r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3869
Expires: Sat, 12 Nov 2022 20:35:55 GMT
Date: Sat, 12 Nov 2022 19:31:26 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash de470c6bab46e7c4b7cc69f392900fe7
189e4dcc4c2b8bf1f050e06bd68bce8a99618918
86f57134ddebd23a25615dc4d59c4b1ca8919e3e0495e1f006cbe7c0f39aa27e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 386
Cache-Control: max-age=140775
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:31:26 GMT
Etag: "636f75f3-1d7"
Expires: Mon, 14 Nov 2022 10:37:41 GMT
Last-Modified: Sat, 12 Nov 2022 10:31:15 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5076aaa9f4ccd602540286ce0590cb9a
bbf7936a8413a564478971d9e19beb6338cbc869
00e3b967c579b0ccf709b78d497a43d95646b16eb50925fef1e2694c58f290b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00E3B967C579B0CCF709B78D497A43D95646B16EB50925FEF1E2694C58F290B2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10392
Expires: Sat, 12 Nov 2022 22:24:38 GMT
Date: Sat, 12 Nov 2022 19:31:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 18:44:14 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2832
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EeI/h26EY/+uLuiZdDfHaL+3trnq19jQen5WjK32kefvAwpm8yoYot6zOMFMNzEyUL7rXGmQIlM=
x-amz-request-id: SAJXSKPHQ3Z7QQMV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 19:13:06 GMT
age: 1100
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.thehairalcove.com/
199.34.228.185302 Found 362 B IP 199.34.228.185:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f12e15c5acbd8f4d6c94729e61439b68
1a023eca3aad77c22092e2ecf3c525b637794b50
2dcc89ff2a60b75c2a450760f132c594cdb93b3affa51a6e52ba6adad2685dee
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Sat, 12 Nov 2022 19:31:26 GMT
Location: https://www.thehairalcove.com
Set-Cookie: publishedsite-xsrf=eyJpdiI6IlRLS0dvSWRZb0ZVZWtFK0l3NktHeXc9PSIsInZhbHVlIjoiRWJzY1A3bGhMVGIxT2gzTDNENnZyZUd2eTB1RXo2Nmw2UTJOM0QyOGtMZXJQZlFDZE1NY1R6cCtmQmJCSk1vYVwvS1M0SGdONGxZTWVpZThxZnFLTE11Z1RDb1U1ZWxjZWY1QXZCWDBRdzNHNmJvOWZMWnFsV2pMc2g0aUpNR2tXIiwibWFjIjoiZDBjYmVhOTZkZWI5OTE5NmM4MjZmMjA3MTE5ZjVkZmY3ODQwMmRkY2YyOWRmZjQzNWYzNDBhOWRmOGJmYzYzMiJ9; expires=Sat, 26-Nov-2022 19:31:26 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IjZzOGI1NGRDSG5VM3V5UzNhRnFnRWc9PSIsInZhbHVlIjoiYUwxVEtXREVvRnNvV2VDWEx3eFhiYUFWMHdLYmNRelwvK2pXXC9MWEpOdW5WMWpDMjVUMnR6bjNIV3pIeTFUNzQ0cnFIMmNnRTZwM0pOQzRieXk5SnBLTlwvTHVzTFBpQVdza1FUcTNNSnZTeFRDZkJDcHdFYkxlS2lMR1BTbnUzbXYiLCJtYWMiOiI5ZjY2OWYzZjBjMmE4YzkzYWI1ZWFiMzg0NWQzNzAyODkyZDM3NjNiOTgwZDZiZGQ5YTIxYzkxZTRkMzIyZGM3In0%3D; expires=Sat, 26-Nov-2022 19:31:26 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6InJHaGh0alZFNlwva3A5NTF1UkVqTGdRPT0iLCJ2YWx1ZSI6ImU2Q29HdngrQ1g2QlFYVHFXb1JQTEhPSTNsZStcL2JlNE5FSHVUZFhyYWZUb2RKUXR2UXNSaG1IZE10RkZDRUFsWURvUlJja0dSbEI0WTRMdXd6VEpKRXpBemNwNlo1cUpHNEp0eEh0XC9Wc3Vuc09cLzZxaXRXditBMWtKdXpkSjdCIiwibWFjIjoiY2EwNWJjYTQ3N2Q0ZTJmMGY0YzdiYzlhMjFmZjdlYzAwZmFlYjdhNzM3Y2Y2NTJjNTY2MzM4ZWIyMjE5M2U3YiJ9; expires=Sat, 26-Nov-2022 19:31:26 GMT; Max-Age=1209600; path=/; httponly
X-Host: grn150.sf2p.intern.weebly.net
X-Revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
X-Request-ID: 8829c29c04180a31791b6aed02175dda
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 19:31:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 18:44:48 GMT
cache-control: public,max-age=3600
age: 2799
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b35c343891c5b1191751d1f800612f39
77613feac2ba561b54ed8b39ee05d0242530ea6a
c79d1e539db56428abab3458bc10c837291b6b3cf2eae0e0e88b8e326e32a7dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C79D1E539DB56428ABAB3458BC10C837291B6B3CF2EAE0E0E88B8E326E32A7DD"
Last-Modified: Fri, 11 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 13 Nov 2022 01:31:27 GMT
Date: Sat, 12 Nov 2022 19:31:27 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ae51f1958554de4457c22a7d5a9ba8b6
173e90a8c6ee36b7ec569dbea47436a90d7e7c76
dc43a04e1e26243f63a8e628f2ebcb23a9527fd4bc40dc6d1d61879b0f95bb21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2553
Cache-Control: max-age=137878
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:31:27 GMT
Etag: "636f622c-1d7"
Expires: Mon, 14 Nov 2022 09:49:25 GMT
Last-Modified: Sat, 12 Nov 2022 09:06:52 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
www.thehairalcove.com/
199.34.228.185200 OK 13 kB IP 199.34.228.185:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32709)
Hash 04f50464b7bb79860d8e7031e35ae563
29ad879aabff4a3537eb412c91ab17895887582f
54e2b223046d551dbbaa7a3057b95f3fe0ea84942f7b15f9770b76de1379f7b4
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sat, 12 Nov 2022 19:31:17 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; expires=Sat, 26-Nov-2022 19:31:27 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IjBvRlF5WFg3V2t2ODhpdnh6QlhQaHc9PSIsInZhbHVlIjoicW9VS3hHNTk5NWEzSURkMXRHTXRTSUJJRVFmRGJCK1FCYjB3SW8wQkJ5ejJadEpnb29cLzNFMUQ5VVdUK3NST3I4VCtwREVhWVBqOVR6OUVRY2tqZ1orSlNWQkFDeVkwQkRGUzdoVm9Sait0SzhOelI5XC9kK2Vzd3c5MnRRK3M0TiIsIm1hYyI6ImRjZDkwOWNjOGQ4ODk0ZmM1YzJkODg5NGFlYTQ4ZDk3ZjVhNWIyNzdlOWIxMDg0ODFmMjc5OGNkMmI5Y2RhMGQifQ%3D%3D; expires=Sat, 26-Nov-2022 19:31:27 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D; expires=Sat, 26-Nov-2022 19:31:27 GMT; Max-Age=1209600; path=/; httponly
X-Host: grn153.sf2p.intern.weebly.net
X-Revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
X-Request-ID: 6f8b77ad0156cfe1f506a9627bce29f9
Content-Encoding: gzip
push.services.mozilla.com/
54.187.102.159101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.102.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /ngTV1Jbm3zGmHIly7BVgA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qz0lDc1sbkJBYymtyTE85d+oK9E=
consent.cookiebot.com/uc.js
104.84.152.234200 OK 32 kB URL HTTP/2 consent.cookiebot.com/uc.js
IP 104.84.152.234:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65499)
Hash 3c4e162c3321e924fd3d27dc6d095f08
9d2027cab49aaf66a89a521c16133ba818ff3d9d
425713b3dc09882376e466e3e6798ade37f8262d82138cf0e11ecbe92e2d565b
GET /uc.js HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 04 Oct 2022 09:02:48 GMT
accept-ranges: bytes
etag: "0ac913d0d7d81:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 31718
cache-control: public, max-age=944
expires: Sat, 12 Nov 2022 19:47:11 GMT
date: Sat, 12 Nov 2022 19:31:27 GMT
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
151.101.85.46200 OK 5.0 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (11882), with no line terminators
Hash 20a4e66f534b80396d40bbc4291b2172
d7c962996f2715d94483be2bf9b644c7185d7ec7
0f19e8ad1c9bd5ae2ae5141f31b4e491bb460558da0ac51cd402964e716880ac
GET /app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Mar 2022 18:09:33 GMT
x-rgw-object-type: Normal
etag: W/"40372ca3b0cfa19f4e5d664243108364"
x-amz-request-id: tx00000000000005ce1aaac-0062434bb9-a9f1ce7-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 19:31:27 GMT
via: 1.1 varnish
age: 1889415
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 10172
x-timer: S1668281488.842699,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4998
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/css/wcko.577957259b9178e25575.css
151.101.85.46200 OK 23 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/css/wcko.577957259b9178e25575.css
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (64270), with no line terminators
Hash d4a7cac8be5683713ff6e8d0784011f2
e2a97aa958426f4a35d0428ba833ced0c6cc6042
286ee096d03d0f9e94833359780ff046c322ba1ea9be4a432a1ae6a89970ecb5
GET /app/checkout/assets/checkout/css/wcko.577957259b9178e25575.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Wed, 09 Nov 2022 21:41:51 GMT
x-rgw-object-type: Normal
etag: W/"2a31fcbf4eb69762b720ec1ef08544e0"
x-amz-request-id: tx00000000000002d0bf7b3-00636c1f88-c67eadd-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 19:31:27 GMT
via: 1.1 varnish
age: 251104
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668281488.842197,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22873
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/css/site.1212ec71ad4b7ff5f443.css
151.101.85.46200 OK 24 kB URL HTTP/2 cdn3.editmysite.com/app/website/css/site.1212ec71ad4b7ff5f443.css
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (64930), with no line terminators
Hash 95f18bd4635781a99daed1dd3de8adc1
ac08c18cc726deed47eb6b8f68ec3b5239a2fd91
ef25fa02ff6fba3fa3c90616e1ddbea7d9695867b40a81889074051552b7fff5
GET /app/website/css/site.1212ec71ad4b7ff5f443.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Wed, 09 Nov 2022 21:23:11 GMT
x-rgw-object-type: Normal
etag: W/"c22f38a806467cd0cdff32ec647019f0"
