r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11009
Expires: Sat, 12 Nov 2022 18:23:47 GMT
Date: Sat, 12 Nov 2022 15:20:18 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash de470c6bab46e7c4b7cc69f392900fe7
189e4dcc4c2b8bf1f050e06bd68bce8a99618918
86f57134ddebd23a25615dc4d59c4b1ca8919e3e0495e1f006cbe7c0f39aa27e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5188
Cache-Control: max-age=160645
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 15:20:18 GMT
Etag: "636f75f3-1d7"
Expires: Mon, 14 Nov 2022 11:57:43 GMT
Last-Modified: Sat, 12 Nov 2022 10:31:15 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 14:44:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2165
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5076aaa9f4ccd602540286ce0590cb9a
bbf7936a8413a564478971d9e19beb6338cbc869
00e3b967c579b0ccf709b78d497a43d95646b16eb50925fef1e2694c58f290b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00E3B967C579B0CCF709B78D497A43D95646B16EB50925FEF1E2694C58F290B2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9515
Expires: Sat, 12 Nov 2022 17:58:53 GMT
Date: Sat, 12 Nov 2022 15:20:18 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: maQqCbnheCRIRqrXTKISUp4fIjpJ87pszzhYazm4XezULgatDtlVpqLn3KOn5+U9Dti1tVNef6c=
x-amz-request-id: YHSPKFP5PQTKJ8Q2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 14:50:17 GMT
age: 1801
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
aol-104542-1076120000.weeblysite.com/
199.34.228.96302 Found 422 B URL HTTP/1.1 aol-104542-1076120000.weeblysite.com/
IP 199.34.228.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d038ec8922b95879162b4e65ece5b4ec
7fcc2097544c959d22b5fa18c9339a1b92f4207b
10d406acf480d6499c7a188164a9caeac148c20d51bdb786a7c64dd77afddce2
Analyzer Verdict Alert openphish AOL Inc.
fortinet Phishing
GET / HTTP/1.1
Host: aol-104542-1076120000.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Sat, 12 Nov 2022 15:20:18 GMT
Location: https://aol-104542-1076120000.weeblysite.com
Set-Cookie: publishedsite-xsrf=eyJpdiI6Ik1lOGNFZyt2UmJmOVBWRUtcLzM4VGF3PT0iLCJ2YWx1ZSI6IlhtZWNsTG9raXNcL2w0ZW1uelwvcnlGRkdYZUJuZ1FXQUlONFZUVGVxZUdMK2p0XC90eG8wOTk5aXhiM0hqeGRhSVJETTFzelwvNlwvRm1JbE13cTVQNWhHeERrTFQzVnFKMnJJV0N4RHlveXY1eW9adUw1S0xjUnNzMXNjaHVNQVpZVzYiLCJtYWMiOiIyYzMwMTk3YTZhZmEwNjA3NmUyODkxYzlhYTY4YWJjMWJlYWNmZWEwYjI4NzBkOWY2N2ViZDFlN2JiYjE4ZGVlIn0%3D; expires=Sat, 26-Nov-2022 15:20:18 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6Ik42bVo1eThSTmpMempldVdDT3JrZXc9PSIsInZhbHVlIjoiVk9JR0x2bVV1Y3lPYkd6RVU3Z2dlTE5aN2dXQTFjWGZZMnpLeSs5YW03cnVNNTFrRzNVZkl6OStXU05sR0RIRGFlU0RWOXZtUlZBY2ZCUENWcjNSeU5mY0Y4WTQ1VXNWdlwvbDV3SW1NWUI3eEF4VWlnZDJHXC9ydUJ0RkNPNFpBaCIsIm1hYyI6IjUwZWUyYWY2NmMzM2Y1OTdmYjBlMDU0NDZhMzA5OTkwMjQzY2E5MTgxZGFkNTM5NzVlNjQ1YjNmMWY4NzQ0NjkifQ%3D%3D; expires=Sat, 26-Nov-2022 15:20:18 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6InFvOFwvK05rS3pjNmdDT1FcL1d5TFl3Zz09IiwidmFsdWUiOiJ3SEpcLzV6SjNodXVvRzJ0Wmo3WmZGR2txQU9GZ2hzZmtJN3JNMFAwaDVFb1wvMGVFMVJ0QkliVlJnSFlmcXZLbTVmTEFsbkZhYmo3XC9TMHY1cUtUNHpDNXNoK25xMkpuRGdQeWFtakQ1OVhMaUpFdFpHNG9FM01XZ09zSSt6VjFsUiIsIm1hYyI6IjIxMzc2NDU4MjFmZDUwN2UyOWY2MDJkNWY3YWVjY2NmODcxM2IyNzkzNTEwMjU0YjFiODFmZDBmNGY1M2ZlNmMifQ%3D%3D; expires=Sat, 26-Nov-2022 15:20:18 GMT; Max-Age=1209600; path=/; httponly
X-Host: blu150.sf2p.intern.weebly.net
X-Revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
X-Request-ID: a72b48b4abedc2260847d138b7e1ed0e
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 15:20:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 14:25:00 GMT
cache-control: public,max-age=3600
age: 3319
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash afca4f3ad8046bcc5f3bad9236808210
2c8a578e18a378a706b6e5a23f77e29c837a4e83
3079e2b4f36e00b28cddcb85fb3f2958269ea5294bf80486743c20eef8fb904c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2744
Cache-Control: max-age=167211
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 15:20:19 GMT
Etag: "636f9926-1d7"
Expires: Mon, 14 Nov 2022 13:47:10 GMT
Last-Modified: Sat, 12 Nov 2022 13:01:26 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ae51f1958554de4457c22a7d5a9ba8b6
173e90a8c6ee36b7ec569dbea47436a90d7e7c76
dc43a04e1e26243f63a8e628f2ebcb23a9527fd4bc40dc6d1d61879b0f95bb21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5207
Cache-Control: max-age=155600
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 15:20:19 GMT
Etag: "636f622c-1d7"
Expires: Mon, 14 Nov 2022 10:33:39 GMT
Last-Modified: Sat, 12 Nov 2022 09:06:52 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
aol-104542-1076120000.weeblysite.com/
199.34.228.96200 OK 8.6 kB URL HTTP/1.1 aol-104542-1076120000.weeblysite.com/
IP 199.34.228.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (18213)
Hash ecbe3eed03110f03623e93c2af765ddf
80ddb099e7b8530dcfd925fc8eda0c9901e97658
569e4757d3e7a90d90ab2b46ceb60d64d6c90608eb97344f8ace1735e6255fb4
Analyzer Verdict Alert openphish AOL Inc.
