ9; _snow_ses.2ae8=*; _snow_id.2ae8=8a0bb2f2-ab7c-437b-b1b6-1e85d8ec85cc.1667056057.1.1667056057.1667056057.82e90e3c-0074-4e2d-a6c2-3d197eff1a4c; _dd_s=rum=1&id=d6e5aa9f-afe5-4668-be46-3e0b6f3f9d8b&created=1667056057391&expire=1667056957391
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 15:07:39 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn31.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 894
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
35.188.42.15200 OK 2 B URL HTTP/1.1 sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
IP 35.188.42.15:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://my-business-107111.square.site/
Content-Type: text/plain;charset=UTF-8
Origin: https://my-business-107111.square.site
Content-Length: 429
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 29 Oct 2022 15:07:40 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://my-business-107111.square.site
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
my-business-107111.square.site/uploads/b/74ead060-4f02-11ed-aa8e-0fcaa5bd5adc/icon_180x180_ios_NzY1MD.png?width=180
199.34.228.39200 OK 1.1 kB URL HTTP/1.1 my-business-107111.square.site/uploads/b/74ead060-4f02-11ed-aa8e-0fcaa5bd5adc/icon_180x180_ios_NzY1MD.png?width=180
IP 199.34.228.39:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2b13f369f8a80d4a2631951c281fec0b
1488e07deb9b22832f36ae6d91b596ded32311a0
409c9779625ed22b1f3a366d502cb47e1843f5ee2b372d8cc45853699322d97c
Analyzer Verdict Alert openphish AOL Inc.
GET /uploads/b/74ead060-4f02-11ed-aa8e-0fcaa5bd5adc/icon_180x180_ios_NzY1MD.png?width=180 HTTP/1.1
Host: my-business-107111.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IlVrTFJFZHozSzFcL1N5NWtRcG1kUThnPT0iLCJ2YWx1ZSI6IkxJV0Y2S3ZTdlBHXC84MnpKeThGalR2aEdQejNXQzU5a1FoTjR4S1k3NE9cL09tZ2xpVyt4OXdOWnR0SXY4V2Fzd0Uzd3lYZnhZcGtrWTVQYktQZVl2R0l1aGp5T1N0R1dWS3JLNG8rSjZlR1NNTWN6MkpsamZqS012OGtBRjl1SGoiLCJtYWMiOiJlMDIxMGE3OTkzYWZjYjY5NGNhMWFjYTljOTZhMDBhNmE0NTRjNGYzZTFhMDI3ZGFmYTU4MTMxODZlNzM0ZDFkIn0%3D; XSRF-TOKEN=eyJpdiI6IlM2dDROS1BiNllCXC8yY0l2dXJ4QlZRPT0iLCJ2YWx1ZSI6IndBbG92RjgrMDh5eVFjYnlqSzdLMU1TdnBFYXlJcEVnZVJCbGF4ZEF5SFVDWURwc3E2STY0bDVqbTZsWkRxN0hFaGdBeENWcjBjOFp6blZXSGIwM0c0SXpEMTdqdThKOThiNHpoeHpvZlNWNTgrZVNhVHcxNjZueXc5b0hzXC9qNCIsIm1hYyI6ImJiNDM0MmFhMGU4ODE4N2MxYjAzY2Q2MzA3MDQyZmE4OGExMjdlOGQxNThjNDYxOGQzZGM2MDA5NzNiZTkxNTMifQ%3D%3D; PublishedSiteSession=eyJpdiI6IjFhV3laVUJRTVVRRjhQc0JRNU9hRUE9PSIsInZhbHVlIjoibTVUXC9LeSs4c2pFRFdXT01OTkoyYktPSDZPTTVDWE9zMXd0K0lUSWdPV1dSYXFrMHgxbk41elM0d1dRYTZkM01TWkFHTWpYNU5yV1ZGc2xrRHZsSGFBY0xcL2ZlamkydGJadm5Zd2RMSDA5VmkxMTdPbEtFbk5cL05SYUhcLzQ2WkFEIiwibWFjIjoiMGE1MDEzOWQyOTFiN2Y0NzI5ZmI4NTYyYmYyYTIzMzk1YzU0Njk2NWFlNjhjMjY3NGNjMjMxOTQ1NTdjZGFkOSJ9; _snow_ses.2ae8=*; _snow_id.2ae8=8a0bb2f2-ab7c-437b-b1b6-1e85d8ec85cc.1667056057.1.1667056057.1667056057.82e90e3c-0074-4e2d-a6c2-3d197eff1a4c; _dd_s=rum=1&id=d6e5aa9f-afe5-4668-be46-3e0b6f3f9d8b&created=1667056057391&expire=1667056957391
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 29 Oct 2022 15:07:40 GMT
Content-Type: image/webp
Content-Length: 1140
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "ByynswHXk6t7fvU2dt+UxHCtw/tJfLxfWQGBNn/ZXLY"
Fastly-Io-Info: ifsz=2017 idim=180x180 ifmt=png ofsz=1140 odim=180x180 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx000000000000023759dac-00635d35a5-c6aed46-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: z7320
X-Storage-Object: 73206b5b7b84070f059a602fda7a020a2ddc882187a072a3cb2e5dc8c8c1b694
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 2971
X-Served-By: cache-sjc10078-SJC, cache-pao17422-PAO
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
X-Timer: S1667056060.470739,VS0,VE1
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn132.sf2p.intern.weebly.net
my-business-107111.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
199.34.228.39200 OK 201 B URL HTTP/1.1 my-business-107111.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
IP 199.34.228.39:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bbf985fd86ef8add09a38860a98def2f
2804fa968da1e1b8be4b6f150438e45f4150d3c0
236153652c6f09415db4ee8f8b9a98827da5987a001a136d94d87f401ef6f160
Analyzer Verdict Alert openphish AOL Inc.