x-amz-request-id: tx00000000000002d07c203-00636c1aa2-c67eadd-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: a80e6919be55cb6d5160dc63fd6f209d3a8ccad7
x-request-id: 6a2fef8e459a38814de85e0dcfa36c62
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 19:31:27 GMT
via: 1.1 varnish
age: 252388
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668281488.841693,VS0,VE2
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23817
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/vue-modules.9bc3531c7b14b533b653.js
151.101.85.46200 OK 72 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/vue-modules.9bc3531c7b14b533b653.js
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (27432)
Hash f4b29141d74cfc31ae87b2379bf827c6
d3cecf2609cbc423e0a59e9cad96c96595fc550c
77ba93a6fbe46719dede0298898f4d896c073a42d0c093179615edf38f1fd0e5
GET /app/website/js/vue-modules.9bc3531c7b14b533b653.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Mon, 24 Oct 2022 20:40:22 GMT
x-rgw-object-type: Normal
etag: W/"be42f69ec175a01b6e195526f58dae71"
x-amz-request-id: tx00000000000002109ab7c-006356f891-c695612-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/vue-modules.9bc3531c7b14b533b653.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 1d15aad34e0d20a973977ec67b3bf5090814a6cf
x-request-id: f2d07942d6e3e48efaf38632576a5abf
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 19:31:27 GMT
via: 1.1 varnish
age: 838358
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668281488.848894,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 72192
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/runtime.781a48d4ef878d505a99.js
151.101.85.46200 OK 25 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/runtime.781a48d4ef878d505a99.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (51009)
Hash ae2558aec5a35c5c95b859787c0c1f00
b330cdeb6d184bff00037ecc9130a380f843b738
65662652bd1521683e0988d5480320653ac14d8fb7b0bb6acd6af9262c35408e
GET /app/website/js/runtime.781a48d4ef878d505a99.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 11 Nov 2022 17:00:53 GMT
x-rgw-object-type: Normal
etag: W/"f9812f245eef923a71c47e8bcfa00743"
x-amz-request-id: tx00000000000002f7789a1-00636e802f-c699baa-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/runtime.781a48d4ef878d505a99.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
x-request-id: 7b282ecbee4502ef08420109c2ee587f
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 19:31:27 GMT
via: 1.1 varnish
age: 95319
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668281488.848448,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24936
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/languages/en.d69f032602a9a8656bf8.js
151.101.85.46200 OK 151 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/languages/en.d69f032602a9a8656bf8.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 151 kB (151425 bytes)
Hash 614f055b0efefbf483b909e5dd20bd4b
2721e7fe99f743ec65a6782d0778e3a23cb17b5c
f602fdff3225656b0f2b2c829c952f284590b4fa25de447146a9208335a849ea
GET /app/website/js/languages/en.d69f032602a9a8656bf8.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Thu, 03 Nov 2022 23:25:35 GMT
x-rgw-object-type: Normal
etag: W/"88da55c6ac5b86a27462f8794b300ba2"
x-amz-request-id: tx0000000000000278488a3-0063644e55-c6aed46-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/languages/en.d69f032602a9a8656bf8.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 5b106465564fd8cfdc25e96fbccd2ff9dcb7a0ec
x-request-id: d06a245b8fc77a19a7522567339564c9
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 19:31:27 GMT
via: 1.1 varnish
age: 763236
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668281488.861544,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 151425
X-Firefox-Spdy: h2
consent.cookiebot.com/77a73a28-177d-4cee-96cb-bff1d0fcaafa/cc.js?renew=false&referer=www.thehairalcove.com&dnt=false&init=false
104.84.152.234200 OK 56 kB URL HTTP/2 consent.cookiebot.com/77a73a28-177d-4cee-96cb-bff1d0fcaafa/cc.js?renew=false&referer=www.thehairalcove.com&dnt=false&init=false
IP 104.84.152.234:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65499)
Hash 1562b8ef242e59804504b8223ed18c5f
752f74d75bbf38357ae9fadd6bbf3ab5b1ba096e
18ebe8a39eb1a4f3b2f0ddd565f8b827ab93764d004ff4e8bbebaf6b5531a1c9
GET /77a73a28-177d-4cee-96cb-bff1d0fcaafa/cc.js?renew=false&referer=www.thehairalcove.com&dnt=false&init=false HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=1200
content-type: application/x-javascript; charset=utf-8
content-encoding: gzip
last-modified: Sat, 12 Nov 2022 19:31:27 GMT
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 55488
date: Sat, 12 Nov 2022 19:31:27 GMT
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/imports.en.ea76aa6c63f36ff196a2a59dfe55769f.js
151.101.85.46200 OK 3.6 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/imports.en.ea76aa6c63f36ff196a2a59dfe55769f.js
IP 151.101.85.46:0
File type JSON data\012- , ASCII text, with very long lines (16751), with no line terminators
Hash f3c3a4e8875d6c2f9ffea217b4a59a1a
71843a18558caf7321e9a0d34b51da993b8dd159
a0c87a07799d8865256fe092a30e91ae5cd4dd70565872d1f6025523de0550c1
GET /app/checkout/assets/checkout/imports.en.ea76aa6c63f36ff196a2a59dfe55769f.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.thehairalcove.com/
Origin: https://www.thehairalcove.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Thu, 10 Nov 2022 22:33:48 GMT
x-rgw-object-type: Normal
etag: W/"ea76aa6c63f36ff196a2a59dfe55769f"
x-amz-request-id: tx00000000000002de012e9-00636d7ca5-c6aed46-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/imports.en.ea76aa6c63f36ff196a2a59dfe55769f.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 19:31:27 GMT
via: 1.1 varnish
age: 161763
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668281488.965296,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3555
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/locale-imports-map.be14e50d1628faa410488f65362a397d.json
151.101.85.46200 OK 325 B URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/locale-imports-map.be14e50d1628faa410488f65362a397d.json
IP 151.101.85.46:0
File type JSON data\012- , ASCII text, with very long lines (1611), with no line terminators
Hash be5c6eec9cf3e92f8df759e392e01209
e0bff726136f738e6a1fe3e991d9a64dcf46d23a
e630015425b5298e0f7db7e397850913ea94d317beba50978a9df8e8364334ae
GET /app/checkout/assets/checkout/locale-imports-map.be14e50d1628faa410488f65362a397d.json HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.thehairalcove.com/
Origin: https://www.thehairalcove.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json
last-modified: Mon, 07 Nov 2022 22:17:43 GMT
etag: W/"63698407-64b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 19:31:28 GMT
via: 1.1 varnish
age: 416055
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668281488.009762,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 325
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.20.226:0
Hash bae52e83c900189820db134363ebccbc
434fb3abfa05263206924a9b5cf44bcaba5c5424
a8000c281c94e4a120ef094b9d8cb21d3f2b0145761da5ea0547befea33916da
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 19:31:28 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "E2101A43FBCC053EBECCB919CCE44AE24204B3BD"
Expires: Sun, 13 Nov 2022 05:00:00 GMT
Last-Modified: Sat, 12 Nov 2022 17:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3151
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7691b0241ebeb4f9-OSL
consentcdn.cookiebot.com/sdk/bc-v4.min.html
104.110.3.72200 OK 392 B URL HTTP/2 consentcdn.cookiebot.com/sdk/bc-v4.min.html
IP 104.110.3.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (627), with no line terminators
Hash e7268eccad39bd651697fa793a52cc5c
47299cefa2397b0c1d0c5bf232390a5cf1bcc4d3
907e16c84d35556e4ed841a3511915e6d4bb4e9d68cfca178a740e90b4d80e35
GET /sdk/bc-v4.min.html HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=29771517
expires: Mon, 23 Oct 2023 09:23:25 GMT
date: Sat, 12 Nov 2022 19:31:28 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1
X-Firefox-Spdy: h2
consentcdn.cookiebot.com/consentconfig/77a73a28-177d-4cee-96cb-bff1d0fcaafa/thehairalcove.com/configuration.js
104.110.3.72200 OK 337 B URL HTTP/2 consentcdn.cookiebot.com/consentconfig/77a73a28-177d-4cee-96cb-bff1d0fcaafa/thehairalcove.com/configuration.js
IP 104.110.3.72:0
File type ASCII text, with very long lines (910), with no line terminators
Hash 94c204fbffb0936beacf3fae35ea6a40
7fb7f490e783b80582055ab7820c2a8b15c650a7
f861bf95cc461db67dce1b1663e4bc6aa4582f558863d04a94d429faab47fcaa
GET /consentconfig/77a73a28-177d-4cee-96cb-bff1d0fcaafa/thehairalcove.com/configuration.js HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "a7b838d1f8eb3fecbaa2ad526b8ba8e0:1666940505.178043"