fortinet Phishing
GET / HTTP/1.1
Host: aol-104542-1076120000.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sat, 12 Nov 2022 15:20:11 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6IitjMWl5UG5WN2R1Z2ttRlpJZ1g0V2c9PSIsInZhbHVlIjoiODBSdDJWV0hSVFZSNzgyeW9mNG1oNVZVb3F2V3h1cFhZMGpHUExPUjI5OW9UY1ZNSkFKM3JzMnVDdUNFaFE1MVwvM050Z1dIQmlEY3RabmgrVjJPcjcrRVczSGJRaFJWYklYd2plbkZVODV4SlJUam1cL1lNZ1wvUmRicWFORUpQUnUiLCJtYWMiOiIzNWU1YWU3NTkyYjg2MDZiOWMyNjRkYmEzMjYxM2NmMzllMTFjOGJjZTE4OTViY2I4MDAyYzFmODY1Y2U1NWUxIn0%3D; expires=Sat, 26-Nov-2022 15:20:19 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6ImpIeURBNWV4Q0pGbXJ2ZmozZlwvUHNnPT0iLCJ2YWx1ZSI6IjFOOUxEWFhHa3NNMVJqNTJSek1DKzA2TFArQVZ0dlwvNGEwYWlNWEhnTm5HRk1tNE9QeTQwQ21hT2hsSG9ya1UzcGFZQTNYSTV5UkpxdFIwR3VjQVwvaWRCYXpLSlhSMkFBbFo2RlIzMWVTbzBhbVJyOWlsemxoc1JWMUVRQlFOb3ciLCJtYWMiOiI5ZjAxZjM4NGM1MDc0YWJkMjUwOWRlMWM5ODllOWE4N2QzNTJmNDI5YmViOTUzMWUyMDY2NjdiZWNiZjU1OGM5In0%3D; expires=Sat, 26-Nov-2022 15:20:19 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6ImUzQnBKdmtyOEQwWUtabzVHNnVURVE9PSIsInZhbHVlIjoiU1wvRTB0WTBLcEZTSnNOdnNiZzRyWDV0N1J4V0JQZ0FWZWhlSWpmSXlXd1llUWo5TTc0RmxpUk1udVNmbEhZenNJMytuem96OXB3ODZHcGM3dDhObTh5SDZLU2hyKzdPVlFlVkUydHJZb2tlTzNwTm1lTTB2cU5OeGdlMGJUbHJUIiwibWFjIjoiNGQ0ZTMwNjBhZGQ3YzUxOWQwNDFiY2QwNjljYThhZjBiODg1MmY5M2Q0OWNiZDBiMjI5MTUxNGRmNDAwMzgxYiJ9; expires=Sat, 26-Nov-2022 15:20:19 GMT; Max-Age=1209600; path=/; httponly
X-Host: grn127.sf2p.intern.weebly.net
X-Revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
X-Request-ID: f9ff4720f1881a5f4e7dba410baa075b
Content-Encoding: gzip
cdn2.editmysite.com/js/wsnbn/snowday262.js
151.101.85.46200 OK 26 kB URL HTTP/2 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (2512)
Hash 234327230add9a5a5d61a48829ea4565
7966cc0e4bd76f88ff193c8a99a067de804b7129
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aol-104542-1076120000.weeblysite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 00:31:12 GMT
etag: "636af4d0-124fe"
expires: Thu, 24 Nov 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: grn91.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 12 Nov 2022 15:20:19 GMT
age: 196898
x-served-by: cache-sjc10061-SJC, cache-bma1644-BMA
x-cache: HIT, HIT
x-cache-hits: 49, 2278
x-timer: S1668266420.671483,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25752
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/css/site.1212ec71ad4b7ff5f443.css
151.101.85.46200 OK 24 kB URL HTTP/2 cdn3.editmysite.com/app/website/css/site.1212ec71ad4b7ff5f443.css
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (64930), with no line terminators
Hash 95f18bd4635781a99daed1dd3de8adc1
ac08c18cc726deed47eb6b8f68ec3b5239a2fd91
ef25fa02ff6fba3fa3c90616e1ddbea7d9695867b40a81889074051552b7fff5
GET /app/website/css/site.1212ec71ad4b7ff5f443.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aol-104542-1076120000.weeblysite.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Wed, 09 Nov 2022 21:23:11 GMT
x-rgw-object-type: Normal
etag: W/"c22f38a806467cd0cdff32ec647019f0"
x-amz-request-id: tx00000000000002d07c203-00636c1aa2-c67eadd-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: a80e6919be55cb6d5160dc63fd6f209d3a8ccad7
x-request-id: 6a2fef8e459a38814de85e0dcfa36c62
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 15:20:19 GMT
via: 1.1 varnish
age: 237320
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668266420.669791,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23817
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/css/wcko.577957259b9178e25575.css
151.101.85.46200 OK 23 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/css/wcko.577957259b9178e25575.css
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (64270), with no line terminators
Hash d4a7cac8be5683713ff6e8d0784011f2
e2a97aa958426f4a35d0428ba833ced0c6cc6042
286ee096d03d0f9e94833359780ff046c322ba1ea9be4a432a1ae6a89970ecb5
GET /app/checkout/assets/checkout/css/wcko.577957259b9178e25575.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aol-104542-1076120000.weeblysite.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Wed, 09 Nov 2022 21:41:51 GMT
x-rgw-object-type: Normal
etag: W/"2a31fcbf4eb69762b720ec1ef08544e0"
x-amz-request-id: tx00000000000002d0bf7b3-00636c1f88-c67eadd-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 15:20:19 GMT
via: 1.1 varnish
age: 236035
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668266420.670209,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22873
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.188.211.138101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.188.211.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7ewVoxv0pTxQwxfsx6LSHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xkPjkikxbyqTl1dG9eglVbqhg+k=
cdn3.editmysite.com/app/website/js/runtime.781a48d4ef878d505a99.js
151.101.85.46200 OK 25 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/runtime.781a48d4ef878d505a99.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (51009)
Hash ae2558aec5a35c5c95b859787c0c1f00
b330cdeb6d184bff00037ecc9130a380f843b738
65662652bd1521683e0988d5480320653ac14d8fb7b0bb6acd6af9262c35408e
GET /app/website/js/runtime.781a48d4ef878d505a99.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aol-104542-1076120000.weeblysite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 11 Nov 2022 17:00:53 GMT
x-rgw-object-type: Normal
etag: W/"f9812f245eef923a71c47e8bcfa00743"
x-amz-request-id: tx00000000000002f7789a1-00636e802f-c699baa-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/runtime.781a48d4ef878d505a99.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
x-request-id: 7b282ecbee4502ef08420109c2ee587f
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 15:20:19 GMT
via: 1.1 varnish
age: 80250
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668266420.671677,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24936
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
151.101.85.46200 OK 5.0 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (11882), with no line terminators
Hash 20a4e66f534b80396d40bbc4291b2172
d7c962996f2715d94483be2bf9b644c7185d7ec7
0f19e8ad1c9bd5ae2ae5141f31b4e491bb460558da0ac51cd402964e716880ac
GET /app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aol-104542-1076120000.weeblysite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Mar 2022 18:09:33 GMT
x-rgw-object-type: Normal
etag: W/"40372ca3b0cfa19f4e5d664243108364"
x-amz-request-id: tx00000000000005ce1aaac-0062434bb9-a9f1ce7-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 15:20:19 GMT
via: 1.1 varnish
age: 1874347
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668266420.675036,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4998
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/vue-modules.9bc3531c7b14b533b653.js
151.101.85.46200 OK 72 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/vue-modules.9bc3531c7b14b533b653.js
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (27432)
Hash f4b29141d74cfc31ae87b2379bf827c6
d3cecf2609cbc423e0a59e9cad96c96595fc550c
77ba93a6fbe46719dede0298898f4d896c073a42d0c093179615edf38f1fd0e5
GET /app/website/js/vue-modules.9bc3531c7b14b533b653.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aol-104542-1076120000.weeblysite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Mon, 24 Oct 2022 20:40:22 GMT
x-rgw-object-type: Normal
etag: W/"be42f69ec175a01b6e195526f58dae71"
x-amz-request-id: tx00000000000002109ab7c-006356f891-c695612-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/vue-modules.9bc3531c7b14b533b653.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 1d15aad34e0d20a973977ec67b3bf5090814a6cf
x-request-id: f2d07942d6e3e48efaf38632576a5abf
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 15:20:19 GMT
via: 1.1 varnish
age: 823290
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668266420.672765,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 72192
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/site.53f73facd6e1a6ff4aa0.js
151.101.85.46200 OK 620 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/site.53f73facd6e1a6ff4aa0.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (50436)
Size 620 kB (619555 bytes)
Hash 381bbe29e5e33c7bc71f6de24f08bec7
bbbefc57158a609b32e6cb4b56f07029c340118f
c378d30145f13473aa1a80be9b82cf2628b53779b2c08bbfd035b2b89c745dd4
GET /app/website/js/site.53f73facd6e1a6ff4aa0.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aol-104542-1076120000.weeblysite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Wed, 09 Nov 2022 21:23:13 GMT