POST /ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments] HTTP/1.1
Host: my-business-107111.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6IlM2dDROS1BiNllCXC8yY0l2dXJ4QlZRPT0iLCJ2YWx1ZSI6IndBbG92RjgrMDh5eVFjYnlqSzdLMU1TdnBFYXlJcEVnZVJCbGF4ZEF5SFVDWURwc3E2STY0bDVqbTZsWkRxN0hFaGdBeENWcjBjOFp6blZXSGIwM0c0SXpEMTdqdThKOThiNHpoeHpvZlNWNTgrZVNhVHcxNjZueXc5b0hzXC9qNCIsIm1hYyI6ImJiNDM0MmFhMGU4ODE4N2MxYjAzY2Q2MzA3MDQyZmE4OGExMjdlOGQxNThjNDYxOGQzZGM2MDA5NzNiZTkxNTMifQ==
Content-Length: 83
Origin: https://my-business-107111.square.site
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IlVrTFJFZHozSzFcL1N5NWtRcG1kUThnPT0iLCJ2YWx1ZSI6IkxJV0Y2S3ZTdlBHXC84MnpKeThGalR2aEdQejNXQzU5a1FoTjR4S1k3NE9cL09tZ2xpVyt4OXdOWnR0SXY4V2Fzd0Uzd3lYZnhZcGtrWTVQYktQZVl2R0l1aGp5T1N0R1dWS3JLNG8rSjZlR1NNTWN6MkpsamZqS012OGtBRjl1SGoiLCJtYWMiOiJlMDIxMGE3OTkzYWZjYjY5NGNhMWFjYTljOTZhMDBhNmE0NTRjNGYzZTFhMDI3ZGFmYTU4MTMxODZlNzM0ZDFkIn0%3D; XSRF-TOKEN=eyJpdiI6IlM2dDROS1BiNllCXC8yY0l2dXJ4QlZRPT0iLCJ2YWx1ZSI6IndBbG92RjgrMDh5eVFjYnlqSzdLMU1TdnBFYXlJcEVnZVJCbGF4ZEF5SFVDWURwc3E2STY0bDVqbTZsWkRxN0hFaGdBeENWcjBjOFp6blZXSGIwM0c0SXpEMTdqdThKOThiNHpoeHpvZlNWNTgrZVNhVHcxNjZueXc5b0hzXC9qNCIsIm1hYyI6ImJiNDM0MmFhMGU4ODE4N2MxYjAzY2Q2MzA3MDQyZmE4OGExMjdlOGQxNThjNDYxOGQzZGM2MDA5NzNiZTkxNTMifQ%3D%3D; PublishedSiteSession=eyJpdiI6IjFhV3laVUJRTVVRRjhQc0JRNU9hRUE9PSIsInZhbHVlIjoibTVUXC9LeSs4c2pFRFdXT01OTkoyYktPSDZPTTVDWE9zMXd0K0lUSWdPV1dSYXFrMHgxbk41elM0d1dRYTZkM01TWkFHTWpYNU5yV1ZGc2xrRHZsSGFBY0xcL2ZlamkydGJadm5Zd2RMSDA5VmkxMTdPbEtFbk5cL05SYUhcLzQ2WkFEIiwibWFjIjoiMGE1MDEzOWQyOTFiN2Y0NzI5ZmI4NTYyYmYyYTIzMzk1YzU0Njk2NWFlNjhjMjY3NGNjMjMxOTQ1NTdjZGFkOSJ9; _snow_ses.2ae8=*; _snow_id.2ae8=8a0bb2f2-ab7c-437b-b1b6-1e85d8ec85cc.1667056057.1.1667056057.1667056057.82e90e3c-0074-4e2d-a6c2-3d197eff1a4c; _dd_s=rum=1&id=d6e5aa9f-afe5-4668-be46-3e0b6f3f9d8b&created=1667056057391&expire=1667056957391
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 15:07:40 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn27.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 201
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
my-business-107111.square.site/app/website/cms/api/v1/users/143541817/customers/coordinates
199.34.228.39200 OK 70 B URL HTTP/1.1 my-business-107111.square.site/app/website/cms/api/v1/users/143541817/customers/coordinates
IP 199.34.228.39:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9752b06c768724a72741cf9388713596
3c05993fc47e53d1edaa9c03779565a7753f3a61
1d97b677c782c9ae57c8b4dcb6afd88a8068ea3cd133a00cf1050dfe0b4d835c
Analyzer Verdict Alert openphish AOL Inc.