last-modified: Fri, 28 Oct 2022 07:01:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86345
expires: Sun, 13 Nov 2022 19:30:33 GMT
date: Sat, 12 Nov 2022 19:31:28 GMT
content-length: 337
server-timing: cdn-cache; desc=HIT, edge; dur=378
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4052
Expires: Sat, 12 Nov 2022 20:39:00 GMT
Date: Sat, 12 Nov 2022 19:31:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4052
Expires: Sat, 12 Nov 2022 20:39:00 GMT
Date: Sat, 12 Nov 2022 19:31:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4052
Expires: Sat, 12 Nov 2022 20:39:00 GMT
Date: Sat, 12 Nov 2022 19:31:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4052
Expires: Sat, 12 Nov 2022 20:39:00 GMT
Date: Sat, 12 Nov 2022 19:31:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4052
Expires: Sat, 12 Nov 2022 20:39:00 GMT
Date: Sat, 12 Nov 2022 19:31:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash faa8e3cf2ab3c1d53a1735def5bb7476
ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f
e81a8fa312ec478871427f1d04ba7fe563573c683809153f75dec8df979d6efe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6577
x-amzn-requestid: b4587cfb-6041-453c-9e74-fa35ecd31448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMjIGHRoAMF26g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec147-29e7ec741b0e6f6f674aef75;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hsMmHIBEt_4cL455goPqDKQVQA75u4oGFbSxsGP_e_0uG7SZmSLBhQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:57 GMT
age: 77431
etag: "ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516f1bfefb1c1a737ea2441f85343b32
0cc22d7bf9092fb30f31e2ca8f242c197b891669
733824d4f6f7c5b54ce4e02ecaf152cfc1e10f3f6a801d7e2c55a02460e40087
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9012
x-amzn-requestid: 83eac9e7-5387-4e11-9769-182fa3f7fffb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNC6FxzoAMF80w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec212-5ca277b90a5a9a4c437edc1e;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PrJoEROPymrtc0egNlWRoOMjohiCo3zReD01qAHwByaSiXarfRS0XQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:43 GMT
age: 77445
etag: "0cc22d7bf9092fb30f31e2ca8f242c197b891669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85c6f450b38f41a2fb924d6d9a9cbff8
691f59b65ca9fde4f59bbf96b37071e07351f190
c8f877488a2cf65f0d9829384fd4113847722a1b4df94b6b1d5788699689722c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5583
x-amzn-requestid: e844f42a-e87e-4e61-8c97-137c07c5ae28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNeQ9Ho7IAMF5_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687739-62c44d2f7d23632e74895bd8;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:10:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uHlIN1IVGCFUVl5lx5pFSux0YncseT2HQjiwFDL9eaEaBa9CdnCl8g==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 04:50:44 GMT
age: 52844
etag: "691f59b65ca9fde4f59bbf96b37071e07351f190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbae1f7e5-4deb-446b-bef2-d4185563f449.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbae1f7e5-4deb-446b-bef2-d4185563f449.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43e4308988c320212eab6fb4d27c215e
2c2503ca7de1a0c9a4224131f9b0e4b990f7efcd
56efcb5d90ed224301384c850ec2f11317c2426fdc8ed6f88a211bbb75e6871e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbae1f7e5-4deb-446b-bef2-d4185563f449.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12578
x-amzn-requestid: 60fda47c-9518-4ab3-8f94-4e925f0b6773
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM8iHeHoAMFQFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1e9-62597e7b5c0f3b6b1e53bcce;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FSquX2GRcCI4_Onwfi5qm_oBKl5EvL1RZJO84zJgyoEr7tPVTMy9dQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:43:47 GMT
age: 78461
etag: "2c2503ca7de1a0c9a4224131f9b0e4b990f7efcd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38e32fc94c445ff47da5d2907e61e3a4
c76588ccaf97fdfd6e73833083200cb49a01a4af
e4e3947b2248206c9dacfd35ff5619ca3b3ae56a7bcd565d40ed048839ffa075
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5478
x-amzn-requestid: c06e47c6-da2a-4a70-af2a-c1268557b913
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM67FEEIAMF-pA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1df-0628d00244323ddf727e0b80;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3zeJU6wVmWDIbVDBlTYvTh8e78isxbmNC0GKWdKqdI5abbdERoyzpA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:13 GMT
age: 78375
etag: "c76588ccaf97fdfd6e73833083200cb49a01a4af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f09e254cd6f2e29b3bf198cc5d58a46f
fa34520e849bf746ff43aec3d28beb9e4be44f4d
2e29eace95fd8cb5b6d77df880d2044ecab4206cba47931c3a95e77c1b4e9d9a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8953
x-amzn-requestid: 2a2d20f4-3aa5-475e-8ec2-fc569766335e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhQGAhIAMFrjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-26dc0259793ec94814f3d41a;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: OKFzEoCVITStAPxYzhksarrlTkVeATx6AzBnEK32WLFaOeEIwLMu_Q==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
etag: "fa34520e849bf746ff43aec3d28beb9e4be44f4d"
content-type: image/jpeg
age: 78376
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
35.188.42.15200 OK 2 B URL HTTP/1.1 sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
IP 35.188.42.15:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.thehairalcove.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.thehairalcove.com
Content-Length: 429
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 19:31:28 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://www.thehairalcove.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 1
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
www.thehairalcove.com/static/icons/payment-methods/visa.svg
199.34.228.185200 OK 2.2 kB URL HTTP/1.1 www.thehairalcove.com/static/icons/payment-methods/visa.svg
IP 199.34.228.185:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1610)
Hash 98e2d557ac9311fbf6c47dcb9cb2c730
e58712545669ba118a42f2e47fcaaabd095cdc6c
0647e086fe11b0748687b68e25c9d2830b8fa08c4397c6c7c6e327d5e8e6c43d
Analyzer Verdict Alert quad9 Sinkholed
GET /static/icons/payment-methods/visa.svg HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IjBvRlF5WFg3V2t2ODhpdnh6QlhQaHc9PSIsInZhbHVlIjoicW9VS3hHNTk5NWEzSURkMXRHTXRTSUJJRVFmRGJCK1FCYjB3SW8wQkJ5ejJadEpnb29cLzNFMUQ5VVdUK3NST3I4VCtwREVhWVBqOVR6OUVRY2tqZ1orSlNWQkFDeVkwQkRGUzdoVm9Sait0SzhOelI5XC9kK2Vzd3c5MnRRK3M0TiIsIm1hYyI6ImRjZDkwOWNjOGQ4ODk0ZmM1YzJkODg5NGFlYTQ4ZDk3ZjVhNWIyNzdlOWIxMDg0ODFmMjc5OGNkMmI5Y2RhMGQifQ%3D%3D; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 19:31:28 GMT
Content-Type: image/svg+xml
Content-Length: 2247
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 21:25:04 GMT
x-rgw-object-type: Normal
ETag: "98e2d557ac9311fbf6c47dcb9cb2c730"
x-amz-request-id: tx0000000000000345db325-00631274b0-bfe36ba-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn153.sf2p.intern.weebly.net
X-Revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
X-Request-ID: 198e84dc0db61bcea8d74e3573c019d3
www.thehairalcove.com/static/icons/payment-methods/americanexpress.svg
199.34.228.185200 OK 1.2 kB URL HTTP/1.1 www.thehairalcove.com/static/icons/payment-methods/americanexpress.svg
IP 199.34.228.185:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (955)
Hash 2d510915ad1e47e7f6fa0a9ca6dfe7d2
a94981dcae88d70869bce16df350fbc0fbc0c138
52c75baa1c05af510c5017a200f40094bba37a6ccbb2fe5ce2542f331b812204
Analyzer Verdict Alert quad9 Sinkholed
GET /static/icons/payment-methods/americanexpress.svg HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IjBvRlF5WFg3V2t2ODhpdnh6QlhQaHc9PSIsInZhbHVlIjoicW9VS3hHNTk5NWEzSURkMXRHTXRTSUJJRVFmRGJCK1FCYjB3SW8wQkJ5ejJadEpnb29cLzNFMUQ5VVdUK3NST3I4VCtwREVhWVBqOVR6OUVRY2tqZ1orSlNWQkFDeVkwQkRGUzdoVm9Sait0SzhOelI5XC9kK2Vzd3c5MnRRK3M0TiIsIm1hYyI6ImRjZDkwOWNjOGQ4ODk0ZmM1YzJkODg5NGFlYTQ4ZDk3ZjVhNWIyNzdlOWIxMDg0ODFmMjc5OGNkMmI5Y2RhMGQifQ%3D%3D; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 19:31:29 GMT
Content-Type: image/svg+xml
Content-Length: 1206
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "2d510915ad1e47e7f6fa0a9ca6dfe7d2"
x-amz-request-id: tx000000000000001a5c254-00628473f6-b9fbc77-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn153.sf2p.intern.weebly.net
X-Revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
X-Request-ID: 555d00d274d782f7ecca93c229345a5d
www.thehairalcove.com/static/icons/payment-methods/mastercard.svg