x-rgw-object-type: Normal
etag: W/"aed131ca7d403a5cf60232831103e23d"
x-amz-request-id: tx00000000000002dee88f2-00636c1aa2-c669cc6-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/site.53f73facd6e1a6ff4aa0.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 09db0b9815d1fe8dac449ecc2a7da2c932739637
x-request-id: f0de1df07ef42bbcc9bcb3fe321ec4b9
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 15:20:19 GMT
via: 1.1 varnish
age: 237320
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668266420.675345,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 619555
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/locale-imports-map.be14e50d1628faa410488f65362a397d.json
151.101.85.46200 OK 325 B URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/locale-imports-map.be14e50d1628faa410488f65362a397d.json
IP 151.101.85.46:0
File type JSON data\012- , ASCII text, with very long lines (1611), with no line terminators
Hash be5c6eec9cf3e92f8df759e392e01209
e0bff726136f738e6a1fe3e991d9a64dcf46d23a
e630015425b5298e0f7db7e397850913ea94d317beba50978a9df8e8364334ae
GET /app/checkout/assets/checkout/locale-imports-map.be14e50d1628faa410488f65362a397d.json HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aol-104542-1076120000.weeblysite.com/
Origin: https://aol-104542-1076120000.weeblysite.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json
last-modified: Mon, 07 Nov 2022 22:17:43 GMT
etag: W/"63698407-64b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 15:20:19 GMT
via: 1.1 varnish
age: 400986
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668266420.854184,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 325
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/imports.en.ea76aa6c63f36ff196a2a59dfe55769f.js
151.101.85.46200 OK 3.6 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/imports.en.ea76aa6c63f36ff196a2a59dfe55769f.js
IP 151.101.85.46:0
File type JSON data\012- , ASCII text, with very long lines (16751), with no line terminators
Hash f3c3a4e8875d6c2f9ffea217b4a59a1a
71843a18558caf7321e9a0d34b51da993b8dd159
a0c87a07799d8865256fe092a30e91ae5cd4dd70565872d1f6025523de0550c1
GET /app/checkout/assets/checkout/imports.en.ea76aa6c63f36ff196a2a59dfe55769f.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aol-104542-1076120000.weeblysite.com/
Origin: https://aol-104542-1076120000.weeblysite.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Thu, 10 Nov 2022 22:33:48 GMT
x-rgw-object-type: Normal
etag: W/"ea76aa6c63f36ff196a2a59dfe55769f"
x-amz-request-id: tx00000000000002de012e9-00636d7ca5-c6aed46-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/imports.en.ea76aa6c63f36ff196a2a59dfe55769f.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 15:20:19 GMT
via: 1.1 varnish
age: 146695
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668266420.854209,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3555
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.20.226:0
Hash 20154811f15206469962bd0820e2c68f
fd735d7c07ecdd5b230d8f91f7b25e46813b0cf3
8bc878b1856234d7a0102da5f45c25d97b970033ea683419fd2fa8a6554940f3
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 15:20:19 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "08695553A80A671334656810371B08D076CA072D"
Expires: Sun, 13 Nov 2022 02:00:00 GMT
Last-Modified: Sat, 12 Nov 2022 14:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76904043ad2db503-OSL
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.20.226:0
Hash 20154811f15206469962bd0820e2c68f
fd735d7c07ecdd5b230d8f91f7b25e46813b0cf3
8bc878b1856234d7a0102da5f45c25d97b970033ea683419fd2fa8a6554940f3
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 15:20:19 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "08695553A80A671334656810371B08D076CA072D"
Expires: Sun, 13 Nov 2022 02:00:00 GMT
Last-Modified: Sat, 12 Nov 2022 14:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76904043ac320b41-OSL
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 3e129b617cc6866ec6ecd9962f65693b
d6da64f07fe2d7a976e126d7dd7a7def0e858186
11b9d5777b5e292d031d76d8ac0d5674e326dd299dc1c23d5ddaa58f67fcbf8c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101279
Date: Sat, 12 Nov 2022 15:20:20 GMT
Etag: "636e89a8-1d7"
Expires: Sun, 13 Nov 2022 19:28:19 GMT
Last-Modified: Fri, 11 Nov 2022 17:43:04 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RjyLRSBcBstwr4UJrS2Hy_nHUDTxHcaeMs_QjbcfBsgFCv7WAqGtLg==
Age: 6315
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 3e129b617cc6866ec6ecd9962f65693b
d6da64f07fe2d7a976e126d7dd7a7def0e858186
11b9d5777b5e292d031d76d8ac0d5674e326dd299dc1c23d5ddaa58f67fcbf8c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=97167
Date: Sat, 12 Nov 2022 15:20:20 GMT
Etag: "636e89a8-1d7"
Expires: Sun, 13 Nov 2022 18:19:47 GMT
Last-Modified: Fri, 11 Nov 2022 17:43:04 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xQVyjPYAiOO3zAwmDFa0OH4b4Tn8bgLdQuY5sbEOxq8o-sFbLpfSXA==
Age: 2203
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://aol-104542-1076120000.weeblysite.com/
Origin: https://aol-104542-1076120000.weeblysite.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 15:20:20 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://aol-104542-1076120000.weeblysite.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
aol-104542-1076120000.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
199.34.228.96200 OK 224 B URL HTTP/1.1 aol-104542-1076120000.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
IP 199.34.228.96:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 13593f6286d97ef957f443963fe931b8
fd8712c00baba802817d2189ca3ad204ca0cdd7a
4e8bba6a89604ac9c26316b3fc9ad4429053bf28e96ea657f198f8255e564f28
Analyzer Verdict Alert openphish AOL Inc.
fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig] HTTP/1.1
Host: aol-104542-1076120000.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6ImpIeURBNWV4Q0pGbXJ2ZmozZlwvUHNnPT0iLCJ2YWx1ZSI6IjFOOUxEWFhHa3NNMVJqNTJSek1DKzA2TFArQVZ0dlwvNGEwYWlNWEhnTm5HRk1tNE9QeTQwQ21hT2hsSG9ya1UzcGFZQTNYSTV5UkpxdFIwR3VjQVwvaWRCYXpLSlhSMkFBbFo2RlIzMWVTbzBhbVJyOWlsemxoc1JWMUVRQlFOb3ciLCJtYWMiOiI5ZjAxZjM4NGM1MDc0YWJkMjUwOWRlMWM5ODllOWE4N2QzNTJmNDI5YmViOTUzMWUyMDY2NjdiZWNiZjU1OGM5In0=
Content-Length: 78
Origin: https://aol-104542-1076120000.weeblysite.com
Connection: keep-alive
Referer: https://aol-104542-1076120000.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6IitjMWl5UG5WN2R1Z2ttRlpJZ1g0V2c9PSIsInZhbHVlIjoiODBSdDJWV0hSVFZSNzgyeW9mNG1oNVZVb3F2V3h1cFhZMGpHUExPUjI5OW9UY1ZNSkFKM3JzMnVDdUNFaFE1MVwvM050Z1dIQmlEY3RabmgrVjJPcjcrRVczSGJRaFJWYklYd2plbkZVODV4SlJUam1cL1lNZ1wvUmRicWFORUpQUnUiLCJtYWMiOiIzNWU1YWU3NTkyYjg2MDZiOWMyNjRkYmEzMjYxM2NmMzllMTFjOGJjZTE4OTViY2I4MDAyYzFmODY1Y2U1NWUxIn0%3D; XSRF-TOKEN=eyJpdiI6ImpIeURBNWV4Q0pGbXJ2ZmozZlwvUHNnPT0iLCJ2YWx1ZSI6IjFOOUxEWFhHa3NNMVJqNTJSek1DKzA2TFArQVZ0dlwvNGEwYWlNWEhnTm5HRk1tNE9QeTQwQ21hT2hsSG9ya1UzcGFZQTNYSTV5UkpxdFIwR3VjQVwvaWRCYXpLSlhSMkFBbFo2RlIzMWVTbzBhbVJyOWlsemxoc1JWMUVRQlFOb3ciLCJtYWMiOiI5ZjAxZjM4NGM1MDc0YWJkMjUwOWRlMWM5ODllOWE4N2QzNTJmNDI5YmViOTUzMWUyMDY2NjdiZWNiZjU1OGM5In0%3D; PublishedSiteSession=eyJpdiI6ImUzQnBKdmtyOEQwWUtabzVHNnVURVE9PSIsInZhbHVlIjoiU1wvRTB0WTBLcEZTSnNOdnNiZzRyWDV0N1J4V0JQZ0FWZWhlSWpmSXlXd1llUWo5TTc0RmxpUk1udVNmbEhZenNJMytuem96OXB3ODZHcGM3dDhObTh5SDZLU2hyKzdPVlFlVkUydHJZb2tlTzNwTm1lTTB2cU5OeGdlMGJUbHJUIiwibWFjIjoiNGQ0ZTMwNjBhZGQ3YzUxOWQwNDFiY2QwNjljYThhZjBiODg1MmY5M2Q0OWNiZDBiMjI5MTUxNGRmNDAwMzgxYiJ9; _snow_ses.dedd=*; _snow_id.dedd=d60ffc17-aed6-43f7-89f0-895e7ba45c3f.1668266419.1.1668266419.1668266419.f2e10928-15d6-4836-9f93-1864b53d53e6; _dd_s=rum=1&id=1d4b0f62-fc09-4906-9f64-6410c28f842e&created=1668266419484&expire=1668267319484
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 15:20:20 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu139.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 224
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1955
Origin: https://aol-104542-1076120000.weeblysite.com
Connection: keep-alive
Referer: https://aol-104542-1076120000.weeblysite.com/
Cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 15:20:20 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece; Expires=Sun, 12 Nov 2023 15:20:20 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://aol-104542-1076120000.weeblysite.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
35.188.42.15200 OK 2 B URL HTTP/1.1 sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
IP 35.188.42.15:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aol-104542-1076120000.weeblysite.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://aol-104542-1076120000.weeblysite.com