GET /app/website/cms/api/v1/users/143541817/customers/coordinates HTTP/1.1
Host: my-business-107111.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IlM2dDROS1BiNllCXC8yY0l2dXJ4QlZRPT0iLCJ2YWx1ZSI6IndBbG92RjgrMDh5eVFjYnlqSzdLMU1TdnBFYXlJcEVnZVJCbGF4ZEF5SFVDWURwc3E2STY0bDVqbTZsWkRxN0hFaGdBeENWcjBjOFp6blZXSGIwM0c0SXpEMTdqdThKOThiNHpoeHpvZlNWNTgrZVNhVHcxNjZueXc5b0hzXC9qNCIsIm1hYyI6ImJiNDM0MmFhMGU4ODE4N2MxYjAzY2Q2MzA3MDQyZmE4OGExMjdlOGQxNThjNDYxOGQzZGM2MDA5NzNiZTkxNTMifQ==
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IlVrTFJFZHozSzFcL1N5NWtRcG1kUThnPT0iLCJ2YWx1ZSI6IkxJV0Y2S3ZTdlBHXC84MnpKeThGalR2aEdQejNXQzU5a1FoTjR4S1k3NE9cL09tZ2xpVyt4OXdOWnR0SXY4V2Fzd0Uzd3lYZnhZcGtrWTVQYktQZVl2R0l1aGp5T1N0R1dWS3JLNG8rSjZlR1NNTWN6MkpsamZqS012OGtBRjl1SGoiLCJtYWMiOiJlMDIxMGE3OTkzYWZjYjY5NGNhMWFjYTljOTZhMDBhNmE0NTRjNGYzZTFhMDI3ZGFmYTU4MTMxODZlNzM0ZDFkIn0%3D; XSRF-TOKEN=eyJpdiI6IlM2dDROS1BiNllCXC8yY0l2dXJ4QlZRPT0iLCJ2YWx1ZSI6IndBbG92RjgrMDh5eVFjYnlqSzdLMU1TdnBFYXlJcEVnZVJCbGF4ZEF5SFVDWURwc3E2STY0bDVqbTZsWkRxN0hFaGdBeENWcjBjOFp6blZXSGIwM0c0SXpEMTdqdThKOThiNHpoeHpvZlNWNTgrZVNhVHcxNjZueXc5b0hzXC9qNCIsIm1hYyI6ImJiNDM0MmFhMGU4ODE4N2MxYjAzY2Q2MzA3MDQyZmE4OGExMjdlOGQxNThjNDYxOGQzZGM2MDA5NzNiZTkxNTMifQ%3D%3D; PublishedSiteSession=eyJpdiI6IjFhV3laVUJRTVVRRjhQc0JRNU9hRUE9PSIsInZhbHVlIjoibTVUXC9LeSs4c2pFRFdXT01OTkoyYktPSDZPTTVDWE9zMXd0K0lUSWdPV1dSYXFrMHgxbk41elM0d1dRYTZkM01TWkFHTWpYNU5yV1ZGc2xrRHZsSGFBY0xcL2ZlamkydGJadm5Zd2RMSDA5VmkxMTdPbEtFbk5cL05SYUhcLzQ2WkFEIiwibWFjIjoiMGE1MDEzOWQyOTFiN2Y0NzI5ZmI4NTYyYmYyYTIzMzk1YzU0Njk2NWFlNjhjMjY3NGNjMjMxOTQ1NTdjZGFkOSJ9; _snow_ses.2ae8=*; _snow_id.2ae8=8a0bb2f2-ab7c-437b-b1b6-1e85d8ec85cc.1667056057.1.1667056057.1667056057.82e90e3c-0074-4e2d-a6c2-3d197eff1a4c; _dd_s=rum=1&id=d6e5aa9f-afe5-4668-be46-3e0b6f3f9d8b&created=1667056057391&expire=1667056957391
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sat, 29 Oct 2022 15:07:40 GMT
Set-Cookie: websitespring-xsrf=eyJpdiI6IndPQTc4TUVrcE5kcXFDaHFPV2d6RVE9PSIsInZhbHVlIjoiTWZnZ2ZiRkJscSs2dmtJYjBCOWhnVzh0dnI0U1lYTDgzeENna3c4TTd4bkZNa1dZY1JQOWlcL2l5UTlSSmpXMjVZYXNKUzMrY2Z0MlozRTE0bDV4ZCtKRWRzcDhUZWs2T0FPclBnT2RZVllEbmtRcXhFOEdsUGErOGNkd1BUXC9WUiIsIm1hYyI6IjI1NzRmMWU1MWNhNzM5MDNkZDBkNmIxZTM2MGE3NTVhNzA1NDY4NmRlMjlkNGEwODk3NTFkYzFhMDRiYjI3NDkifQ%3D%3D; expires=Sat, 12-Nov-2022 15:07:40 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IlQyQW1BXC9qb2FIbmMrZG5JeUNrbStRPT0iLCJ2YWx1ZSI6IkxmaW1uXC9Sc1FYaUg4UGJGenhNUVpUMEVpa3lJU1dsdm5rMGhZMjM4KzR6YXVMXC9DNXFSWUp4Q3phR0pFcXNPWVhrTzV6SVhDN0tZK0lLWlhFSk9nNDJZdkVMXC9xNEhBSFdRb3VYUEgrR2VTSGNnUmF2RjFPUDRIa0xCU0tGZmRNIiwibWFjIjoiN2M0MDFiNTdhYzAwMWY2ZDUzZDdlMzVhMjc0MzIxODFlOGJkMzRlYzMxMDI2YzBlNWE1MzVhNmE4YjBiNGE1NiJ9; expires=Sat, 12-Nov-2022 15:07:40 GMT; Max-Age=1209600; path=/
X-Host: blu73.sf2p.intern.weebly.net
X-Revision: df06de977c5f034602842c92083bb7c84a9505b8
X-Request-ID: 5d8b20385c0118fcfca6e4d697a0903a
Content-Encoding: gzip
my-business-107111.square.site/square.ico
199.34.228.39200 OK 6.5 kB URL HTTP/1.1 my-business-107111.square.site/square.ico
IP 199.34.228.39:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash d810985ef4dc1c0bd5811e36d13c8ca3
2b45bb77c68c937af6a2d9854dc82301526473aa
770e0889aefd823056c7cdbb066a445be0f0754c1b4d4cba877e120fdbcb63e6
Analyzer Verdict Alert openphish AOL Inc.