199.34.228.185200 OK 1.7 kB URL HTTP/1.1 www.thehairalcove.com/static/icons/payment-methods/mastercard.svg
IP 199.34.228.185:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (424)
Hash 1448577966d9c16095880130e876db7a
ecfaef0be795af04cab2f95d7457721a35cf1742
0b6808d0e93f753a1036f42b52c1a2616662d1503f8d07234a98ee54d7a3dd1e
Analyzer Verdict Alert quad9 Sinkholed
GET /static/icons/payment-methods/mastercard.svg HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IjBvRlF5WFg3V2t2ODhpdnh6QlhQaHc9PSIsInZhbHVlIjoicW9VS3hHNTk5NWEzSURkMXRHTXRTSUJJRVFmRGJCK1FCYjB3SW8wQkJ5ejJadEpnb29cLzNFMUQ5VVdUK3NST3I4VCtwREVhWVBqOVR6OUVRY2tqZ1orSlNWQkFDeVkwQkRGUzdoVm9Sait0SzhOelI5XC9kK2Vzd3c5MnRRK3M0TiIsIm1hYyI6ImRjZDkwOWNjOGQ4ODk0ZmM1YzJkODg5NGFlYTQ4ZDk3ZjVhNWIyNzdlOWIxMDg0ODFmMjc5OGNkMmI5Y2RhMGQifQ%3D%3D; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 19:31:29 GMT
Content-Type: image/svg+xml
Content-Length: 1657
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:39 GMT
x-rgw-object-type: Normal
ETag: "1448577966d9c16095880130e876db7a"
x-amz-request-id: tx000000000000001af98c5-00628473f6-b9fbc29-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu50.sf2p.intern.weebly.net
X-Revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
X-Request-ID: 377d115957b47f9b1bf94c460831b12f
www.thehairalcove.com/app/website/cms/api/v1/users/143300550/customers/coordinates
199.34.228.185200 OK 70 B URL HTTP/1.1 www.thehairalcove.com/app/website/cms/api/v1/users/143300550/customers/coordinates
IP 199.34.228.185:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9752b06c768724a72741cf9388713596
3c05993fc47e53d1edaa9c03779565a7753f3a61
1d97b677c782c9ae57c8b4dcb6afd88a8068ea3cd133a00cf1050dfe0b4d835c
Analyzer Verdict Alert quad9 Sinkholed
GET /app/website/cms/api/v1/users/143300550/customers/coordinates HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IjBvRlF5WFg3V2t2ODhpdnh6QlhQaHc9PSIsInZhbHVlIjoicW9VS3hHNTk5NWEzSURkMXRHTXRTSUJJRVFmRGJCK1FCYjB3SW8wQkJ5ejJadEpnb29cLzNFMUQ5VVdUK3NST3I4VCtwREVhWVBqOVR6OUVRY2tqZ1orSlNWQkFDeVkwQkRGUzdoVm9Sait0SzhOelI5XC9kK2Vzd3c5MnRRK3M0TiIsIm1hYyI6ImRjZDkwOWNjOGQ4ODk0ZmM1YzJkODg5NGFlYTQ4ZDk3ZjVhNWIyNzdlOWIxMDg0ODFmMjc5OGNkMmI5Y2RhMGQifQ==
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IjBvRlF5WFg3V2t2ODhpdnh6QlhQaHc9PSIsInZhbHVlIjoicW9VS3hHNTk5NWEzSURkMXRHTXRTSUJJRVFmRGJCK1FCYjB3SW8wQkJ5ejJadEpnb29cLzNFMUQ5VVdUK3NST3I4VCtwREVhWVBqOVR6OUVRY2tqZ1orSlNWQkFDeVkwQkRGUzdoVm9Sait0SzhOelI5XC9kK2Vzd3c5MnRRK3M0TiIsIm1hYyI6ImRjZDkwOWNjOGQ4ODk0ZmM1YzJkODg5NGFlYTQ4ZDk3ZjVhNWIyNzdlOWIxMDg0ODFmMjc5OGNkMmI5Y2RhMGQifQ%3D%3D; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sat, 12 Nov 2022 19:31:29 GMT
Set-Cookie: websitespring-xsrf=eyJpdiI6IlJWMFhOcmFsQXp4eTYxXC92V2gzekJnPT0iLCJ2YWx1ZSI6Ilo2cm1GZ0pOb3hLSXQzaHVwWHlSa1FhUUhcLzVHUnppdWtKdlhpZmlXQ21Ub21NbGlOS1NQa3hXN2dQTjJZQitnaEdBMm9zNFlaT0ZQZWQ1SXNTTm1MREkyQnJXNTFcLzRUdEVEMkcwbElxYmFqUGxLUlhzbElRbDk1ejVreU5IeTgiLCJtYWMiOiJhNGI0YTRiY2U2MDFlOGEyNjc3NGIzMzJhNWJmZWMxMzQzZDg0OTk2YjQ3N2VkMDFkNjZhMzAwZjUxYTZkZDI2In0%3D; expires=Sat, 26-Nov-2022 19:31:29 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9; expires=Sat, 26-Nov-2022 19:31:29 GMT; Max-Age=1209600; path=/
X-Host: grn63.sf2p.intern.weebly.net
X-Revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
X-Request-ID: af98ae0127b6c135adeab233f69f4e6b
Content-Encoding: gzip
www.thehairalcove.com/static/icons/payment-methods/discover.svg
199.34.228.185200 OK 3.1 kB URL HTTP/1.1 www.thehairalcove.com/static/icons/payment-methods/discover.svg
IP 199.34.228.185:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2151)
Hash 9e274d45e1f0b4185bb742d876cee3f5
67405429005f54a1cfb1a27e27491d89814f9ede
a9e66fbb3fb33098304147be606afc2b8e8c8f745db8a83bb6b2d7a0a9a42abc
Analyzer Verdict Alert quad9 Sinkholed
GET /static/icons/payment-methods/discover.svg HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IjBvRlF5WFg3V2t2ODhpdnh6QlhQaHc9PSIsInZhbHVlIjoicW9VS3hHNTk5NWEzSURkMXRHTXRTSUJJRVFmRGJCK1FCYjB3SW8wQkJ5ejJadEpnb29cLzNFMUQ5VVdUK3NST3I4VCtwREVhWVBqOVR6OUVRY2tqZ1orSlNWQkFDeVkwQkRGUzdoVm9Sait0SzhOelI5XC9kK2Vzd3c5MnRRK3M0TiIsIm1hYyI6ImRjZDkwOWNjOGQ4ODk0ZmM1YzJkODg5NGFlYTQ4ZDk3ZjVhNWIyNzdlOWIxMDg0ODFmMjc5OGNkMmI5Y2RhMGQifQ%3D%3D; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 19:31:29 GMT
Content-Type: image/svg+xml
Content-Length: 3087
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "9e274d45e1f0b4185bb742d876cee3f5"
x-amz-request-id: tx000000000000001a887f9-00628473fd-b9fbc20-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn153.sf2p.intern.weebly.net
X-Revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
X-Request-ID: 96b18075c2ac74e5a71175b6b234e192
www.thehairalcove.com/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
199.34.228.185200 OK 201 B URL HTTP/1.1 www.thehairalcove.com/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
IP 199.34.228.185:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bbf985fd86ef8add09a38860a98def2f
2804fa968da1e1b8be4b6f150438e45f4150d3c0
236153652c6f09415db4ee8f8b9a98827da5987a001a136d94d87f401ef6f160
Analyzer Verdict Alert quad9 Sinkholed
POST /ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments] HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6IjBvRlF5WFg3V2t2ODhpdnh6QlhQaHc9PSIsInZhbHVlIjoicW9VS3hHNTk5NWEzSURkMXRHTXRTSUJJRVFmRGJCK1FCYjB3SW8wQkJ5ejJadEpnb29cLzNFMUQ5VVdUK3NST3I4VCtwREVhWVBqOVR6OUVRY2tqZ1orSlNWQkFDeVkwQkRGUzdoVm9Sait0SzhOelI5XC9kK2Vzd3c5MnRRK3M0TiIsIm1hYyI6ImRjZDkwOWNjOGQ4ODk0ZmM1YzJkODg5NGFlYTQ4ZDk3ZjVhNWIyNzdlOWIxMDg0ODFmMjc5OGNkMmI5Y2RhMGQifQ==
Content-Length: 83
Origin: https://www.thehairalcove.com
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IjBvRlF5WFg3V2t2ODhpdnh6QlhQaHc9PSIsInZhbHVlIjoicW9VS3hHNTk5NWEzSURkMXRHTXRTSUJJRVFmRGJCK1FCYjB3SW8wQkJ5ejJadEpnb29cLzNFMUQ5VVdUK3NST3I4VCtwREVhWVBqOVR6OUVRY2tqZ1orSlNWQkFDeVkwQkRGUzdoVm9Sait0SzhOelI5XC9kK2Vzd3c5MnRRK3M0TiIsIm1hYyI6ImRjZDkwOWNjOGQ4ODk0ZmM1YzJkODg5NGFlYTQ4ZDk3ZjVhNWIyNzdlOWIxMDg0ODFmMjc5OGNkMmI5Y2RhMGQifQ%3D%3D; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 19:31:29 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn72.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 201
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
www.thehairalcove.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
199.34.228.185200 OK 896 B URL HTTP/1.1 www.thehairalcove.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
IP 199.34.228.185:0
File type JSON data\012- , ASCII text, with very long lines (896), with no line terminators
Hash 9d3d2260c7c50fa6be277cc239484e7e
6aab72a95933d684ea9b2d034bde127124bcc79d
417c63d5e3640744a2ab01b79287da38a8f601133a4bdc36c1d65a145105f0ca
Analyzer Verdict Alert quad9 Sinkholed
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig] HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6IjBvRlF5WFg3V2t2ODhpdnh6QlhQaHc9PSIsInZhbHVlIjoicW9VS3hHNTk5NWEzSURkMXRHTXRTSUJJRVFmRGJCK1FCYjB3SW8wQkJ5ejJadEpnb29cLzNFMUQ5VVdUK3NST3I4VCtwREVhWVBqOVR6OUVRY2tqZ1orSlNWQkFDeVkwQkRGUzdoVm9Sait0SzhOelI5XC9kK2Vzd3c5MnRRK3M0TiIsIm1hYyI6ImRjZDkwOWNjOGQ4ODk0ZmM1YzJkODg5NGFlYTQ4ZDk3ZjVhNWIyNzdlOWIxMDg0ODFmMjc5OGNkMmI5Y2RhMGQifQ==
Content-Length: 78
Origin: https://www.thehairalcove.com
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IjBvRlF5WFg3V2t2ODhpdnh6QlhQaHc9PSIsInZhbHVlIjoicW9VS3hHNTk5NWEzSURkMXRHTXRTSUJJRVFmRGJCK1FCYjB3SW8wQkJ5ejJadEpnb29cLzNFMUQ5VVdUK3NST3I4VCtwREVhWVBqOVR6OUVRY2tqZ1orSlNWQkFDeVkwQkRGUzdoVm9Sait0SzhOelI5XC9kK2Vzd3c5MnRRK3M0TiIsIm1hYyI6ImRjZDkwOWNjOGQ4ODk0ZmM1YzJkODg5NGFlYTQ4ZDk3ZjVhNWIyNzdlOWIxMDg0ODFmMjc5OGNkMmI5Y2RhMGQifQ%3D%3D; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 19:31:29 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu129.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 896
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
www.thehairalcove.com/static/icons/payment-methods/cashapp.svg
199.34.228.185200 OK 1.4 kB URL HTTP/1.1 www.thehairalcove.com/static/icons/payment-methods/cashapp.svg
IP 199.34.228.185:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1143)
Hash 4d9798d0983422b1931dbfb934e04144
b70cb2e3822c77177ba56a351e309d5394263105
880d2b790069e44a5ac9b19ea84372fb6289a1cddae239a7aea7d948fd9faa3a
Analyzer Verdict Alert quad9 Sinkholed
GET /static/icons/payment-methods/cashapp.svg HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IjBvRlF5WFg3V2t2ODhpdnh6QlhQaHc9PSIsInZhbHVlIjoicW9VS3hHNTk5NWEzSURkMXRHTXRTSUJJRVFmRGJCK1FCYjB3SW8wQkJ5ejJadEpnb29cLzNFMUQ5VVdUK3NST3I4VCtwREVhWVBqOVR6OUVRY2tqZ1orSlNWQkFDeVkwQkRGUzdoVm9Sait0SzhOelI5XC9kK2Vzd3c5MnRRK3M0TiIsIm1hYyI6ImRjZDkwOWNjOGQ4ODk0ZmM1YzJkODg5NGFlYTQ4ZDk3ZjVhNWIyNzdlOWIxMDg0ODFmMjc5OGNkMmI5Y2RhMGQifQ%3D%3D; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 19:31:29 GMT
Content-Type: image/svg+xml