Content-Length: 429
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 15:20:20 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://aol-104542-1076120000.weeblysite.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11085
Expires: Sat, 12 Nov 2022 18:25:05 GMT
Date: Sat, 12 Nov 2022 15:20:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11085
Expires: Sat, 12 Nov 2022 18:25:05 GMT
Date: Sat, 12 Nov 2022 15:20:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11085
Expires: Sat, 12 Nov 2022 18:25:05 GMT
Date: Sat, 12 Nov 2022 15:20:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516f1bfefb1c1a737ea2441f85343b32
0cc22d7bf9092fb30f31e2ca8f242c197b891669
733824d4f6f7c5b54ce4e02ecaf152cfc1e10f3f6a801d7e2c55a02460e40087
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9012
x-amzn-requestid: 83eac9e7-5387-4e11-9769-182fa3f7fffb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNC6FxzoAMF80w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec212-5ca277b90a5a9a4c437edc1e;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PrJoEROPymrtc0egNlWRoOMjohiCo3zReD01qAHwByaSiXarfRS0XQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:43 GMT
age: 62377
etag: "0cc22d7bf9092fb30f31e2ca8f242c197b891669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facfcee70-832e-4f2d-8fc7-55d2bfff651e.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facfcee70-832e-4f2d-8fc7-55d2bfff651e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eac2ed4bece6282c8273a58a88371e2e
2d90ff66079e8ffbaaa367a6bfc08927e7cc424d
aea97fd7d90302edcb3e0c08507d682e02166e8ddd4d082fc4f5435af438594c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facfcee70-832e-4f2d-8fc7-55d2bfff651e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8633
x-amzn-requestid: 8bdfbfbb-5193-4c62-ba1b-c906f7548676
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhSEC1oAMF8tw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-39b4c2954dbc8e4c40a2c9d8;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lxrfhO5oOGvECIrlZYKsfXOTZZksAIIHAafyRM-FdRXAaBVZs5cEQA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:21 GMT
age: 63299
etag: "2d90ff66079e8ffbaaa367a6bfc08927e7cc424d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 848af62ec10d0c297922f8600b6ad12d
4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d
a3b4eb6768259876819d7e6c7ac9e21c603d54f60bf70ed077cb820711e2ae74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11316
x-amzn-requestid: 8456b25a-b87f-490d-86b3-fb217afea082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniESaIAMF3Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-30ed3b0972418bae4700edc8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mMfP4wVk4SVBFR_ZqBEFuKeOS_NHYS1RuAnRSZajYau-oLVcc4j9BA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:14:05 GMT
age: 61575
etag: "4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f09e254cd6f2e29b3bf198cc5d58a46f
fa34520e849bf746ff43aec3d28beb9e4be44f4d
2e29eace95fd8cb5b6d77df880d2044ecab4206cba47931c3a95e77c1b4e9d9a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8953
x-amzn-requestid: 2a2d20f4-3aa5-475e-8ec2-fc569766335e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhQGAhIAMFrjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-26dc0259793ec94814f3d41a;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: OKFzEoCVITStAPxYzhksarrlTkVeATx6AzBnEK32WLFaOeEIwLMu_Q==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
etag: "fa34520e849bf746ff43aec3d28beb9e4be44f4d"
content-type: image/jpeg
age: 63308
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash faa8e3cf2ab3c1d53a1735def5bb7476
ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f
e81a8fa312ec478871427f1d04ba7fe563573c683809153f75dec8df979d6efe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6577
x-amzn-requestid: b4587cfb-6041-453c-9e74-fa35ecd31448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMjIGHRoAMF26g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec147-29e7ec741b0e6f6f674aef75;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hsMmHIBEt_4cL455goPqDKQVQA75u4oGFbSxsGP_e_0uG7SZmSLBhQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:57 GMT
age: 62363
etag: "ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b650f84-0cd0-4921-bc04-f0ea0459e4d1.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b650f84-0cd0-4921-bc04-f0ea0459e4d1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 084ca839d34b15916cd2f5034440a1ef
7764777ce9a862c1590712ef33032df72edefffd
b8893d7f327f88316cb909ded7fd8f4e1809190a7da807677785bf953f6e33fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b650f84-0cd0-4921-bc04-f0ea0459e4d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8482
x-amzn-requestid: 79e5e211-afc8-4531-b361-6f6f3386f16e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUGJsIAMF7Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-5a0ba4a93eba91c81ba3a9bc;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CxrOwBRw0YlwOnKPJZI7h7YEwOAYS3ZtFa8q2o5rDvQct6pehCAFAg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:51:43 GMT
age: 62917
etag: "7764777ce9a862c1590712ef33032df72edefffd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
aol-104542-1076120000.weeblysite.com/uploads/b/d3a0eeb0-5ebd-11ed-baf7-5b3ef5d81321/icon_180x180_ios_MjEzMz.png?width=180
199.34.228.96200 OK 458 B URL HTTP/1.1 aol-104542-1076120000.weeblysite.com/uploads/b/d3a0eeb0-5ebd-11ed-baf7-5b3ef5d81321/icon_180x180_ios_MjEzMz.png?width=180
IP 199.34.228.96:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3618350939305f41628e7524cad071b6
79c76ee3f52c65a4306507964cb204c9be67706f
10a5a1b76aac23b43acd257ad64e3962b52765fedeaaabed701d7523b4bebb86
Analyzer Verdict Alert openphish AOL Inc.
fortinet Phishing
GET /uploads/b/d3a0eeb0-5ebd-11ed-baf7-5b3ef5d81321/icon_180x180_ios_MjEzMz.png?width=180 HTTP/1.1
Host: aol-104542-1076120000.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aol-104542-1076120000.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6IitjMWl5UG5WN2R1Z2ttRlpJZ1g0V2c9PSIsInZhbHVlIjoiODBSdDJWV0hSVFZSNzgyeW9mNG1oNVZVb3F2V3h1cFhZMGpHUExPUjI5OW9UY1ZNSkFKM3JzMnVDdUNFaFE1MVwvM050Z1dIQmlEY3RabmgrVjJPcjcrRVczSGJRaFJWYklYd2plbkZVODV4SlJUam1cL1lNZ1wvUmRicWFORUpQUnUiLCJtYWMiOiIzNWU1YWU3NTkyYjg2MDZiOWMyNjRkYmEzMjYxM2NmMzllMTFjOGJjZTE4OTViY2I4MDAyYzFmODY1Y2U1NWUxIn0%3D; XSRF-TOKEN=eyJpdiI6ImpIeURBNWV4Q0pGbXJ2ZmozZlwvUHNnPT0iLCJ2YWx1ZSI6IjFOOUxEWFhHa3NNMVJqNTJSek1DKzA2TFArQVZ0dlwvNGEwYWlNWEhnTm5HRk1tNE9QeTQwQ21hT2hsSG9ya1UzcGFZQTNYSTV5UkpxdFIwR3VjQVwvaWRCYXpLSlhSMkFBbFo2RlIzMWVTbzBhbVJyOWlsemxoc1JWMUVRQlFOb3ciLCJtYWMiOiI5ZjAxZjM4NGM1MDc0YWJkMjUwOWRlMWM5ODllOWE4N2QzNTJmNDI5YmViOTUzMWUyMDY2NjdiZWNiZjU1OGM5In0%3D; PublishedSiteSession=eyJpdiI6ImUzQnBKdmtyOEQwWUtabzVHNnVURVE9PSIsInZhbHVlIjoiU1wvRTB0WTBLcEZTSnNOdnNiZzRyWDV0N1J4V0JQZ0FWZWhlSWpmSXlXd1llUWo5TTc0RmxpUk1udVNmbEhZenNJMytuem96OXB3ODZHcGM3dDhObTh5SDZLU2hyKzdPVlFlVkUydHJZb2tlTzNwTm1lTTB2cU5OeGdlMGJUbHJUIiwibWFjIjoiNGQ0ZTMwNjBhZGQ3YzUxOWQwNDFiY2QwNjljYThhZjBiODg1MmY5M2Q0OWNiZDBiMjI5MTUxNGRmNDAwMzgxYiJ9; _snow_ses.dedd=*; _snow_id.dedd=d60ffc17-aed6-43f7-89f0-895e7ba45c3f.1668266419.1.1668266419.1668266419.f2e10928-15d6-4836-9f93-1864b53d53e6; _dd_s=rum=1&id=1d4b0f62-fc09-4906-9f64-6410c28f842e&created=1668266419484&expire=1668267319484
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 15:20:21 GMT
Content-Type: image/webp
Content-Length: 458
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "FlyTg+uyjzz6u8AH9GrgfhgSxYjdswIjdYGhhZspO4M"
Fastly-Io-Info: ifsz=946 idim=180x180 ifmt=png ofsz=458 odim=180x180 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx00000000000002dddd3f1-00636bcd3b-c695612-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: z33a4
X-Storage-Object: 33a4ea04908000fdf1cdce57bf469239593db4b9eff55a2097b944cbeccbdb71
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-sjc10050-SJC, cache-pao17422-PAO
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
X-Timer: S1668266421.988962,VS0,VE38
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu110.sf2p.intern.weebly.net
aol-104542-1076120000.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
199.34.228.96200 OK 201 B URL HTTP/1.1 aol-104542-1076120000.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
IP 199.34.228.96:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bbf985fd86ef8add09a38860a98def2f
2804fa968da1e1b8be4b6f150438e45f4150d3c0
236153652c6f09415db4ee8f8b9a98827da5987a001a136d94d87f401ef6f160
Analyzer Verdict Alert openphish AOL Inc.
fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments] HTTP/1.1
Host: aol-104542-1076120000.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6ImpIeURBNWV4Q0pGbXJ2ZmozZlwvUHNnPT0iLCJ2YWx1ZSI6IjFOOUxEWFhHa3NNMVJqNTJSek1DKzA2TFArQVZ0dlwvNGEwYWlNWEhnTm5HRk1tNE9QeTQwQ21hT2hsSG9ya1UzcGFZQTNYSTV5UkpxdFIwR3VjQVwvaWRCYXpLSlhSMkFBbFo2RlIzMWVTbzBhbVJyOWlsemxoc1JWMUVRQlFOb3ciLCJtYWMiOiI5ZjAxZjM4NGM1MDc0YWJkMjUwOWRlMWM5ODllOWE4N2QzNTJmNDI5YmViOTUzMWUyMDY2NjdiZWNiZjU1OGM5In0=
Content-Length: 83
Origin: https://aol-104542-1076120000.weeblysite.com
Connection: keep-alive
Referer: https://aol-104542-1076120000.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6IitjMWl5UG5WN2R1Z2ttRlpJZ1g0V2c9PSIsInZhbHVlIjoiODBSdDJWV0hSVFZSNzgyeW9mNG1oNVZVb3F2V3h1cFhZMGpHUExPUjI5OW9UY1ZNSkFKM3JzMnVDdUNFaFE1MVwvM050Z1dIQmlEY3RabmgrVjJPcjcrRVczSGJRaFJWYklYd2plbkZVODV4SlJUam1cL1lNZ1wvUmRicWFORUpQUnUiLCJtYWMiOiIzNWU1YWU3NTkyYjg2MDZiOWMyNjRkYmEzMjYxM2NmMzllMTFjOGJjZTE4OTViY2I4MDAyYzFmODY1Y2U1NWUxIn0%3D; XSRF-TOKEN=eyJpdiI6ImpIeURBNWV4Q0pGbXJ2ZmozZlwvUHNnPT0iLCJ2YWx1ZSI6IjFOOUxEWFhHa3NNMVJqNTJSek1DKzA2TFArQVZ0dlwvNGEwYWlNWEhnTm5HRk1tNE9QeTQwQ21hT2hsSG9ya1UzcGFZQTNYSTV5UkpxdFIwR3VjQVwvaWRCYXpLSlhSMkFBbFo2RlIzMWVTbzBhbVJyOWlsemxoc1JWMUVRQlFOb3ciLCJtYWMiOiI5ZjAxZjM4NGM1MDc0YWJkMjUwOWRlMWM5ODllOWE4N2QzNTJmNDI5YmViOTUzMWUyMDY2NjdiZWNiZjU1OGM5In0%3D; PublishedSiteSession=eyJpdiI6ImUzQnBKdmtyOEQwWUtabzVHNnVURVE9PSIsInZhbHVlIjoiU1wvRTB0WTBLcEZTSnNOdnNiZzRyWDV0N1J4V0JQZ0FWZWhlSWpmSXlXd1llUWo5TTc0RmxpUk1udVNmbEhZenNJMytuem96OXB3ODZHcGM3dDhObTh5SDZLU2hyKzdPVlFlVkUydHJZb2tlTzNwTm1lTTB2cU5OeGdlMGJUbHJUIiwibWFjIjoiNGQ0ZTMwNjBhZGQ3YzUxOWQwNDFiY2QwNjljYThhZjBiODg1MmY5M2Q0OWNiZDBiMjI5MTUxNGRmNDAwMzgxYiJ9; _snow_ses.dedd=*; _snow_id.dedd=d60ffc17-aed6-43f7-89f0-895e7ba45c3f.1668266419.1.1668266419.1668266419.f2e10928-15d6-4836-9f93-1864b53d53e6; _dd_s=rum=1&id=1d4b0f62-fc09-4906-9f64-6410c28f842e&created=1668266419484&expire=1668267319484
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 15:20:20 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn73.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 201
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
aol-104542-1076120000.weeblysite.com/app/website/cms/api/v1/users/143774076/customers/coordinates
199.34.228.96200 OK 70 B URL HTTP/1.1 aol-104542-1076120000.weeblysite.com/app/website/cms/api/v1/users/143774076/customers/coordinates
IP 199.34.228.96:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9752b06c768724a72741cf9388713596
3c05993fc47e53d1edaa9c03779565a7753f3a61
1d97b677c782c9ae57c8b4dcb6afd88a8068ea3cd133a00cf1050dfe0b4d835c
Analyzer Verdict Alert openphish AOL Inc.