GET /square.ico HTTP/1.1
Host: my-business-107111.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IlVrTFJFZHozSzFcL1N5NWtRcG1kUThnPT0iLCJ2YWx1ZSI6IkxJV0Y2S3ZTdlBHXC84MnpKeThGalR2aEdQejNXQzU5a1FoTjR4S1k3NE9cL09tZ2xpVyt4OXdOWnR0SXY4V2Fzd0Uzd3lYZnhZcGtrWTVQYktQZVl2R0l1aGp5T1N0R1dWS3JLNG8rSjZlR1NNTWN6MkpsamZqS012OGtBRjl1SGoiLCJtYWMiOiJlMDIxMGE3OTkzYWZjYjY5NGNhMWFjYTljOTZhMDBhNmE0NTRjNGYzZTFhMDI3ZGFmYTU4MTMxODZlNzM0ZDFkIn0%3D; XSRF-TOKEN=eyJpdiI6IlM2dDROS1BiNllCXC8yY0l2dXJ4QlZRPT0iLCJ2YWx1ZSI6IndBbG92RjgrMDh5eVFjYnlqSzdLMU1TdnBFYXlJcEVnZVJCbGF4ZEF5SFVDWURwc3E2STY0bDVqbTZsWkRxN0hFaGdBeENWcjBjOFp6blZXSGIwM0c0SXpEMTdqdThKOThiNHpoeHpvZlNWNTgrZVNhVHcxNjZueXc5b0hzXC9qNCIsIm1hYyI6ImJiNDM0MmFhMGU4ODE4N2MxYjAzY2Q2MzA3MDQyZmE4OGExMjdlOGQxNThjNDYxOGQzZGM2MDA5NzNiZTkxNTMifQ%3D%3D; PublishedSiteSession=eyJpdiI6IjFhV3laVUJRTVVRRjhQc0JRNU9hRUE9PSIsInZhbHVlIjoibTVUXC9LeSs4c2pFRFdXT01OTkoyYktPSDZPTTVDWE9zMXd0K0lUSWdPV1dSYXFrMHgxbk41elM0d1dRYTZkM01TWkFHTWpYNU5yV1ZGc2xrRHZsSGFBY0xcL2ZlamkydGJadm5Zd2RMSDA5VmkxMTdPbEtFbk5cL05SYUhcLzQ2WkFEIiwibWFjIjoiMGE1MDEzOWQyOTFiN2Y0NzI5ZmI4NTYyYmYyYTIzMzk1YzU0Njk2NWFlNjhjMjY3NGNjMjMxOTQ1NTdjZGFkOSJ9; _snow_ses.2ae8=*; _snow_id.2ae8=8a0bb2f2-ab7c-437b-b1b6-1e85d8ec85cc.1667056057.1.1667056057.1667056057.82e90e3c-0074-4e2d-a6c2-3d197eff1a4c; _dd_s=rum=1&id=d6e5aa9f-afe5-4668-be46-3e0b6f3f9d8b&created=1667056057391&expire=1667056957391
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 29 Oct 2022 15:07:41 GMT
Content-Type: image/x-icon
Content-Length: 6518
Connection: keep-alive
Last-Modified: Tue, 02 Apr 2019 14:51:59 GMT
x-rgw-object-type: Normal
ETag: "d810985ef4dc1c0bd5811e36d13c8ca3"
x-amz-request-id: tx000000000000001ac6ae5-00628473fa-b9fbc64-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu73.sf2p.intern.weebly.net
X-Revision: df06de977c5f034602842c92083bb7c84a9505b8
X-Request-ID: a5a0cede2d3b6620513237ac5b58ae02
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 2436
Origin: https://my-business-107111.square.site
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 29 Oct 2022 15:07:41 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c; Expires=Sun, 29 Oct 2023 15:07:41 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://my-business-107111.square.site
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dbee074a4378377a5e404cab9b3d3eb8
498fbbfa5704e168905e997b98cf107e75b51733
ddbb74e7c0b8be624cf25dab9d0d51330ab2a54ddc682b0b193e59b3bed97ef2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4424
Cache-Control: max-age=146557
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 15:07:41 GMT
Etag: "635cc9f2-1d7"
Expires: Mon, 31 Oct 2022 07:50:18 GMT
Last-Modified: Sat, 29 Oct 2022 06:36:34 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1894
Origin: https://my-business-107111.square.site
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 29 Oct 2022 15:07:41 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c; Expires=Sun, 29 Oct 2023 15:07:41 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://my-business-107111.square.site
access-control-allow-credentials: true
X-Firefox-Spdy: h2
my-business-107111.square.site/uploads/b/271891c4e5f77a50700587389c6ab3d5c530d4ba43252c53b743dd8c64d64c1e/aol-logo-black-v.0.0.2_1666110955.png?width=400
199.34.228.39200 OK 5.3 kB URL HTTP/1.1 my-business-107111.square.site/uploads/b/271891c4e5f77a50700587389c6ab3d5c530d4ba43252c53b743dd8c64d64c1e/aol-logo-black-v.0.0.2_1666110955.png?width=400