Content-Length: 1394
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "4d9798d0983422b1931dbfb934e04144"
x-amz-request-id: tx00000000000000db4bbcb-00629614bb-b9fbc63-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn63.sf2p.intern.weebly.net
X-Revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
X-Request-ID: 3429f3033fefff86406c47dd144fea76
www.thehairalcove.com/static/icons/payment-methods/jcb.svg
199.34.228.185200 OK 3.9 kB URL HTTP/1.1 www.thehairalcove.com/static/icons/payment-methods/jcb.svg
IP 199.34.228.185:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1131)
Hash 32a219b916e0f1667aa650f7f8536a7b
a464d7ae31f4996c69c95a11fb791b01e55ceba8
4e8f269a2bf9b6d132634125bfe865e6342103f4cbd7953951d16c3442a24216
Analyzer Verdict Alert quad9 Sinkholed
GET /static/icons/payment-methods/jcb.svg HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IjBvRlF5WFg3V2t2ODhpdnh6QlhQaHc9PSIsInZhbHVlIjoicW9VS3hHNTk5NWEzSURkMXRHTXRTSUJJRVFmRGJCK1FCYjB3SW8wQkJ5ejJadEpnb29cLzNFMUQ5VVdUK3NST3I4VCtwREVhWVBqOVR6OUVRY2tqZ1orSlNWQkFDeVkwQkRGUzdoVm9Sait0SzhOelI5XC9kK2Vzd3c5MnRRK3M0TiIsIm1hYyI6ImRjZDkwOWNjOGQ4ODk0ZmM1YzJkODg5NGFlYTQ4ZDk3ZjVhNWIyNzdlOWIxMDg0ODFmMjc5OGNkMmI5Y2RhMGQifQ%3D%3D; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 19:31:29 GMT
Content-Type: image/svg+xml
Content-Length: 3876
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:39 GMT
x-rgw-object-type: Normal
ETag: "32a219b916e0f1667aa650f7f8536a7b"
x-amz-request-id: tx000000000000001aa70da-00628473f9-b9fbc7f-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu50.sf2p.intern.weebly.net
X-Revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
X-Request-ID: 502d686adc2d024d27815b6278822c36
www.thehairalcove.com/app/square-sync/published/users/143300550/site/161760051151022629/appointments/locations
199.34.228.185200 OK 94 B URL HTTP/1.1 www.thehairalcove.com/app/square-sync/published/users/143300550/site/161760051151022629/appointments/locations
IP 199.34.228.185:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 755615903e469b0e41b2ff60c33d6b65
6b8e6ce59725b116d1f01c2172147c94265550d7
1cfde0bc9d3ec1fdb4b84166ccfdd4a2e47fabdd16c21230647044419b73a88a
Analyzer Verdict Alert quad9 Sinkholed
GET /app/square-sync/published/users/143300550/site/161760051151022629/appointments/locations HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IjBvRlF5WFg3V2t2ODhpdnh6QlhQaHc9PSIsInZhbHVlIjoicW9VS3hHNTk5NWEzSURkMXRHTXRTSUJJRVFmRGJCK1FCYjB3SW8wQkJ5ejJadEpnb29cLzNFMUQ5VVdUK3NST3I4VCtwREVhWVBqOVR6OUVRY2tqZ1orSlNWQkFDeVkwQkRGUzdoVm9Sait0SzhOelI5XC9kK2Vzd3c5MnRRK3M0TiIsIm1hYyI6ImRjZDkwOWNjOGQ4ODk0ZmM1YzJkODg5NGFlYTQ4ZDk3ZjVhNWIyNzdlOWIxMDg0ODFmMjc5OGNkMmI5Y2RhMGQifQ==
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IjBvRlF5WFg3V2t2ODhpdnh6QlhQaHc9PSIsInZhbHVlIjoicW9VS3hHNTk5NWEzSURkMXRHTXRTSUJJRVFmRGJCK1FCYjB3SW8wQkJ5ejJadEpnb29cLzNFMUQ5VVdUK3NST3I4VCtwREVhWVBqOVR6OUVRY2tqZ1orSlNWQkFDeVkwQkRGUzdoVm9Sait0SzhOelI5XC9kK2Vzd3c5MnRRK3M0TiIsIm1hYyI6ImRjZDkwOWNjOGQ4ODk0ZmM1YzJkODg5NGFlYTQ4ZDk3ZjVhNWIyNzdlOWIxMDg0ODFmMjc5OGNkMmI5Y2RhMGQifQ%3D%3D; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sat, 12 Nov 2022 19:31:29 GMT
Set-Cookie: square-sync-csrf=eyJpdiI6IjBxTFlpeldueng2ajF0eGhvU0xuVkE9PSIsInZhbHVlIjoiS2c2T2dHTmpkcmIzQlFJV3g4U0hleTd5UXFhdWdNSGljdDUraXlDNHgzdXJMZUNOY1R1K2lvMzBcLzI2NDdUQXFhd3NvQ0JMQ05mRzQweXdPdnhWZkJJeHdRVSs5TnFEOTVNa3JzSFdxcjc3TnZpUnRXOWdYa1ZUWjJ1NWxNOEFYIiwibWFjIjoiNTZhYWE4OWJkZmU0MzBjYmIyODkzOWU5NTlhMDRkOThjMzJlNTU5ZTFlZTBiZmRjMWJkNzdhNjA3OWY0NWNmNiJ9; expires=Sat, 12-Nov-2022 21:31:29 GMT; Max-Age=7200; path=/
square-sync_session=eyJpdiI6Imc3elwvQ1BCT3RaXC9LRk9VeWRzN2pNZz09IiwidmFsdWUiOiJjYnVjVEFiUUZudVE3VnFQU2M5Zm9BeURzdGhyRDIrRng3Yld6WmkxY2lxNUE4N0dKdXR2N3B3VVVTXC9YUTByMWtIdUVTbHFuMVNwZ0kzd3NUbWRKVER3MUhQcDB2TndDZjgyVGJHSm9DU2dCZEs0TkwxbHZ6bDJpTVZESG5QT1ciLCJtYWMiOiI4OTk3M2YyMGJkMjdhNzhmNTMzNDIzOWI1ODlhMmU2NjM2MTFmNWMxYTY1YWZhN2Y5NDk5YjVhZjRmYmQ3OWVjIn0%3D; expires=Sat, 12-Nov-2022 21:31:29 GMT; Max-Age=7200; path=/; httponly
X-Host: grn48.sf2p.intern.weebly.net
X-Revision: cf5ef737cdc969251865cb509e804e900a8256e5
X-Request-ID: 10b0d24983cfe8c160670005078b2a94
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 28c55dfd17f5da2f5fc88a68bef0ea4f
e6293078bfa9062c51423f1b221399fab94953c9
5753a816efa4abbbb41bba586601fd2db87ec83bf5ea28c60a56b66a4d4ac798
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=170192
Date: Sat, 12 Nov 2022 19:31:30 GMT
Etag: "636fdb22-1d7"
Expires: Mon, 14 Nov 2022 18:48:02 GMT
Last-Modified: Sat, 12 Nov 2022 17:42:58 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kjmnE6S4dVdtTAeYfctuez0nMNBtp8MMB_2nMXgWTyXv_PCnLOJpMQ==
Age: 3904
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 28c55dfd17f5da2f5fc88a68bef0ea4f
e6293078bfa9062c51423f1b221399fab94953c9
5753a816efa4abbbb41bba586601fd2db87ec83bf5ea28c60a56b66a4d4ac798
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=170346
Date: Sat, 12 Nov 2022 19:31:30 GMT
Etag: "636fdb22-1d7"
Expires: Mon, 14 Nov 2022 18:50:36 GMT
Last-Modified: Sat, 12 Nov 2022 17:42:58 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1jRZdV1gt8REDAVjwqvN6tWY-LkkEx5VnccXT4f7XNRHJdlfkHqvYQ==
Age: 4058
cdn5.editmysite.com/app/store/api/v23/editor/users/143300550/sites/161760051151022629/store-locations?page=1&per_page=100&include=address&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1
151.101.85.46200 OK 1.6 kB URL HTTP/2 cdn5.editmysite.com/app/store/api/v23/editor/users/143300550/sites/161760051151022629/store-locations?page=1&per_page=100&include=address&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1
IP 151.101.85.46:0
File type JSON data\012- , ASCII text, with very long lines (4626), with no line terminators
Hash 34080cf46dc923b3864d6e6a7d47bd89
cd6233f62b8dc3d1e5fffaab3543f18e369e06f8
f6fc891948af3d775a78ee09d5f363c4a94cddef85e965589b8581661f053b29
GET /app/store/api/v23/editor/users/143300550/sites/161760051151022629/store-locations?page=1&per_page=100&include=address&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1 HTTP/1.1
Host: cdn5.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.thehairalcove.com
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/json
cache-control: s-maxage=604800
etag: W/"0ed1238071476bc2e7487bdc482fbc03"
access-control-allow-methods: GET, HEAD
fullcache: m
x-revision: 750ddee8ddd5f3b61f4649ca8405eccad3ffdd2e
x-request-id: 44aae92a5f57ba30c5752b1e00ff936e
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Sat, 12 Nov 2022 19:31:30 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668281489.497125,VS0,VE594
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1616
X-Firefox-Spdy: h2
www.thehairalcove.com/uploads/b/22135660-3e14-11ed-8501-39f7e972f5bc/icon_180x180_ios_NjE5Nj.png?width=180
199.34.228.185200 OK 4.9 kB URL HTTP/1.1 www.thehairalcove.com/uploads/b/22135660-3e14-11ed-8501-39f7e972f5bc/icon_180x180_ios_NjE5Nj.png?width=180
IP 199.34.228.185:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 27686caa83ecbdd2c9110e56797a2717
f884469681dc8d429724de39531e01fd5d75fda0
fad48da0c3212db3122efffb16653f23ea572ddbec0cacd07799c65685e8b6f6
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/b/22135660-3e14-11ed-8501-39f7e972f5bc/icon_180x180_ios_NjE5Nj.png?width=180 HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D; websitespring-xsrf=eyJpdiI6IlJWMFhOcmFsQXp4eTYxXC92V2gzekJnPT0iLCJ2YWx1ZSI6Ilo2cm1GZ0pOb3hLSXQzaHVwWHlSa1FhUUhcLzVHUnppdWtKdlhpZmlXQ21Ub21NbGlOS1NQa3hXN2dQTjJZQitnaEdBMm9zNFlaT0ZQZWQ1SXNTTm1MREkyQnJXNTFcLzRUdEVEMkcwbElxYmFqUGxLUlhzbElRbDk1ejVreU5IeTgiLCJtYWMiOiJhNGI0YTRiY2U2MDFlOGEyNjc3NGIzMzJhNWJmZWMxMzQzZDg0OTk2YjQ3N2VkMDFkNjZhMzAwZjUxYTZkZDI2In0%3D; _snow_ses.f4d9=*; _snow_id.f4d9=fcfc75ba-743b-4a8d-a166-e96eb6946959.1668281489.1.1668281489.1668281489.e922023a-5b7f-47ab-b47e-b01ec306bb9d; square-sync-csrf=eyJpdiI6IjBxTFlpeldueng2ajF0eGhvU0xuVkE9PSIsInZhbHVlIjoiS2c2T2dHTmpkcmIzQlFJV3g4U0hleTd5UXFhdWdNSGljdDUraXlDNHgzdXJMZUNOY1R1K2lvMzBcLzI2NDdUQXFhd3NvQ0JMQ05mRzQweXdPdnhWZkJJeHdRVSs5TnFEOTVNa3JzSFdxcjc3TnZpUnRXOWdYa1ZUWjJ1NWxNOEFYIiwibWFjIjoiNTZhYWE4OWJkZmU0MzBjYmIyODkzOWU5NTlhMDRkOThjMzJlNTU5ZTFlZTBiZmRjMWJkNzdhNjA3OWY0NWNmNiJ9; square-sync_session=eyJpdiI6Imc3elwvQ1BCT3RaXC9LRk9VeWRzN2pNZz09IiwidmFsdWUiOiJjYnVjVEFiUUZudVE3VnFQU2M5Zm9BeURzdGhyRDIrRng3Yld6WmkxY2lxNUE4N0dKdXR2N3B3VVVTXC9YUTByMWtIdUVTbHFuMVNwZ0kzd3NUbWRKVER3MUhQcDB2TndDZjgyVGJHSm9DU2dCZEs0TkwxbHZ6bDJpTVZESG5QT1ciLCJtYWMiOiI4OTk3M2YyMGJkMjdhNzhmNTMzNDIzOWI1ODlhMmU2NjM2MTFmNWMxYTY1YWZhN2Y5NDk5YjVhZjRmYmQ3OWVjIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 19:31:30 GMT
Content-Type: image/webp
Content-Length: 4902
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "QNO5N1OyidrdtvfVltS6650BOzo80xWQTEjKT2JKb7U"