fortinet Phishing
GET /app/website/cms/api/v1/users/143774076/customers/coordinates HTTP/1.1
Host: aol-104542-1076120000.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6ImpIeURBNWV4Q0pGbXJ2ZmozZlwvUHNnPT0iLCJ2YWx1ZSI6IjFOOUxEWFhHa3NNMVJqNTJSek1DKzA2TFArQVZ0dlwvNGEwYWlNWEhnTm5HRk1tNE9QeTQwQ21hT2hsSG9ya1UzcGFZQTNYSTV5UkpxdFIwR3VjQVwvaWRCYXpLSlhSMkFBbFo2RlIzMWVTbzBhbVJyOWlsemxoc1JWMUVRQlFOb3ciLCJtYWMiOiI5ZjAxZjM4NGM1MDc0YWJkMjUwOWRlMWM5ODllOWE4N2QzNTJmNDI5YmViOTUzMWUyMDY2NjdiZWNiZjU1OGM5In0=
Connection: keep-alive
Referer: https://aol-104542-1076120000.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6IitjMWl5UG5WN2R1Z2ttRlpJZ1g0V2c9PSIsInZhbHVlIjoiODBSdDJWV0hSVFZSNzgyeW9mNG1oNVZVb3F2V3h1cFhZMGpHUExPUjI5OW9UY1ZNSkFKM3JzMnVDdUNFaFE1MVwvM050Z1dIQmlEY3RabmgrVjJPcjcrRVczSGJRaFJWYklYd2plbkZVODV4SlJUam1cL1lNZ1wvUmRicWFORUpQUnUiLCJtYWMiOiIzNWU1YWU3NTkyYjg2MDZiOWMyNjRkYmEzMjYxM2NmMzllMTFjOGJjZTE4OTViY2I4MDAyYzFmODY1Y2U1NWUxIn0%3D; XSRF-TOKEN=eyJpdiI6ImpIeURBNWV4Q0pGbXJ2ZmozZlwvUHNnPT0iLCJ2YWx1ZSI6IjFOOUxEWFhHa3NNMVJqNTJSek1DKzA2TFArQVZ0dlwvNGEwYWlNWEhnTm5HRk1tNE9QeTQwQ21hT2hsSG9ya1UzcGFZQTNYSTV5UkpxdFIwR3VjQVwvaWRCYXpLSlhSMkFBbFo2RlIzMWVTbzBhbVJyOWlsemxoc1JWMUVRQlFOb3ciLCJtYWMiOiI5ZjAxZjM4NGM1MDc0YWJkMjUwOWRlMWM5ODllOWE4N2QzNTJmNDI5YmViOTUzMWUyMDY2NjdiZWNiZjU1OGM5In0%3D; PublishedSiteSession=eyJpdiI6ImUzQnBKdmtyOEQwWUtabzVHNnVURVE9PSIsInZhbHVlIjoiU1wvRTB0WTBLcEZTSnNOdnNiZzRyWDV0N1J4V0JQZ0FWZWhlSWpmSXlXd1llUWo5TTc0RmxpUk1udVNmbEhZenNJMytuem96OXB3ODZHcGM3dDhObTh5SDZLU2hyKzdPVlFlVkUydHJZb2tlTzNwTm1lTTB2cU5OeGdlMGJUbHJUIiwibWFjIjoiNGQ0ZTMwNjBhZGQ3YzUxOWQwNDFiY2QwNjljYThhZjBiODg1MmY5M2Q0OWNiZDBiMjI5MTUxNGRmNDAwMzgxYiJ9; _snow_ses.dedd=*; _snow_id.dedd=d60ffc17-aed6-43f7-89f0-895e7ba45c3f.1668266419.1.1668266419.1668266419.f2e10928-15d6-4836-9f93-1864b53d53e6; _dd_s=rum=1&id=1d4b0f62-fc09-4906-9f64-6410c28f842e&created=1668266419484&expire=1668267319484
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sat, 12 Nov 2022 15:20:21 GMT
Set-Cookie: websitespring-xsrf=eyJpdiI6IlBCNHIrUklTcHp0MmhcL1BnR01OcUhBPT0iLCJ2YWx1ZSI6Ik84RncwYWppcDlKRVBSaGtYM0FwK2Q4QjNVWVJaaFQxQmdQT0x3aFN6Y2Q2b2tYMFYyT1ROWTlZblNzOG55RFRhRU1kSUMyTXl2ZGJKZlBkZEFuSDVBc2d0bWFPVGFvMUwzZTZheG96Rk9jWThySWNVd3pnYVJBUFdNcjF0WFpxIiwibWFjIjoiZmI3NzdkYjlmYzk0NDRlMTI2MDk0M2M3OTIyNjEzM2RiMjkxNGMxZjQ3NjRmMmJiNzE5NGM5YzBhNmMyY2Y1MCJ9; expires=Sat, 26-Nov-2022 15:20:21 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IlV5dHBRUHBuK09YN001UzRpdUNOOXc9PSIsInZhbHVlIjoiVzZ1ZkFGaDl1clBsOTRTV3hCWEdhTHZhVmkzWm1ONzREcHJrWGZqc09iazd3SFMwN1hHTFJHUzd4VmpKSVJuZmlBNzlBdmlWSFlnZWRucGR6WEdYbHBlb0psb1ZcL2l6QVpxUnVmS0ltd1wvNFpRWmE2U2ExSGJQbm5iUXJoVXFOSyIsIm1hYyI6IjIwNTUwNmI5NzY2ZWZjNDNjMWMzZDc0YzMxOTQwZTU3NzE3MjNmNWMxYmYwZjM2NzRkMjljYTc5NWMzODRjZmIifQ%3D%3D; expires=Sat, 26-Nov-2022 15:20:21 GMT; Max-Age=1209600; path=/
X-Host: grn134.sf2p.intern.weebly.net
X-Revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
X-Request-ID: 3be45061949c8ad43dcaf2865136251e
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9cca525b1496af446b07aaf8a2106ca1
bc00a06ab4efc7d612f5416cf2f1d12582b757fb
be2e9793da01f40ed238dec1d929691bdea9a317be4f0c82e4e50cddd3cc528d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4774
Cache-Control: max-age=167056
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 15:20:21 GMT
Etag: "636f909f-1d7"
Expires: Mon, 14 Nov 2022 13:44:37 GMT
Last-Modified: Sat, 12 Nov 2022 12:25:03 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
www.weebly.com/favicon.ico
74.115.50.109200 OK 4.3 kB URL HTTP/1.1 www.weebly.com/favicon.ico
IP 74.115.50.109:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 4d27526198ac873ccec96935198e0fb9
b98d8b73ad6a0f7477c3397561b4aab37bf262aa
40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
GET /favicon.ico HTTP/1.1
Host: www.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aol-104542-1076120000.weeblysite.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 15:20:21 GMT
Server: Apache
Last-Modified: Fri, 11 Nov 2022 17:01:18 GMT
ETag: "10be-5ed34d6993380"
Accept-Ranges: bytes
Content-Length: 4286
X-Host: grn85.sf2p.intern.weebly.net
Vary: User-Agent
Keep-Alive: timeout=10, max=63
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
X-W-DC: SFO
Set-Cookie: sto-id-editor=COELBMAK; Domain=weebly.com; Path=/
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 2395
Origin: https://aol-104542-1076120000.weeblysite.com
Connection: keep-alive
Referer: https://aol-104542-1076120000.weeblysite.com/
Cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 15:20:21 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece; Expires=Sun, 12 Nov 2023 15:20:21 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://aol-104542-1076120000.weeblysite.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dfc683b4624c966e84cddabb580139d8
9d3ce176d341f9fa40781e688c3a701e56564031
26a1dbf5005474c927acb351758288d5b1ea903a1e1a6f5f42989f40f34c224e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3808
Cache-Control: max-age=148792
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 15:20:21 GMT
Etag: "636f4d0d-1d7"
Expires: Mon, 14 Nov 2022 08:40:13 GMT
Last-Modified: Sat, 12 Nov 2022 07:36:45 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1854
Origin: https://aol-104542-1076120000.weeblysite.com
Connection: keep-alive
Referer: https://aol-104542-1076120000.weeblysite.com/
Cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 15:20:21 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece; Expires=Sun, 12 Nov 2023 15:20:21 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://aol-104542-1076120000.weeblysite.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
aol-104542-1076120000.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
199.34.228.96200 OK 182 B URL HTTP/1.1 aol-104542-1076120000.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
IP 199.34.228.96:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6f6b6b81dd3714cd388808342e960a10
f34bc92a2c7a4dfe56bd6f069ad601e6a61e3b61
2eb22bb7b96aaee11236fcf99e822ede29d3a2ddf2d6f019bb70005b5a1540ef
Analyzer Verdict Alert openphish AOL Inc.
fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder] HTTP/1.1
Host: aol-104542-1076120000.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6IlV5dHBRUHBuK09YN001UzRpdUNOOXc9PSIsInZhbHVlIjoiVzZ1ZkFGaDl1clBsOTRTV3hCWEdhTHZhVmkzWm1ONzREcHJrWGZqc09iazd3SFMwN1hHTFJHUzd4VmpKSVJuZmlBNzlBdmlWSFlnZWRucGR6WEdYbHBlb0psb1ZcL2l6QVpxUnVmS0ltd1wvNFpRWmE2U2ExSGJQbm5iUXJoVXFOSyIsIm1hYyI6IjIwNTUwNmI5NzY2ZWZjNDNjMWMzZDc0YzMxOTQwZTU3NzE3MjNmNWMxYmYwZjM2NzRkMjljYTc5NWMzODRjZmIifQ==
Content-Length: 89
Origin: https://aol-104542-1076120000.weeblysite.com
Connection: keep-alive
Referer: https://aol-104542-1076120000.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6IitjMWl5UG5WN2R1Z2ttRlpJZ1g0V2c9PSIsInZhbHVlIjoiODBSdDJWV0hSVFZSNzgyeW9mNG1oNVZVb3F2V3h1cFhZMGpHUExPUjI5OW9UY1ZNSkFKM3JzMnVDdUNFaFE1MVwvM050Z1dIQmlEY3RabmgrVjJPcjcrRVczSGJRaFJWYklYd2plbkZVODV4SlJUam1cL1lNZ1wvUmRicWFORUpQUnUiLCJtYWMiOiIzNWU1YWU3NTkyYjg2MDZiOWMyNjRkYmEzMjYxM2NmMzllMTFjOGJjZTE4OTViY2I4MDAyYzFmODY1Y2U1NWUxIn0%3D; XSRF-TOKEN=eyJpdiI6IlV5dHBRUHBuK09YN001UzRpdUNOOXc9PSIsInZhbHVlIjoiVzZ1ZkFGaDl1clBsOTRTV3hCWEdhTHZhVmkzWm1ONzREcHJrWGZqc09iazd3SFMwN1hHTFJHUzd4VmpKSVJuZmlBNzlBdmlWSFlnZWRucGR6WEdYbHBlb0psb1ZcL2l6QVpxUnVmS0ltd1wvNFpRWmE2U2ExSGJQbm5iUXJoVXFOSyIsIm1hYyI6IjIwNTUwNmI5NzY2ZWZjNDNjMWMzZDc0YzMxOTQwZTU3NzE3MjNmNWMxYmYwZjM2NzRkMjljYTc5NWMzODRjZmIifQ%3D%3D; PublishedSiteSession=eyJpdiI6ImUzQnBKdmtyOEQwWUtabzVHNnVURVE9PSIsInZhbHVlIjoiU1wvRTB0WTBLcEZTSnNOdnNiZzRyWDV0N1J4V0JQZ0FWZWhlSWpmSXlXd1llUWo5TTc0RmxpUk1udVNmbEhZenNJMytuem96OXB3ODZHcGM3dDhObTh5SDZLU2hyKzdPVlFlVkUydHJZb2tlTzNwTm1lTTB2cU5OeGdlMGJUbHJUIiwibWFjIjoiNGQ0ZTMwNjBhZGQ3YzUxOWQwNDFiY2QwNjljYThhZjBiODg1MmY5M2Q0OWNiZDBiMjI5MTUxNGRmNDAwMzgxYiJ9; _snow_ses.dedd=*; _snow_id.dedd=d60ffc17-aed6-43f7-89f0-895e7ba45c3f.1668266419.1.1668266421.1668266419.f2e10928-15d6-4836-9f93-1864b53d53e6; _dd_s=rum=1&id=1d4b0f62-fc09-4906-9f64-6410c28f842e&created=1668266419484&expire=1668267319484; websitespring-xsrf=eyJpdiI6IlBCNHIrUklTcHp0MmhcL1BnR01OcUhBPT0iLCJ2YWx1ZSI6Ik84RncwYWppcDlKRVBSaGtYM0FwK2Q4QjNVWVJaaFQxQmdQT0x3aFN6Y2Q2b2tYMFYyT1ROWTlZblNzOG55RFRhRU1kSUMyTXl2ZGJKZlBkZEFuSDVBc2d0bWFPVGFvMUwzZTZheG96Rk9jWThySWNVd3pnYVJBUFdNcjF0WFpxIiwibWFjIjoiZmI3NzdkYjlmYzk0NDRlMTI2MDk0M2M3OTIyNjEzM2RiMjkxNGMxZjQ3NjRmMmJiNzE5NGM5YzBhNmMyY2Y1MCJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 15:20:21 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn9.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 182
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
aol-104542-1076120000.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
199.34.228.96200 OK 80 B URL HTTP/1.1 aol-104542-1076120000.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
IP 199.34.228.96:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 49ccb1672036652093e2af110970392c
0a448340d7898a7cc714db06964c46d6db44ae74
3714771a4773e635f63ae32d648364782f11e72a0a60918baf978ebb6ec1c22d
Analyzer Verdict Alert openphish AOL Inc.
fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable] HTTP/1.1
Host: aol-104542-1076120000.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6IlV5dHBRUHBuK09YN001UzRpdUNOOXc9PSIsInZhbHVlIjoiVzZ1ZkFGaDl1clBsOTRTV3hCWEdhTHZhVmkzWm1ONzREcHJrWGZqc09iazd3SFMwN1hHTFJHUzd4VmpKSVJuZmlBNzlBdmlWSFlnZWRucGR6WEdYbHBlb0psb1ZcL2l6QVpxUnVmS0ltd1wvNFpRWmE2U2ExSGJQbm5iUXJoVXFOSyIsIm1hYyI6IjIwNTUwNmI5NzY2ZWZjNDNjMWMzZDc0YzMxOTQwZTU3NzE3MjNmNWMxYmYwZjM2NzRkMjljYTc5NWMzODRjZmIifQ==
Content-Length: 77
Origin: https://aol-104542-1076120000.weeblysite.com
Connection: keep-alive
Referer: https://aol-104542-1076120000.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6IitjMWl5UG5WN2R1Z2ttRlpJZ1g0V2c9PSIsInZhbHVlIjoiODBSdDJWV0hSVFZSNzgyeW9mNG1oNVZVb3F2V3h1cFhZMGpHUExPUjI5OW9UY1ZNSkFKM3JzMnVDdUNFaFE1MVwvM050Z1dIQmlEY3RabmgrVjJPcjcrRVczSGJRaFJWYklYd2plbkZVODV4SlJUam1cL1lNZ1wvUmRicWFORUpQUnUiLCJtYWMiOiIzNWU1YWU3NTkyYjg2MDZiOWMyNjRkYmEzMjYxM2NmMzllMTFjOGJjZTE4OTViY2I4MDAyYzFmODY1Y2U1NWUxIn0%3D; XSRF-TOKEN=eyJpdiI6IlV5dHBRUHBuK09YN001UzRpdUNOOXc9PSIsInZhbHVlIjoiVzZ1ZkFGaDl1clBsOTRTV3hCWEdhTHZhVmkzWm1ONzREcHJrWGZqc09iazd3SFMwN1hHTFJHUzd4VmpKSVJuZmlBNzlBdmlWSFlnZWRucGR6WEdYbHBlb0psb1ZcL2l6QVpxUnVmS0ltd1wvNFpRWmE2U2ExSGJQbm5iUXJoVXFOSyIsIm1hYyI6IjIwNTUwNmI5NzY2ZWZjNDNjMWMzZDc0YzMxOTQwZTU3NzE3MjNmNWMxYmYwZjM2NzRkMjljYTc5NWMzODRjZmIifQ%3D%3D; PublishedSiteSession=eyJpdiI6ImUzQnBKdmtyOEQwWUtabzVHNnVURVE9PSIsInZhbHVlIjoiU1wvRTB0WTBLcEZTSnNOdnNiZzRyWDV0N1J4V0JQZ0FWZWhlSWpmSXlXd1llUWo5TTc0RmxpUk1udVNmbEhZenNJMytuem96OXB3ODZHcGM3dDhObTh5SDZLU2hyKzdPVlFlVkUydHJZb2tlTzNwTm1lTTB2cU5OeGdlMGJUbHJUIiwibWFjIjoiNGQ0ZTMwNjBhZGQ3YzUxOWQwNDFiY2QwNjljYThhZjBiODg1MmY5M2Q0OWNiZDBiMjI5MTUxNGRmNDAwMzgxYiJ9; _snow_ses.dedd=*; _snow_id.dedd=d60ffc17-aed6-43f7-89f0-895e7ba45c3f.1668266419.1.1668266421.1668266419.f2e10928-15d6-4836-9f93-1864b53d53e6; _dd_s=rum=1&id=1d4b0f62-fc09-4906-9f64-6410c28f842e&created=1668266419484&expire=1668267319484; websitespring-xsrf=eyJpdiI6IlBCNHIrUklTcHp0MmhcL1BnR01OcUhBPT0iLCJ2YWx1ZSI6Ik84RncwYWppcDlKRVBSaGtYM0FwK2Q4QjNVWVJaaFQxQmdQT0x3aFN6Y2Q2b2tYMFYyT1ROWTlZblNzOG55RFRhRU1kSUMyTXl2ZGJKZlBkZEFuSDVBc2d0bWFPVGFvMUwzZTZheG96Rk9jWThySWNVd3pnYVJBUFdNcjF0WFpxIiwibWFjIjoiZmI3NzdkYjlmYzk0NDRlMTI2MDk0M2M3OTIyNjEzM2RiMjkxNGMxZjQ3NjRmMmJiNzE5NGM5YzBhNmMyY2Y1MCJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 15:20:21 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn73.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 80
Keep-Alive: timeout=10, max=74
Connection: Keep-Alive
Content-Type: application/json
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-413ba75&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=b4763a1d-4dd7-4e11-8c73-8ff33b1b0433&batch_time=1668266420899
3.233.153.124202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-413ba75&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=b4763a1d-4dd7-4e11-8c73-8ff33b1b0433&batch_time=1668266420899
IP 3.233.153.124:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2c36b1bdd62c5d14e2a50619cc745490