IP 199.34.228.39:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0e3dddb1edec880652943ae11310fb1a
4b3ba62bd886fa3e92e787c6558018da83c82abd
c0d11e6b5b0b7726072b05af8d1a306571e3f7aa92b1160cbba16a289287ce00
GET /uploads/b/271891c4e5f77a50700587389c6ab3d5c530d4ba43252c53b743dd8c64d64c1e/aol-logo-black-v.0.0.2_1666110955.png?width=400 HTTP/1.1
Host: my-business-107111.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IlVrTFJFZHozSzFcL1N5NWtRcG1kUThnPT0iLCJ2YWx1ZSI6IkxJV0Y2S3ZTdlBHXC84MnpKeThGalR2aEdQejNXQzU5a1FoTjR4S1k3NE9cL09tZ2xpVyt4OXdOWnR0SXY4V2Fzd0Uzd3lYZnhZcGtrWTVQYktQZVl2R0l1aGp5T1N0R1dWS3JLNG8rSjZlR1NNTWN6MkpsamZqS012OGtBRjl1SGoiLCJtYWMiOiJlMDIxMGE3OTkzYWZjYjY5NGNhMWFjYTljOTZhMDBhNmE0NTRjNGYzZTFhMDI3ZGFmYTU4MTMxODZlNzM0ZDFkIn0%3D; XSRF-TOKEN=eyJpdiI6IlQyQW1BXC9qb2FIbmMrZG5JeUNrbStRPT0iLCJ2YWx1ZSI6IkxmaW1uXC9Sc1FYaUg4UGJGenhNUVpUMEVpa3lJU1dsdm5rMGhZMjM4KzR6YXVMXC9DNXFSWUp4Q3phR0pFcXNPWVhrTzV6SVhDN0tZK0lLWlhFSk9nNDJZdkVMXC9xNEhBSFdRb3VYUEgrR2VTSGNnUmF2RjFPUDRIa0xCU0tGZmRNIiwibWFjIjoiN2M0MDFiNTdhYzAwMWY2ZDUzZDdlMzVhMjc0MzIxODFlOGJkMzRlYzMxMDI2YzBlNWE1MzVhNmE4YjBiNGE1NiJ9; PublishedSiteSession=eyJpdiI6IjFhV3laVUJRTVVRRjhQc0JRNU9hRUE9PSIsInZhbHVlIjoibTVUXC9LeSs4c2pFRFdXT01OTkoyYktPSDZPTTVDWE9zMXd0K0lUSWdPV1dSYXFrMHgxbk41elM0d1dRYTZkM01TWkFHTWpYNU5yV1ZGc2xrRHZsSGFBY0xcL2ZlamkydGJadm5Zd2RMSDA5VmkxMTdPbEtFbk5cL05SYUhcLzQ2WkFEIiwibWFjIjoiMGE1MDEzOWQyOTFiN2Y0NzI5ZmI4NTYyYmYyYTIzMzk1YzU0Njk2NWFlNjhjMjY3NGNjMjMxOTQ1NTdjZGFkOSJ9; _snow_ses.2ae8=*; _snow_id.2ae8=8a0bb2f2-ab7c-437b-b1b6-1e85d8ec85cc.1667056057.1.1667056059.1667056057.82e90e3c-0074-4e2d-a6c2-3d197eff1a4c; _dd_s=rum=1&id=d6e5aa9f-afe5-4668-be46-3e0b6f3f9d8b&created=1667056057391&expire=1667056957391; websitespring-xsrf=eyJpdiI6IndPQTc4TUVrcE5kcXFDaHFPV2d6RVE9PSIsInZhbHVlIjoiTWZnZ2ZiRkJscSs2dmtJYjBCOWhnVzh0dnI0U1lYTDgzeENna3c4TTd4bkZNa1dZY1JQOWlcL2l5UTlSSmpXMjVZYXNKUzMrY2Z0MlozRTE0bDV4ZCtKRWRzcDhUZWs2T0FPclBnT2RZVllEbmtRcXhFOEdsUGErOGNkd1BUXC9WUiIsIm1hYyI6IjI1NzRmMWU1MWNhNzM5MDNkZDBkNmIxZTM2MGE3NTVhNzA1NDY4NmRlMjlkNGEwODk3NTFkYzFhMDRiYjI3NDkifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 29 Oct 2022 15:07:41 GMT
Content-Type: image/webp
Content-Length: 5278
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "uO672EXaapoAUJB6ZOWsmIe3MxAoNsnnH1NCcuqsFgQ"
Fastly-Io-Info: ifsz=16340 idim=782x313 ifmt=png ofsz=5278 odim=400x160 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx000000000000002361bab-006284f306-b9fbc64-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: zf3e2
X-Storage-Object: f3e22262b472ee52e51e9f053856daf9a3f7ce59dd66d51f201f1ee7faaf5690
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 2246
X-Served-By: cache-sjc10079-SJC, cache-pao17427-PAO
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
X-Timer: S1667056062.582307,VS0,VE1
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn137.sf2p.intern.weebly.net
my-business-107111.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
199.34.228.39200 OK 79 B URL HTTP/1.1 my-business-107111.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
IP 199.34.228.39:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 26e70d9925604cbe0c7e866fc54d87f4
ef5b3fb91cf2534cbf57806d14b21f0a5ae5c259
c0e7b562566962eced45cdf3319b692c55f3df7c3c6d39436a9d21bae2d2e049
Analyzer Verdict Alert openphish AOL Inc.