Fastly-Io-Info: ifsz=11686 idim=180x180 ifmt=png ofsz=4902 odim=180x180 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx00000000000003062b333-00636ff492-c699baa-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: z044c
X-Storage-Object: 044cf1c486f5614e6d1190d7d08aa6352d7452a0733d4fe4d6fd309711230335
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-sjc10074-SJC, cache-pao17461-PAO
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1668281490.027858,VS0,VE124
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu65.sf2p.intern.weebly.net
www.thehairalcove.com/square.ico
199.34.228.185200 OK 6.5 kB URL HTTP/1.1 www.thehairalcove.com/square.ico
IP 199.34.228.185:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash d810985ef4dc1c0bd5811e36d13c8ca3
2b45bb77c68c937af6a2d9854dc82301526473aa
770e0889aefd823056c7cdbb066a445be0f0754c1b4d4cba877e120fdbcb63e6
Analyzer Verdict Alert quad9 Sinkholed
GET /square.ico HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D; websitespring-xsrf=eyJpdiI6IlJWMFhOcmFsQXp4eTYxXC92V2gzekJnPT0iLCJ2YWx1ZSI6Ilo2cm1GZ0pOb3hLSXQzaHVwWHlSa1FhUUhcLzVHUnppdWtKdlhpZmlXQ21Ub21NbGlOS1NQa3hXN2dQTjJZQitnaEdBMm9zNFlaT0ZQZWQ1SXNTTm1MREkyQnJXNTFcLzRUdEVEMkcwbElxYmFqUGxLUlhzbElRbDk1ejVreU5IeTgiLCJtYWMiOiJhNGI0YTRiY2U2MDFlOGEyNjc3NGIzMzJhNWJmZWMxMzQzZDg0OTk2YjQ3N2VkMDFkNjZhMzAwZjUxYTZkZDI2In0%3D; _snow_ses.f4d9=*; _snow_id.f4d9=fcfc75ba-743b-4a8d-a166-e96eb6946959.1668281489.1.1668281489.1668281489.e922023a-5b7f-47ab-b47e-b01ec306bb9d; square-sync-csrf=eyJpdiI6IjBxTFlpeldueng2ajF0eGhvU0xuVkE9PSIsInZhbHVlIjoiS2c2T2dHTmpkcmIzQlFJV3g4U0hleTd5UXFhdWdNSGljdDUraXlDNHgzdXJMZUNOY1R1K2lvMzBcLzI2NDdUQXFhd3NvQ0JMQ05mRzQweXdPdnhWZkJJeHdRVSs5TnFEOTVNa3JzSFdxcjc3TnZpUnRXOWdYa1ZUWjJ1NWxNOEFYIiwibWFjIjoiNTZhYWE4OWJkZmU0MzBjYmIyODkzOWU5NTlhMDRkOThjMzJlNTU5ZTFlZTBiZmRjMWJkNzdhNjA3OWY0NWNmNiJ9; square-sync_session=eyJpdiI6Imc3elwvQ1BCT3RaXC9LRk9VeWRzN2pNZz09IiwidmFsdWUiOiJjYnVjVEFiUUZudVE3VnFQU2M5Zm9BeURzdGhyRDIrRng3Yld6WmkxY2lxNUE4N0dKdXR2N3B3VVVTXC9YUTByMWtIdUVTbHFuMVNwZ0kzd3NUbWRKVER3MUhQcDB2TndDZjgyVGJHSm9DU2dCZEs0TkwxbHZ6bDJpTVZESG5QT1ciLCJtYWMiOiI4OTk3M2YyMGJkMjdhNzhmNTMzNDIzOWI1ODlhMmU2NjM2MTFmNWMxYTY1YWZhN2Y5NDk5YjVhZjRmYmQ3OWVjIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 19:31:30 GMT
Content-Type: image/x-icon
Content-Length: 6518
Connection: keep-alive
Last-Modified: Tue, 02 Apr 2019 14:51:59 GMT
x-rgw-object-type: Normal
ETag: "d810985ef4dc1c0bd5811e36d13c8ca3"
x-amz-request-id: tx000000000000001ae6532-00628473fc-b9fbc63-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu50.sf2p.intern.weebly.net
X-Revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
X-Request-ID: ffc4873f4137fc33e1b6ff34c336a8c2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.thehairalcove.com/
Origin: https://www.thehairalcove.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:31:30 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.thehairalcove.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 2020
Origin: https://www.thehairalcove.com
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:31:30 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=c0e45dc6-b37b-442d-832c-8fb4ec86bf76; Expires=Sun, 12 Nov 2023 19:31:30 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.thehairalcove.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.thehairalcove.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
199.34.228.185200 OK 182 B URL HTTP/1.1 www.thehairalcove.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
IP 199.34.228.185:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6f6b6b81dd3714cd388808342e960a10
f34bc92a2c7a4dfe56bd6f069ad601e6a61e3b61
2eb22bb7b96aaee11236fcf99e822ede29d3a2ddf2d6f019bb70005b5a1540ef
Analyzer Verdict Alert quad9 Sinkholed
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder] HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9
Content-Length: 89
Origin: https://www.thehairalcove.com
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D; websitespring-xsrf=eyJpdiI6IlJWMFhOcmFsQXp4eTYxXC92V2gzekJnPT0iLCJ2YWx1ZSI6Ilo2cm1GZ0pOb3hLSXQzaHVwWHlSa1FhUUhcLzVHUnppdWtKdlhpZmlXQ21Ub21NbGlOS1NQa3hXN2dQTjJZQitnaEdBMm9zNFlaT0ZQZWQ1SXNTTm1MREkyQnJXNTFcLzRUdEVEMkcwbElxYmFqUGxLUlhzbElRbDk1ejVreU5IeTgiLCJtYWMiOiJhNGI0YTRiY2U2MDFlOGEyNjc3NGIzMzJhNWJmZWMxMzQzZDg0OTk2YjQ3N2VkMDFkNjZhMzAwZjUxYTZkZDI2In0%3D; _snow_ses.f4d9=*; _snow_id.f4d9=fcfc75ba-743b-4a8d-a166-e96eb6946959.1668281489.1.1668281489.1668281489.e922023a-5b7f-47ab-b47e-b01ec306bb9d; square-sync-csrf=eyJpdiI6IjBxTFlpeldueng2ajF0eGhvU0xuVkE9PSIsInZhbHVlIjoiS2c2T2dHTmpkcmIzQlFJV3g4U0hleTd5UXFhdWdNSGljdDUraXlDNHgzdXJMZUNOY1R1K2lvMzBcLzI2NDdUQXFhd3NvQ0JMQ05mRzQweXdPdnhWZkJJeHdRVSs5TnFEOTVNa3JzSFdxcjc3TnZpUnRXOWdYa1ZUWjJ1NWxNOEFYIiwibWFjIjoiNTZhYWE4OWJkZmU0MzBjYmIyODkzOWU5NTlhMDRkOThjMzJlNTU5ZTFlZTBiZmRjMWJkNzdhNjA3OWY0NWNmNiJ9; square-sync_session=eyJpdiI6Imc3elwvQ1BCT3RaXC9LRk9VeWRzN2pNZz09IiwidmFsdWUiOiJjYnVjVEFiUUZudVE3VnFQU2M5Zm9BeURzdGhyRDIrRng3Yld6WmkxY2lxNUE4N0dKdXR2N3B3VVVTXC9YUTByMWtIdUVTbHFuMVNwZ0kzd3NUbWRKVER3MUhQcDB2TndDZjgyVGJHSm9DU2dCZEs0TkwxbHZ6bDJpTVZESG5QT1ciLCJtYWMiOiI4OTk3M2YyMGJkMjdhNzhmNTMzNDIzOWI1ODlhMmU2NjM2MTFmNWMxYTY1YWZhN2Y5NDk5YjVhZjRmYmQ3OWVjIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 19:31:30 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn120.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 182
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
www.thehairalcove.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
199.34.228.185200 OK 79 B URL HTTP/1.1 www.thehairalcove.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
IP 199.34.228.185:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 26e70d9925604cbe0c7e866fc54d87f4
ef5b3fb91cf2534cbf57806d14b21f0a5ae5c259
c0e7b562566962eced45cdf3319b692c55f3df7c3c6d39436a9d21bae2d2e049
Analyzer Verdict Alert quad9 Sinkholed
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable] HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9
Content-Length: 77
Origin: https://www.thehairalcove.com
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D; websitespring-xsrf=eyJpdiI6IlJWMFhOcmFsQXp4eTYxXC92V2gzekJnPT0iLCJ2YWx1ZSI6Ilo2cm1GZ0pOb3hLSXQzaHVwWHlSa1FhUUhcLzVHUnppdWtKdlhpZmlXQ21Ub21NbGlOS1NQa3hXN2dQTjJZQitnaEdBMm9zNFlaT0ZQZWQ1SXNTTm1MREkyQnJXNTFcLzRUdEVEMkcwbElxYmFqUGxLUlhzbElRbDk1ejVreU5IeTgiLCJtYWMiOiJhNGI0YTRiY2U2MDFlOGEyNjc3NGIzMzJhNWJmZWMxMzQzZDg0OTk2YjQ3N2VkMDFkNjZhMzAwZjUxYTZkZDI2In0%3D; _snow_ses.f4d9=*; _snow_id.f4d9=fcfc75ba-743b-4a8d-a166-e96eb6946959.1668281489.1.1668281489.1668281489.e922023a-5b7f-47ab-b47e-b01ec306bb9d; square-sync-csrf=eyJpdiI6IjBxTFlpeldueng2ajF0eGhvU0xuVkE9PSIsInZhbHVlIjoiS2c2T2dHTmpkcmIzQlFJV3g4U0hleTd5UXFhdWdNSGljdDUraXlDNHgzdXJMZUNOY1R1K2lvMzBcLzI2NDdUQXFhd3NvQ0JMQ05mRzQweXdPdnhWZkJJeHdRVSs5TnFEOTVNa3JzSFdxcjc3TnZpUnRXOWdYa1ZUWjJ1NWxNOEFYIiwibWFjIjoiNTZhYWE4OWJkZmU0MzBjYmIyODkzOWU5NTlhMDRkOThjMzJlNTU5ZTFlZTBiZmRjMWJkNzdhNjA3OWY0NWNmNiJ9; square-sync_session=eyJpdiI6Imc3elwvQ1BCT3RaXC9LRk9VeWRzN2pNZz09IiwidmFsdWUiOiJjYnVjVEFiUUZudVE3VnFQU2M5Zm9BeURzdGhyRDIrRng3Yld6WmkxY2lxNUE4N0dKdXR2N3B3VVVTXC9YUTByMWtIdUVTbHFuMVNwZ0kzd3NUbWRKVER3MUhQcDB2TndDZjgyVGJHSm9DU2dCZEs0TkwxbHZ6bDJpTVZESG5QT1ciLCJtYWMiOiI4OTk3M2YyMGJkMjdhNzhmNTMzNDIzOWI1ODlhMmU2NjM2MTFmNWMxYTY1YWZhN2Y5NDk5YjVhZjRmYmQ3OWVjIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 19:31:30 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn141.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 79
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1839
Origin: https://www.thehairalcove.com
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: sp=c0e45dc6-b37b-442d-832c-8fb4ec86bf76
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:31:30 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=c0e45dc6-b37b-442d-832c-8fb4ec86bf76; Expires=Sun, 12 Nov 2023 19:31:30 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.thehairalcove.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
images.unsplash.com/photo-1507494924047-60b8ee826ca9?width=1600&height=430&fit=cover&dpr=1
151.101.86.208200 OK 51 kB URL HTTP/2 images.unsplash.com/photo-1507494924047-60b8ee826ca9?width=1600&height=430&fit=cover&dpr=1
IP 151.101.86.208:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 573x430, components 3\012- data
Hash d147ff5525fc7356f5834601623bb6e2
6603904707bef699bfeada7102ec7a8d35e1459f
bf9c46e1e0138576f059963af2487737e87de481ad581aaeba2203c28dfbcc6a
GET /photo-1507494924047-60b8ee826ca9?width=1600&height=430&fit=cover&dpr=1 HTTP/1.1
Host: images.unsplash.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3.editmysite.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 25 Oct 2022 13:19:10 GMT
cache-control: public, max-age=315360000
server: imgix
x-imgix-id: 4d3dd09ba679d8ff6a4ff4f040a5fdd38daf0565