67f418e0cf358dfb2b1cb3116fd49e94169e8539
259aa73987b63014ea849901b760c933e48864e2ed5a52c22806b841dd2cd0d3
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-413ba75&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=b4763a1d-4dd7-4e11-8c73-8ff33b1b0433&batch_time=1668266420899 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15988
Origin: https://aol-104542-1076120000.weeblysite.com
Connection: keep-alive
Referer: https://aol-104542-1076120000.weeblysite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Sat, 12 Nov 2022 15:20:22 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
aol-104542-1076120000.weeblysite.com/uploads/b/23d56301e55da34dcff27ecfd4f8be61809e2af1c6748a51d0e7b39d24325f97/R_1667841429.png?width=400
199.34.228.96200 OK 5.3 kB URL HTTP/1.1 aol-104542-1076120000.weeblysite.com/uploads/b/23d56301e55da34dcff27ecfd4f8be61809e2af1c6748a51d0e7b39d24325f97/R_1667841429.png?width=400
IP 199.34.228.96:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 97d3539cea334fb4175feef19a5650f7
a210ea5032219143168d71265e03dabcac39c99f
4b8fbb9cdad5eadd807ef8698a063d1ee7a6c1bb34c0e62c592ffe7ce924525f
GET /uploads/b/23d56301e55da34dcff27ecfd4f8be61809e2af1c6748a51d0e7b39d24325f97/R_1667841429.png?width=400 HTTP/1.1
Host: aol-104542-1076120000.weeblysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aol-104542-1076120000.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6IitjMWl5UG5WN2R1Z2ttRlpJZ1g0V2c9PSIsInZhbHVlIjoiODBSdDJWV0hSVFZSNzgyeW9mNG1oNVZVb3F2V3h1cFhZMGpHUExPUjI5OW9UY1ZNSkFKM3JzMnVDdUNFaFE1MVwvM050Z1dIQmlEY3RabmgrVjJPcjcrRVczSGJRaFJWYklYd2plbkZVODV4SlJUam1cL1lNZ1wvUmRicWFORUpQUnUiLCJtYWMiOiIzNWU1YWU3NTkyYjg2MDZiOWMyNjRkYmEzMjYxM2NmMzllMTFjOGJjZTE4OTViY2I4MDAyYzFmODY1Y2U1NWUxIn0%3D; XSRF-TOKEN=eyJpdiI6IlV5dHBRUHBuK09YN001UzRpdUNOOXc9PSIsInZhbHVlIjoiVzZ1ZkFGaDl1clBsOTRTV3hCWEdhTHZhVmkzWm1ONzREcHJrWGZqc09iazd3SFMwN1hHTFJHUzd4VmpKSVJuZmlBNzlBdmlWSFlnZWRucGR6WEdYbHBlb0psb1ZcL2l6QVpxUnVmS0ltd1wvNFpRWmE2U2ExSGJQbm5iUXJoVXFOSyIsIm1hYyI6IjIwNTUwNmI5NzY2ZWZjNDNjMWMzZDc0YzMxOTQwZTU3NzE3MjNmNWMxYmYwZjM2NzRkMjljYTc5NWMzODRjZmIifQ%3D%3D; PublishedSiteSession=eyJpdiI6ImUzQnBKdmtyOEQwWUtabzVHNnVURVE9PSIsInZhbHVlIjoiU1wvRTB0WTBLcEZTSnNOdnNiZzRyWDV0N1J4V0JQZ0FWZWhlSWpmSXlXd1llUWo5TTc0RmxpUk1udVNmbEhZenNJMytuem96OXB3ODZHcGM3dDhObTh5SDZLU2hyKzdPVlFlVkUydHJZb2tlTzNwTm1lTTB2cU5OeGdlMGJUbHJUIiwibWFjIjoiNGQ0ZTMwNjBhZGQ3YzUxOWQwNDFiY2QwNjljYThhZjBiODg1MmY5M2Q0OWNiZDBiMjI5MTUxNGRmNDAwMzgxYiJ9; _snow_ses.dedd=*; _snow_id.dedd=d60ffc17-aed6-43f7-89f0-895e7ba45c3f.1668266419.1.1668266421.1668266419.f2e10928-15d6-4836-9f93-1864b53d53e6; _dd_s=rum=1&id=1d4b0f62-fc09-4906-9f64-6410c28f842e&created=1668266419484&expire=1668267319484; websitespring-xsrf=eyJpdiI6IlBCNHIrUklTcHp0MmhcL1BnR01OcUhBPT0iLCJ2YWx1ZSI6Ik84RncwYWppcDlKRVBSaGtYM0FwK2Q4QjNVWVJaaFQxQmdQT0x3aFN6Y2Q2b2tYMFYyT1ROWTlZblNzOG55RFRhRU1kSUMyTXl2ZGJKZlBkZEFuSDVBc2d0bWFPVGFvMUwzZTZheG96Rk9jWThySWNVd3pnYVJBUFdNcjF0WFpxIiwibWFjIjoiZmI3NzdkYjlmYzk0NDRlMTI2MDk0M2M3OTIyNjEzM2RiMjkxNGMxZjQ3NjRmMmJiNzE5NGM5YzBhNmMyY2Y1MCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 15:20:22 GMT
Content-Type: image/webp
Content-Length: 5278
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "GxKop1/buQ+M6v+kSgLXIMk5eC6Czl71viBCI2bAjj4"
Fastly-Io-Info: ifsz=19226 idim=1024x409 ifmt=png ofsz=5278 odim=400x160 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx00000000000002e7e0270-00636e881f-c6aed46-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: z1ba6
X-Storage-Object: 1ba633f9935730c0de49682b874e3f83d834ff836af4a66664197d5fa7700a6e
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-sjc10056-SJC, cache-pao17429-PAO
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
X-Timer: S1668266422.099863,VS0,VE43
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu110.sf2p.intern.weebly.net
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-413ba75&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=193d9615-78fc-415d-8b3f-92824dee62b4&batch_time=1668266420948
3.233.153.124202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-413ba75&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=193d9615-78fc-415d-8b3f-92824dee62b4&batch_time=1668266420948
IP 3.233.153.124:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2ed2392648de8f80de352876c0cb1bc8
f459868bee9f92c7fc868fdc9cb14943328b20ae
8fc89bd6623a3d7844ff4bd3565263596dc31ccdd91bd88a61a5efc4a55805c2
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-413ba75&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=193d9615-78fc-415d-8b3f-92824dee62b4&batch_time=1668266420948 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15771
Origin: https://aol-104542-1076120000.weeblysite.com
Connection: keep-alive
Referer: https://aol-104542-1076120000.weeblysite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Sat, 12 Nov 2022 15:20:22 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/languages/en.d69f032602a9a8656bf8.js
151.101.85.46200 OK 0 B URL HTTP/2 cdn3.editmysite.com/app/website/js/languages/en.d69f032602a9a8656bf8.js
IP 151.101.85.46:0
GET /app/website/js/languages/en.d69f032602a9a8656bf8.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aol-104542-1076120000.weeblysite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Thu, 03 Nov 2022 23:25:35 GMT
x-rgw-object-type: Normal
etag: W/"88da55c6ac5b86a27462f8794b300ba2"
x-amz-request-id: tx0000000000000278488a3-0063644e55-c6aed46-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/languages/en.d69f032602a9a8656bf8.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 5b106465564fd8cfdc25e96fbccd2ff9dcb7a0ec
x-request-id: d06a245b8fc77a19a7522567339564c9
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 15:20:19 GMT
via: 1.1 varnish
age: 748167
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668266420.675243,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 151425
X-Firefox-Spdy: h2