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable] HTTP/1.1
Host: my-business-107111.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6IlQyQW1BXC9qb2FIbmMrZG5JeUNrbStRPT0iLCJ2YWx1ZSI6IkxmaW1uXC9Sc1FYaUg4UGJGenhNUVpUMEVpa3lJU1dsdm5rMGhZMjM4KzR6YXVMXC9DNXFSWUp4Q3phR0pFcXNPWVhrTzV6SVhDN0tZK0lLWlhFSk9nNDJZdkVMXC9xNEhBSFdRb3VYUEgrR2VTSGNnUmF2RjFPUDRIa0xCU0tGZmRNIiwibWFjIjoiN2M0MDFiNTdhYzAwMWY2ZDUzZDdlMzVhMjc0MzIxODFlOGJkMzRlYzMxMDI2YzBlNWE1MzVhNmE4YjBiNGE1NiJ9
Content-Length: 77
Origin: https://my-business-107111.square.site
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IlVrTFJFZHozSzFcL1N5NWtRcG1kUThnPT0iLCJ2YWx1ZSI6IkxJV0Y2S3ZTdlBHXC84MnpKeThGalR2aEdQejNXQzU5a1FoTjR4S1k3NE9cL09tZ2xpVyt4OXdOWnR0SXY4V2Fzd0Uzd3lYZnhZcGtrWTVQYktQZVl2R0l1aGp5T1N0R1dWS3JLNG8rSjZlR1NNTWN6MkpsamZqS012OGtBRjl1SGoiLCJtYWMiOiJlMDIxMGE3OTkzYWZjYjY5NGNhMWFjYTljOTZhMDBhNmE0NTRjNGYzZTFhMDI3ZGFmYTU4MTMxODZlNzM0ZDFkIn0%3D; XSRF-TOKEN=eyJpdiI6IlQyQW1BXC9qb2FIbmMrZG5JeUNrbStRPT0iLCJ2YWx1ZSI6IkxmaW1uXC9Sc1FYaUg4UGJGenhNUVpUMEVpa3lJU1dsdm5rMGhZMjM4KzR6YXVMXC9DNXFSWUp4Q3phR0pFcXNPWVhrTzV6SVhDN0tZK0lLWlhFSk9nNDJZdkVMXC9xNEhBSFdRb3VYUEgrR2VTSGNnUmF2RjFPUDRIa0xCU0tGZmRNIiwibWFjIjoiN2M0MDFiNTdhYzAwMWY2ZDUzZDdlMzVhMjc0MzIxODFlOGJkMzRlYzMxMDI2YzBlNWE1MzVhNmE4YjBiNGE1NiJ9; PublishedSiteSession=eyJpdiI6IjFhV3laVUJRTVVRRjhQc0JRNU9hRUE9PSIsInZhbHVlIjoibTVUXC9LeSs4c2pFRFdXT01OTkoyYktPSDZPTTVDWE9zMXd0K0lUSWdPV1dSYXFrMHgxbk41elM0d1dRYTZkM01TWkFHTWpYNU5yV1ZGc2xrRHZsSGFBY0xcL2ZlamkydGJadm5Zd2RMSDA5VmkxMTdPbEtFbk5cL05SYUhcLzQ2WkFEIiwibWFjIjoiMGE1MDEzOWQyOTFiN2Y0NzI5ZmI4NTYyYmYyYTIzMzk1YzU0Njk2NWFlNjhjMjY3NGNjMjMxOTQ1NTdjZGFkOSJ9; _snow_ses.2ae8=*; _snow_id.2ae8=8a0bb2f2-ab7c-437b-b1b6-1e85d8ec85cc.1667056057.1.1667056059.1667056057.82e90e3c-0074-4e2d-a6c2-3d197eff1a4c; _dd_s=rum=1&id=d6e5aa9f-afe5-4668-be46-3e0b6f3f9d8b&created=1667056057391&expire=1667056957391; websitespring-xsrf=eyJpdiI6IndPQTc4TUVrcE5kcXFDaHFPV2d6RVE9PSIsInZhbHVlIjoiTWZnZ2ZiRkJscSs2dmtJYjBCOWhnVzh0dnI0U1lYTDgzeENna3c4TTd4bkZNa1dZY1JQOWlcL2l5UTlSSmpXMjVZYXNKUzMrY2Z0MlozRTE0bDV4ZCtKRWRzcDhUZWs2T0FPclBnT2RZVllEbmtRcXhFOEdsUGErOGNkd1BUXC9WUiIsIm1hYyI6IjI1NzRmMWU1MWNhNzM5MDNkZDBkNmIxZTM2MGE3NTVhNzA1NDY4NmRlMjlkNGEwODk3NTFkYzFhMDRiYjI3NDkifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 15:07:41 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu138.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 79
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
my-business-107111.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
199.34.228.39200 OK 182 B URL HTTP/1.1 my-business-107111.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
IP 199.34.228.39:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6f6b6b81dd3714cd388808342e960a10
f34bc92a2c7a4dfe56bd6f069ad601e6a61e3b61
2eb22bb7b96aaee11236fcf99e822ede29d3a2ddf2d6f019bb70005b5a1540ef
Analyzer Verdict Alert openphish AOL Inc.