x-imgix-render-farm: 01.592
date: Sat, 12 Nov 2022 19:31:30 GMT
age: 1577541
accept-ranges: bytes
set-cookie: ugid=6461806687ff9dd048a40b6b7dfa094e5560938;domain=.unsplash.com;path=/;expires=Sun, 12 Nov 2023 19:31:30 GMT;SameSite=None;Secure
content-type: image/jpeg
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10030-SJC, cache-bma1639-BMA
x-cache: HIT, MISS
content-length: 50625
X-Firefox-Spdy: h2
www.thehairalcove.com/uploads/b/8558214dfa61d514f9ef92a8c62812f6347a9e227ba7db5ef1cd8fc1a2637c77/23FEF3FA-A6FA-43D4-8AE7-F684E1E72AA0_1666052236.jpeg?width=400
199.34.228.185200 OK 9.0 kB URL HTTP/1.1 www.thehairalcove.com/uploads/b/8558214dfa61d514f9ef92a8c62812f6347a9e227ba7db5ef1cd8fc1a2637c77/23FEF3FA-A6FA-43D4-8AE7-F684E1E72AA0_1666052236.jpeg?width=400
IP 199.34.228.185:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x402, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6ca7a6428552a67380a6e33d2e422d6e
53b5798a604edbb098d2a46a666326fcecd59c6c
463822976ebf135fe2e46efeedb1c8534513650b7d83cc098f2080b38e721fca
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/b/8558214dfa61d514f9ef92a8c62812f6347a9e227ba7db5ef1cd8fc1a2637c77/23FEF3FA-A6FA-43D4-8AE7-F684E1E72AA0_1666052236.jpeg?width=400 HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D; websitespring-xsrf=eyJpdiI6IlJWMFhOcmFsQXp4eTYxXC92V2gzekJnPT0iLCJ2YWx1ZSI6Ilo2cm1GZ0pOb3hLSXQzaHVwWHlSa1FhUUhcLzVHUnppdWtKdlhpZmlXQ21Ub21NbGlOS1NQa3hXN2dQTjJZQitnaEdBMm9zNFlaT0ZQZWQ1SXNTTm1MREkyQnJXNTFcLzRUdEVEMkcwbElxYmFqUGxLUlhzbElRbDk1ejVreU5IeTgiLCJtYWMiOiJhNGI0YTRiY2U2MDFlOGEyNjc3NGIzMzJhNWJmZWMxMzQzZDg0OTk2YjQ3N2VkMDFkNjZhMzAwZjUxYTZkZDI2In0%3D; _snow_ses.f4d9=*; _snow_id.f4d9=fcfc75ba-743b-4a8d-a166-e96eb6946959.1668281489.1.1668281489.1668281489.e922023a-5b7f-47ab-b47e-b01ec306bb9d; square-sync-csrf=eyJpdiI6IjBxTFlpeldueng2ajF0eGhvU0xuVkE9PSIsInZhbHVlIjoiS2c2T2dHTmpkcmIzQlFJV3g4U0hleTd5UXFhdWdNSGljdDUraXlDNHgzdXJMZUNOY1R1K2lvMzBcLzI2NDdUQXFhd3NvQ0JMQ05mRzQweXdPdnhWZkJJeHdRVSs5TnFEOTVNa3JzSFdxcjc3TnZpUnRXOWdYa1ZUWjJ1NWxNOEFYIiwibWFjIjoiNTZhYWE4OWJkZmU0MzBjYmIyODkzOWU5NTlhMDRkOThjMzJlNTU5ZTFlZTBiZmRjMWJkNzdhNjA3OWY0NWNmNiJ9; square-sync_session=eyJpdiI6Imc3elwvQ1BCT3RaXC9LRk9VeWRzN2pNZz09IiwidmFsdWUiOiJjYnVjVEFiUUZudVE3VnFQU2M5Zm9BeURzdGhyRDIrRng3Yld6WmkxY2lxNUE4N0dKdXR2N3B3VVVTXC9YUTByMWtIdUVTbHFuMVNwZ0kzd3NUbWRKVER3MUhQcDB2TndDZjgyVGJHSm9DU2dCZEs0TkwxbHZ6bDJpTVZESG5QT1ciLCJtYWMiOiI4OTk3M2YyMGJkMjdhNzhmNTMzNDIzOWI1ODlhMmU2NjM2MTFmNWMxYTY1YWZhN2Y5NDk5YjVhZjRmYmQ3OWVjIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 19:31:30 GMT
Content-Type: image/webp
Content-Length: 8964
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "2pWPQKTvthGiC/dMOJbYmLYb+NiqQ/+9MAz/jj4b5F8"
Fastly-Io-Info: ifsz=185096 idim=988x993 ifmt=jpeg ofsz=8964 odim=400x402 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx0000000000000304ef125-00636ff492-c696eea-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: z45c6
X-Storage-Object: 45c6bfcbe965d82a1462db0354e9adb67919c95dffb9ce34cc2e014b98608340
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-sjc10057-SJC, cache-pao17459-PAO
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1668281491.834439,VS0,VE90
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn44.sf2p.intern.weebly.net
www.thehairalcove.com/app/square-sync/published/users/143300550/site/161760051151022629/appointments/classes-profile
199.34.228.185200 OK 84 B URL HTTP/1.1 www.thehairalcove.com/app/square-sync/published/users/143300550/site/161760051151022629/appointments/classes-profile
IP 199.34.228.185:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0fac585468dd3168b02c10cdc67bb402
dfe5599eb70e48a91903067b972a7121f858bb56
ff3603b07bee8e232f13585ad64971ee41cf52407a1323ba4fefbc0eefe6c3b6
Analyzer Verdict Alert quad9 Sinkholed
GET /app/square-sync/published/users/143300550/site/161760051151022629/appointments/classes-profile HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D; websitespring-xsrf=eyJpdiI6IlJWMFhOcmFsQXp4eTYxXC92V2gzekJnPT0iLCJ2YWx1ZSI6Ilo2cm1GZ0pOb3hLSXQzaHVwWHlSa1FhUUhcLzVHUnppdWtKdlhpZmlXQ21Ub21NbGlOS1NQa3hXN2dQTjJZQitnaEdBMm9zNFlaT0ZQZWQ1SXNTTm1MREkyQnJXNTFcLzRUdEVEMkcwbElxYmFqUGxLUlhzbElRbDk1ejVreU5IeTgiLCJtYWMiOiJhNGI0YTRiY2U2MDFlOGEyNjc3NGIzMzJhNWJmZWMxMzQzZDg0OTk2YjQ3N2VkMDFkNjZhMzAwZjUxYTZkZDI2In0%3D; _snow_ses.f4d9=*; _snow_id.f4d9=fcfc75ba-743b-4a8d-a166-e96eb6946959.1668281489.1.1668281489.1668281489.e922023a-5b7f-47ab-b47e-b01ec306bb9d; square-sync-csrf=eyJpdiI6IjBxTFlpeldueng2ajF0eGhvU0xuVkE9PSIsInZhbHVlIjoiS2c2T2dHTmpkcmIzQlFJV3g4U0hleTd5UXFhdWdNSGljdDUraXlDNHgzdXJMZUNOY1R1K2lvMzBcLzI2NDdUQXFhd3NvQ0JMQ05mRzQweXdPdnhWZkJJeHdRVSs5TnFEOTVNa3JzSFdxcjc3TnZpUnRXOWdYa1ZUWjJ1NWxNOEFYIiwibWFjIjoiNTZhYWE4OWJkZmU0MzBjYmIyODkzOWU5NTlhMDRkOThjMzJlNTU5ZTFlZTBiZmRjMWJkNzdhNjA3OWY0NWNmNiJ9; square-sync_session=eyJpdiI6Imc3elwvQ1BCT3RaXC9LRk9VeWRzN2pNZz09IiwidmFsdWUiOiJjYnVjVEFiUUZudVE3VnFQU2M5Zm9BeURzdGhyRDIrRng3Yld6WmkxY2lxNUE4N0dKdXR2N3B3VVVTXC9YUTByMWtIdUVTbHFuMVNwZ0kzd3NUbWRKVER3MUhQcDB2TndDZjgyVGJHSm9DU2dCZEs0TkwxbHZ6bDJpTVZESG5QT1ciLCJtYWMiOiI4OTk3M2YyMGJkMjdhNzhmNTMzNDIzOWI1ODlhMmU2NjM2MTFmNWMxYTY1YWZhN2Y5NDk5YjVhZjRmYmQ3OWVjIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sat, 12 Nov 2022 19:31:31 GMT
Set-Cookie: square-sync-csrf=eyJpdiI6IjVGa1ZIaXZBVXVKdUNrNmZpVzdxamc9PSIsInZhbHVlIjoiQWhiQTl1ejhXUTlpYVcrV20xb3JKSmxDb1lkNjlyNGtoeWtZYWJFUHlENW5JeFhTQzhRTTE1VlwvTGZ2K3phYjFHWmlqTWhMOHVxdzJcLzhrREtnWmdJUlNoRHE3VFNcL0dKRHJSZTdkWk03TkpTXC9HMDR2SWVmTEVvQWk5UkhJdzlPIiwibWFjIjoiM2UzMDg0N2RjZTU1NGQzNTgwOTAzZmFkMTY0ZmU1ZDIwYmVkYTg5MjExZDk0ZmM4ZmVlYzJlMWRmZGJkMWRjYiJ9; expires=Sat, 12-Nov-2022 21:31:31 GMT; Max-Age=7200; path=/
square-sync_session=eyJpdiI6IlRmaFdGVWpGKzVzdjhiUWN1OWluamc9PSIsInZhbHVlIjoidXFsV2dhcTlPdEdrXC9YZ2VXbjA3NmZpSnpaTVcwUHlPQ2R1NUx4aGpZODZUTXMrblwvc3dKYXhNczI5R3RQUVM1V3crS2pKeGdiRlRIMnZqNHVNQXIxc3FQRDhuWGVcL1pnZVN0WHArXC8ycUxINVwvdkVENVl5QnVySDBCZE9XU0d6RiIsIm1hYyI6Ijc5NzU3ZDY1NjViODMyMTY3MjI4YzExN2ZiMDZmODQ0ZTczYjA3ZjI2MDRhNjhmYzBiMTVkNTc3MTgwMWNkODQifQ%3D%3D; expires=Sat, 12-Nov-2022 21:31:31 GMT; Max-Age=7200; path=/; httponly
X-Host: grn48.sf2p.intern.weebly.net
X-Revision: cf5ef737cdc969251865cb509e804e900a8256e5
X-Request-ID: f3e56b354b73a215ade0775dccf8ade5
Content-Encoding: gzip
www.thehairalcove.com/app/square-sync/published/users/143300550/site/161760051151022629/appointments/staff-members/11ed3e1416bcc25ea9c1ac1f6bbbd01e
199.34.228.185200 OK 219 B URL HTTP/1.1 www.thehairalcove.com/app/square-sync/published/users/143300550/site/161760051151022629/appointments/staff-members/11ed3e1416bcc25ea9c1ac1f6bbbd01e
IP 199.34.228.185:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2bbaf00f1636c114e3f408b25fd8c57f
c811fcc1a5f3818861551d2e6bd37d2b5d99f0b7
42053367877dec1e540bd6d80abdd15a83fdc27bfb332e7b1f2c72508db7f438
Analyzer Verdict Alert quad9 Sinkholed
GET /app/square-sync/published/users/143300550/site/161760051151022629/appointments/staff-members/11ed3e1416bcc25ea9c1ac1f6bbbd01e HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D; websitespring-xsrf=eyJpdiI6IlJWMFhOcmFsQXp4eTYxXC92V2gzekJnPT0iLCJ2YWx1ZSI6Ilo2cm1GZ0pOb3hLSXQzaHVwWHlSa1FhUUhcLzVHUnppdWtKdlhpZmlXQ21Ub21NbGlOS1NQa3hXN2dQTjJZQitnaEdBMm9zNFlaT0ZQZWQ1SXNTTm1MREkyQnJXNTFcLzRUdEVEMkcwbElxYmFqUGxLUlhzbElRbDk1ejVreU5IeTgiLCJtYWMiOiJhNGI0YTRiY2U2MDFlOGEyNjc3NGIzMzJhNWJmZWMxMzQzZDg0OTk2YjQ3N2VkMDFkNjZhMzAwZjUxYTZkZDI2In0%3D; _snow_ses.f4d9=*; _snow_id.f4d9=fcfc75ba-743b-4a8d-a166-e96eb6946959.1668281489.1.1668281489.1668281489.e922023a-5b7f-47ab-b47e-b01ec306bb9d; square-sync-csrf=eyJpdiI6IjBxTFlpeldueng2ajF0eGhvU0xuVkE9PSIsInZhbHVlIjoiS2c2T2dHTmpkcmIzQlFJV3g4U0hleTd5UXFhdWdNSGljdDUraXlDNHgzdXJMZUNOY1R1K2lvMzBcLzI2NDdUQXFhd3NvQ0JMQ05mRzQweXdPdnhWZkJJeHdRVSs5TnFEOTVNa3JzSFdxcjc3TnZpUnRXOWdYa1ZUWjJ1NWxNOEFYIiwibWFjIjoiNTZhYWE4OWJkZmU0MzBjYmIyODkzOWU5NTlhMDRkOThjMzJlNTU5ZTFlZTBiZmRjMWJkNzdhNjA3OWY0NWNmNiJ9; square-sync_session=eyJpdiI6Imc3elwvQ1BCT3RaXC9LRk9VeWRzN2pNZz09IiwidmFsdWUiOiJjYnVjVEFiUUZudVE3VnFQU2M5Zm9BeURzdGhyRDIrRng3Yld6WmkxY2lxNUE4N0dKdXR2N3B3VVVTXC9YUTByMWtIdUVTbHFuMVNwZ0kzd3NUbWRKVER3MUhQcDB2TndDZjgyVGJHSm9DU2dCZEs0TkwxbHZ6bDJpTVZESG5QT1ciLCJtYWMiOiI4OTk3M2YyMGJkMjdhNzhmNTMzNDIzOWI1ODlhMmU2NjM2MTFmNWMxYTY1YWZhN2Y5NDk5YjVhZjRmYmQ3OWVjIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sat, 12 Nov 2022 19:31:31 GMT
Set-Cookie: square-sync-csrf=eyJpdiI6InFPajNpVHJ5VmJ2dDhQKzBtZXJ2T2c9PSIsInZhbHVlIjoiRjJLT0QyRFpCQnVVbGorakxSaHpGdTNcLzdiYzFvSCtFUEdoYXhRc3JZTTZIMGR2bTFPbEJrYnFzS0FmQmhpcEtCWnlTb0tUYXNrREVYK2JlMERVcE9YbnZmUktuYzAyZVNXaWtBQUlVdUljWXJTNjFmaUdNV05nZFEyMTRPMVZJIiwibWFjIjoiYzJlODYwNDlhMzdmODY5NGYxMzRiZWFkYjdkZjVlM2FmZGIzZDM4MGRmM2M5NGUwNjkwOGIwYjI1MzIxZTk2NCJ9; expires=Sat, 12-Nov-2022 21:31:31 GMT; Max-Age=7200; path=/