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder] HTTP/1.1
Host: my-business-107111.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6IlQyQW1BXC9qb2FIbmMrZG5JeUNrbStRPT0iLCJ2YWx1ZSI6IkxmaW1uXC9Sc1FYaUg4UGJGenhNUVpUMEVpa3lJU1dsdm5rMGhZMjM4KzR6YXVMXC9DNXFSWUp4Q3phR0pFcXNPWVhrTzV6SVhDN0tZK0lLWlhFSk9nNDJZdkVMXC9xNEhBSFdRb3VYUEgrR2VTSGNnUmF2RjFPUDRIa0xCU0tGZmRNIiwibWFjIjoiN2M0MDFiNTdhYzAwMWY2ZDUzZDdlMzVhMjc0MzIxODFlOGJkMzRlYzMxMDI2YzBlNWE1MzVhNmE4YjBiNGE1NiJ9
Content-Length: 89
Origin: https://my-business-107111.square.site
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IlVrTFJFZHozSzFcL1N5NWtRcG1kUThnPT0iLCJ2YWx1ZSI6IkxJV0Y2S3ZTdlBHXC84MnpKeThGalR2aEdQejNXQzU5a1FoTjR4S1k3NE9cL09tZ2xpVyt4OXdOWnR0SXY4V2Fzd0Uzd3lYZnhZcGtrWTVQYktQZVl2R0l1aGp5T1N0R1dWS3JLNG8rSjZlR1NNTWN6MkpsamZqS012OGtBRjl1SGoiLCJtYWMiOiJlMDIxMGE3OTkzYWZjYjY5NGNhMWFjYTljOTZhMDBhNmE0NTRjNGYzZTFhMDI3ZGFmYTU4MTMxODZlNzM0ZDFkIn0%3D; XSRF-TOKEN=eyJpdiI6IlQyQW1BXC9qb2FIbmMrZG5JeUNrbStRPT0iLCJ2YWx1ZSI6IkxmaW1uXC9Sc1FYaUg4UGJGenhNUVpUMEVpa3lJU1dsdm5rMGhZMjM4KzR6YXVMXC9DNXFSWUp4Q3phR0pFcXNPWVhrTzV6SVhDN0tZK0lLWlhFSk9nNDJZdkVMXC9xNEhBSFdRb3VYUEgrR2VTSGNnUmF2RjFPUDRIa0xCU0tGZmRNIiwibWFjIjoiN2M0MDFiNTdhYzAwMWY2ZDUzZDdlMzVhMjc0MzIxODFlOGJkMzRlYzMxMDI2YzBlNWE1MzVhNmE4YjBiNGE1NiJ9; PublishedSiteSession=eyJpdiI6IjFhV3laVUJRTVVRRjhQc0JRNU9hRUE9PSIsInZhbHVlIjoibTVUXC9LeSs4c2pFRFdXT01OTkoyYktPSDZPTTVDWE9zMXd0K0lUSWdPV1dSYXFrMHgxbk41elM0d1dRYTZkM01TWkFHTWpYNU5yV1ZGc2xrRHZsSGFBY0xcL2ZlamkydGJadm5Zd2RMSDA5VmkxMTdPbEtFbk5cL05SYUhcLzQ2WkFEIiwibWFjIjoiMGE1MDEzOWQyOTFiN2Y0NzI5ZmI4NTYyYmYyYTIzMzk1YzU0Njk2NWFlNjhjMjY3NGNjMjMxOTQ1NTdjZGFkOSJ9; _snow_ses.2ae8=*; _snow_id.2ae8=8a0bb2f2-ab7c-437b-b1b6-1e85d8ec85cc.1667056057.1.1667056059.1667056057.82e90e3c-0074-4e2d-a6c2-3d197eff1a4c; _dd_s=rum=1&id=d6e5aa9f-afe5-4668-be46-3e0b6f3f9d8b&created=1667056057391&expire=1667056957391; websitespring-xsrf=eyJpdiI6IndPQTc4TUVrcE5kcXFDaHFPV2d6RVE9PSIsInZhbHVlIjoiTWZnZ2ZiRkJscSs2dmtJYjBCOWhnVzh0dnI0U1lYTDgzeENna3c4TTd4bkZNa1dZY1JQOWlcL2l5UTlSSmpXMjVZYXNKUzMrY2Z0MlozRTE0bDV4ZCtKRWRzcDhUZWs2T0FPclBnT2RZVllEbmtRcXhFOEdsUGErOGNkd1BUXC9WUiIsIm1hYyI6IjI1NzRmMWU1MWNhNzM5MDNkZDBkNmIxZTM2MGE3NTVhNzA1NDY4NmRlMjlkNGEwODk3NTFkYzFhMDRiYjI3NDkifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 15:07:41 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn148.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 182
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-df06de9&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=610d5a4f-c5cd-4221-a99f-69c39f5553d4&batch_time=1667056059018
3.233.149.200202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-df06de9&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=610d5a4f-c5cd-4221-a99f-69c39f5553d4&batch_time=1667056059018
IP 3.233.149.200:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c9f35931b14df3de664a9a54060db539
bc3784c10dd69c5fd0fcb04023e8332e69a625f1
db50cbdce6b895c4730dc990a1f9d123a14ba2cde9f695652b21325af038a416
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-df06de9&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=610d5a4f-c5cd-4221-a99f-69c39f5553d4&batch_time=1667056059018 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15905
Origin: https://my-business-107111.square.site
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Sat, 29 Oct 2022 15:07:41 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-df06de9&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=ac2112cd-9be0-4cd6-98df-40cb1130787b&batch_time=1667056058939
3.233.149.200202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-df06de9&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=ac2112cd-9be0-4cd6-98df-40cb1130787b&batch_time=1667056058939
IP 3.233.149.200:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7c87ad5fe42a94174ea0afaeb2d241d4
bfd954dbf3f3bf1d79aa078b461171f3e0a34f00
f6c51b28eb8e330507447803293e5fe9191174aedc84245ce728cf849beb7d65
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-df06de9&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=ac2112cd-9be0-4cd6-98df-40cb1130787b&batch_time=1667056058939 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15832
Origin: https://my-business-107111.square.site
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Sat, 29 Oct 2022 15:07:41 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
my-business-107111.square.site/app/website/square.ico
199.34.228.39200 OK 6.5 kB URL HTTP/1.1 my-business-107111.square.site/app/website/square.ico
IP 199.34.228.39:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash d810985ef4dc1c0bd5811e36d13c8ca3
2b45bb77c68c937af6a2d9854dc82301526473aa
770e0889aefd823056c7cdbb066a445be0f0754c1b4d4cba877e120fdbcb63e6
Analyzer Verdict Alert openphish AOL Inc.
GET /app/website/square.ico HTTP/1.1
Host: my-business-107111.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my-business-107111.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IlVrTFJFZHozSzFcL1N5NWtRcG1kUThnPT0iLCJ2YWx1ZSI6IkxJV0Y2S3ZTdlBHXC84MnpKeThGalR2aEdQejNXQzU5a1FoTjR4S1k3NE9cL09tZ2xpVyt4OXdOWnR0SXY4V2Fzd0Uzd3lYZnhZcGtrWTVQYktQZVl2R0l1aGp5T1N0R1dWS3JLNG8rSjZlR1NNTWN6MkpsamZqS012OGtBRjl1SGoiLCJtYWMiOiJlMDIxMGE3OTkzYWZjYjY5NGNhMWFjYTljOTZhMDBhNmE0NTRjNGYzZTFhMDI3ZGFmYTU4MTMxODZlNzM0ZDFkIn0%3D; XSRF-TOKEN=eyJpdiI6IlQyQW1BXC9qb2FIbmMrZG5JeUNrbStRPT0iLCJ2YWx1ZSI6IkxmaW1uXC9Sc1FYaUg4UGJGenhNUVpUMEVpa3lJU1dsdm5rMGhZMjM4KzR6YXVMXC9DNXFSWUp4Q3phR0pFcXNPWVhrTzV6SVhDN0tZK0lLWlhFSk9nNDJZdkVMXC9xNEhBSFdRb3VYUEgrR2VTSGNnUmF2RjFPUDRIa0xCU0tGZmRNIiwibWFjIjoiN2M0MDFiNTdhYzAwMWY2ZDUzZDdlMzVhMjc0MzIxODFlOGJkMzRlYzMxMDI2YzBlNWE1MzVhNmE4YjBiNGE1NiJ9; PublishedSiteSession=eyJpdiI6IjFhV3laVUJRTVVRRjhQc0JRNU9hRUE9PSIsInZhbHVlIjoibTVUXC9LeSs4c2pFRFdXT01OTkoyYktPSDZPTTVDWE9zMXd0K0lUSWdPV1dSYXFrMHgxbk41elM0d1dRYTZkM01TWkFHTWpYNU5yV1ZGc2xrRHZsSGFBY0xcL2ZlamkydGJadm5Zd2RMSDA5VmkxMTdPbEtFbk5cL05SYUhcLzQ2WkFEIiwibWFjIjoiMGE1MDEzOWQyOTFiN2Y0NzI5ZmI4NTYyYmYyYTIzMzk1YzU0Njk2NWFlNjhjMjY3NGNjMjMxOTQ1NTdjZGFkOSJ9; _snow_ses.2ae8=*; _snow_id.2ae8=8a0bb2f2-ab7c-437b-b1b6-1e85d8ec85cc.1667056057.1.1667056059.1667056057.82e90e3c-0074-4e2d-a6c2-3d197eff1a4c; _dd_s=rum=1&id=d6e5aa9f-afe5-4668-be46-3e0b6f3f9d8b&created=1667056057391&expire=1667056957391; websitespring-xsrf=eyJpdiI6IndPQTc4TUVrcE5kcXFDaHFPV2d6RVE9PSIsInZhbHVlIjoiTWZnZ2ZiRkJscSs2dmtJYjBCOWhnVzh0dnI0U1lYTDgzeENna3c4TTd4bkZNa1dZY1JQOWlcL2l5UTlSSmpXMjVZYXNKUzMrY2Z0MlozRTE0bDV4ZCtKRWRzcDhUZWs2T0FPclBnT2RZVllEbmtRcXhFOEdsUGErOGNkd1BUXC9WUiIsIm1hYyI6IjI1NzRmMWU1MWNhNzM5MDNkZDBkNmIxZTM2MGE3NTVhNzA1NDY4NmRlMjlkNGEwODk3NTFkYzFhMDRiYjI3NDkifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 29 Oct 2022 15:07:41 GMT
Content-Type: image/x-icon
Content-Length: 6518
Connection: keep-alive
Last-Modified: Tue, 02 Apr 2019 14:51:59 GMT
x-rgw-object-type: Normal
ETag: "d810985ef4dc1c0bd5811e36d13c8ca3"
x-amz-request-id: tx000000000000001aa728b-00628473fa-b9fbc7f-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu137.sf2p.intern.weebly.net
X-Revision: df06de977c5f034602842c92083bb7c84a9505b8
X-Request-ID: 4ba7fdad3e6dff32608ca67aadb61eda