square-sync_session=eyJpdiI6ImNWSHJySlJtOFZVaVA0aEZQeEJUQ0E9PSIsInZhbHVlIjoiZExzZGtOM3NGcE4rdFlWNFwveFdHUkRDbjNiSXp3YVREYlZtSms1YUJFNUVOR25VN1hORTRkK1N6emI1Snp5WUd1a2tsclhndERjYVJcL2N1R1VTNWk2RkpKSnZVS0hWZmY0Q1BtMEpIbXFOUWtLOEhRMkFpcFB4ZDczdzljaWsyQSIsIm1hYyI6IjU2OTY4OWE3NGExMjhhMzNjMGNlZTllZTc2ZDFmOGQxYTc0ZTljNTY2ZmU5NGYwYjVkM2M1ODA4MDZiMDRlMWUifQ%3D%3D; expires=Sat, 12-Nov-2022 21:31:31 GMT; Max-Age=7200; path=/; httponly
X-Host: blu147.sf2p.intern.weebly.net
X-Revision: cf5ef737cdc969251865cb509e804e900a8256e5
X-Request-ID: 66b915edd6931e12c365a5c99d95d138
Content-Encoding: gzip
www.thehairalcove.com/app/square-sync/published/users/143300550/site/161760051151022629/appointments/business-booking-profile
199.34.228.185200 OK 423 B URL HTTP/1.1 www.thehairalcove.com/app/square-sync/published/users/143300550/site/161760051151022629/appointments/business-booking-profile
IP 199.34.228.185:0
File type JSON data\012- , ASCII text, with very long lines (719), with no line terminators
Hash fab5c2f1bd2c87c52c04239f14023a89
4895d9e806a335a078ccd0c69fd9f4d96bdb3dc8
207b47bc019686d1a68982f6eaa311b343d2338048d795ab695a69e3caeaaf96
Analyzer Verdict Alert quad9 Sinkholed
GET /app/square-sync/published/users/143300550/site/161760051151022629/appointments/business-booking-profile HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D; websitespring-xsrf=eyJpdiI6IlJWMFhOcmFsQXp4eTYxXC92V2gzekJnPT0iLCJ2YWx1ZSI6Ilo2cm1GZ0pOb3hLSXQzaHVwWHlSa1FhUUhcLzVHUnppdWtKdlhpZmlXQ21Ub21NbGlOS1NQa3hXN2dQTjJZQitnaEdBMm9zNFlaT0ZQZWQ1SXNTTm1MREkyQnJXNTFcLzRUdEVEMkcwbElxYmFqUGxLUlhzbElRbDk1ejVreU5IeTgiLCJtYWMiOiJhNGI0YTRiY2U2MDFlOGEyNjc3NGIzMzJhNWJmZWMxMzQzZDg0OTk2YjQ3N2VkMDFkNjZhMzAwZjUxYTZkZDI2In0%3D; _snow_ses.f4d9=*; _snow_id.f4d9=fcfc75ba-743b-4a8d-a166-e96eb6946959.1668281489.1.1668281489.1668281489.e922023a-5b7f-47ab-b47e-b01ec306bb9d; square-sync-csrf=eyJpdiI6IjBxTFlpeldueng2ajF0eGhvU0xuVkE9PSIsInZhbHVlIjoiS2c2T2dHTmpkcmIzQlFJV3g4U0hleTd5UXFhdWdNSGljdDUraXlDNHgzdXJMZUNOY1R1K2lvMzBcLzI2NDdUQXFhd3NvQ0JMQ05mRzQweXdPdnhWZkJJeHdRVSs5TnFEOTVNa3JzSFdxcjc3TnZpUnRXOWdYa1ZUWjJ1NWxNOEFYIiwibWFjIjoiNTZhYWE4OWJkZmU0MzBjYmIyODkzOWU5NTlhMDRkOThjMzJlNTU5ZTFlZTBiZmRjMWJkNzdhNjA3OWY0NWNmNiJ9; square-sync_session=eyJpdiI6Imc3elwvQ1BCT3RaXC9LRk9VeWRzN2pNZz09IiwidmFsdWUiOiJjYnVjVEFiUUZudVE3VnFQU2M5Zm9BeURzdGhyRDIrRng3Yld6WmkxY2lxNUE4N0dKdXR2N3B3VVVTXC9YUTByMWtIdUVTbHFuMVNwZ0kzd3NUbWRKVER3MUhQcDB2TndDZjgyVGJHSm9DU2dCZEs0TkwxbHZ6bDJpTVZESG5QT1ciLCJtYWMiOiI4OTk3M2YyMGJkMjdhNzhmNTMzNDIzOWI1ODlhMmU2NjM2MTFmNWMxYTY1YWZhN2Y5NDk5YjVhZjRmYmQ3OWVjIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sat, 12 Nov 2022 19:31:31 GMT
Set-Cookie: square-sync-csrf=eyJpdiI6InNzVWZDdStxcDlBc3R2bWdtMUduNkE9PSIsInZhbHVlIjoiTHJLNkljNWIyTkpoeXA2ZGhxU2MxWW5FMWo5UlBFQmh0RmVLNk94cFwvS25UUStBQmMrM240clRYTzVRdW9qYjBrMm5iOTVGMDEydDI5WWppSEhRQ3MwdHcwVlR0aWVtakdnaDNSY1gxdUE5TEVvWXpKc2luYWxLakZ3Z1wvM3doRSIsIm1hYyI6IjcxMmY4YmZjOTI0YjE5MDdkNDYyZTI1OGJjYzhlZGU5ZDc5NDRiZjc1NTkzOWI4NzMyMDg2YTI2ZjJmNDYyNzcifQ%3D%3D; expires=Sat, 12-Nov-2022 21:31:31 GMT; Max-Age=7200; path=/
square-sync_session=eyJpdiI6Im15Q0FcL3pwcm1cLzdLT3ZNM2JYZHIwZz09IiwidmFsdWUiOiIxeEc0cHJxS0pYNnN4eHZ1VzlYaXlcL2Nwc1luNW9hMzhKVXFJNThoYVhpWjFaUTdMYVM5SnA0V3dJa2R1WmZJRXgrRlFjZ0s2S094R1NSaGZVMDRhajRNUWNkejJ3eitDcURFU0xoT0tEaHhTS2ZJbFJERVBFZmFQd0x3QlVTZWkiLCJtYWMiOiI4ZjFjMzI2NGY5NTUwMTRkYmU2MTM1OTFkNmEzMjE4NGMyYTUxNTc3MmMyODQxOWYyMGJiZjBhMzc1NmFmNWI1In0%3D; expires=Sat, 12-Nov-2022 21:31:31 GMT; Max-Age=7200; path=/; httponly
X-Host: grn108.sf2p.intern.weebly.net
X-Revision: cf5ef737cdc969251865cb509e804e900a8256e5
X-Request-ID: ed14f78e708eab532125cfd502a92ef2
Content-Encoding: gzip
www.thehairalcove.com/app/square-sync/published/users/143300550/site/161760051151022629/appointments/services/11ed3e1416bcc25ea9c1ac1f6bbbd01e
199.34.228.185200 OK 4.4 kB URL HTTP/1.1 www.thehairalcove.com/app/square-sync/published/users/143300550/site/161760051151022629/appointments/services/11ed3e1416bcc25ea9c1ac1f6bbbd01e
IP 199.34.228.185:0
File type JSON data\012- , ASCII text, with very long lines (28828), with no line terminators
Hash c10de641303c6538779205771b283a7e
1381ac18372f0929331ceb56768bc67d05cf5fae
ed735ce2ff0ad805b2ab6bebbee8c46aca026aed3b94bd3759f1d045b9c30574
Analyzer Verdict Alert quad9 Sinkholed
GET /app/square-sync/published/users/143300550/site/161760051151022629/appointments/services/11ed3e1416bcc25ea9c1ac1f6bbbd01e HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D; websitespring-xsrf=eyJpdiI6IlJWMFhOcmFsQXp4eTYxXC92V2gzekJnPT0iLCJ2YWx1ZSI6Ilo2cm1GZ0pOb3hLSXQzaHVwWHlSa1FhUUhcLzVHUnppdWtKdlhpZmlXQ21Ub21NbGlOS1NQa3hXN2dQTjJZQitnaEdBMm9zNFlaT0ZQZWQ1SXNTTm1MREkyQnJXNTFcLzRUdEVEMkcwbElxYmFqUGxLUlhzbElRbDk1ejVreU5IeTgiLCJtYWMiOiJhNGI0YTRiY2U2MDFlOGEyNjc3NGIzMzJhNWJmZWMxMzQzZDg0OTk2YjQ3N2VkMDFkNjZhMzAwZjUxYTZkZDI2In0%3D; _snow_ses.f4d9=*; _snow_id.f4d9=fcfc75ba-743b-4a8d-a166-e96eb6946959.1668281489.1.1668281489.1668281489.e922023a-5b7f-47ab-b47e-b01ec306bb9d; square-sync-csrf=eyJpdiI6IjBxTFlpeldueng2ajF0eGhvU0xuVkE9PSIsInZhbHVlIjoiS2c2T2dHTmpkcmIzQlFJV3g4U0hleTd5UXFhdWdNSGljdDUraXlDNHgzdXJMZUNOY1R1K2lvMzBcLzI2NDdUQXFhd3NvQ0JMQ05mRzQweXdPdnhWZkJJeHdRVSs5TnFEOTVNa3JzSFdxcjc3TnZpUnRXOWdYa1ZUWjJ1NWxNOEFYIiwibWFjIjoiNTZhYWE4OWJkZmU0MzBjYmIyODkzOWU5NTlhMDRkOThjMzJlNTU5ZTFlZTBiZmRjMWJkNzdhNjA3OWY0NWNmNiJ9; square-sync_session=eyJpdiI6Imc3elwvQ1BCT3RaXC9LRk9VeWRzN2pNZz09IiwidmFsdWUiOiJjYnVjVEFiUUZudVE3VnFQU2M5Zm9BeURzdGhyRDIrRng3Yld6WmkxY2lxNUE4N0dKdXR2N3B3VVVTXC9YUTByMWtIdUVTbHFuMVNwZ0kzd3NUbWRKVER3MUhQcDB2TndDZjgyVGJHSm9DU2dCZEs0TkwxbHZ6bDJpTVZESG5QT1ciLCJtYWMiOiI4OTk3M2YyMGJkMjdhNzhmNTMzNDIzOWI1ODlhMmU2NjM2MTFmNWMxYTY1YWZhN2Y5NDk5YjVhZjRmYmQ3OWVjIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sat, 12 Nov 2022 19:31:31 GMT
Set-Cookie: square-sync-csrf=eyJpdiI6ImRLMnA1aHVIMFJOaTVEeFwvbTNRUFR3PT0iLCJ2YWx1ZSI6IlwvNTg1N3VwNXY1NlplcVAwRmQzVktFWCt1RFVSRTVMb2ZwcnFpQmtvU3pONTF5TDZHK1wvVnJEdm5mUUNWSUxidEFydHdwVlhXZ3FBUm03QW5TNk5LZ25xdGRaZm1aYTU0MllwZGtrcVVJaFBcL3g1S3ZOdjRHSDFRanA1OVwvUTNjSCIsIm1hYyI6ImJiZTQzMWVlM2E2NWIyNGQzZDdiZDY3N2EwZjQxMzNhNmYzN2E4ZmRjMGU4MmVlODEzNzk1NmEwYzIxM2Q2Y2UifQ%3D%3D; expires=Sat, 12-Nov-2022 21:31:31 GMT; Max-Age=7200; path=/
square-sync_session=eyJpdiI6IjFZWjJ0ZzBYblc4cmFVcFppSDJlQ1E9PSIsInZhbHVlIjoiTmFjTWFRVmVmRkNha2JVYXhkbjFKanY0V25CYkFoejhua1lsYncwMzF6emNZa1BzMzRYaG9jVUxsTUFcL1YyYmxoY1MxYnpLdUIwVDZkM1pFUER5M3dpUjlpMU9rdldCUzNTekliNlNGUm14c0tKcE92NDc1QThiRWFaMFpNSUJhIiwibWFjIjoiM2U1MjhmYmI2YjA1OWFlZWNkMTliNTU5ZWJmNmQ1NDM4MWVhMWNhNzNlYjkyYmY3NmIzODlmMjhiOTA4ZjAxOCJ9; expires=Sat, 12-Nov-2022 21:31:31 GMT; Max-Age=7200; path=/; httponly
X-Host: blu72.sf2p.intern.weebly.net
X-Revision: cf5ef737cdc969251865cb509e804e900a8256e5
X-Request-ID: 68d5caddaf2e7342c2bc8f120b42a156
Content-Encoding: gzip
www.thehairalcove.com/app/cms/api/v1/instagram/22135660-3e14-11ed-8501-39f7e972f5bc/profile-data
199.34.228.185200 OK 39 B URL HTTP/1.1 www.thehairalcove.com/app/cms/api/v1/instagram/22135660-3e14-11ed-8501-39f7e972f5bc/profile-data
IP 199.34.228.185:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fb50552d7be0b15ffd875194d1386bb7
662837e29c887e87e95b33ce9141d84a11f07a0e
f1c93b95318436ddb90c6c49553a48cea691630b0dee38a043336b06e40dbb13
Analyzer Verdict Alert quad9 Sinkholed
GET /app/cms/api/v1/instagram/22135660-3e14-11ed-8501-39f7e972f5bc/profile-data HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D; websitespring-xsrf=eyJpdiI6IlJWMFhOcmFsQXp4eTYxXC92V2gzekJnPT0iLCJ2YWx1ZSI6Ilo2cm1GZ0pOb3hLSXQzaHVwWHlSa1FhUUhcLzVHUnppdWtKdlhpZmlXQ21Ub21NbGlOS1NQa3hXN2dQTjJZQitnaEdBMm9zNFlaT0ZQZWQ1SXNTTm1MREkyQnJXNTFcLzRUdEVEMkcwbElxYmFqUGxLUlhzbElRbDk1ejVreU5IeTgiLCJtYWMiOiJhNGI0YTRiY2U2MDFlOGEyNjc3NGIzMzJhNWJmZWMxMzQzZDg0OTk2YjQ3N2VkMDFkNjZhMzAwZjUxYTZkZDI2In0%3D; _snow_ses.f4d9=*; _snow_id.f4d9=fcfc75ba-743b-4a8d-a166-e96eb6946959.1668281489.1.1668281489.1668281489.e922023a-5b7f-47ab-b47e-b01ec306bb9d; square-sync-csrf=eyJpdiI6IjBxTFlpeldueng2ajF0eGhvU0xuVkE9PSIsInZhbHVlIjoiS2c2T2dHTmpkcmIzQlFJV3g4U0hleTd5UXFhdWdNSGljdDUraXlDNHgzdXJMZUNOY1R1K2lvMzBcLzI2NDdUQXFhd3NvQ0JMQ05mRzQweXdPdnhWZkJJeHdRVSs5TnFEOTVNa3JzSFdxcjc3TnZpUnRXOWdYa1ZUWjJ1NWxNOEFYIiwibWFjIjoiNTZhYWE4OWJkZmU0MzBjYmIyODkzOWU5NTlhMDRkOThjMzJlNTU5ZTFlZTBiZmRjMWJkNzdhNjA3OWY0NWNmNiJ9; square-sync_session=eyJpdiI6Imc3elwvQ1BCT3RaXC9LRk9VeWRzN2pNZz09IiwidmFsdWUiOiJjYnVjVEFiUUZudVE3VnFQU2M5Zm9BeURzdGhyRDIrRng3Yld6WmkxY2lxNUE4N0dKdXR2N3B3VVVTXC9YUTByMWtIdUVTbHFuMVNwZ0kzd3NUbWRKVER3MUhQcDB2TndDZjgyVGJHSm9DU2dCZEs0TkwxbHZ6bDJpTVZESG5QT1ciLCJtYWMiOiI4OTk3M2YyMGJkMjdhNzhmNTMzNDIzOWI1ODlhMmU2NjM2MTFmNWMxYTY1YWZhN2Y5NDk5YjVhZjRmYmQ3OWVjIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sat, 12 Nov 2022 19:31:31 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6IkpkcnZWSit6a0I0N25HeDFLQm84dHc9PSIsInZhbHVlIjoiZUFCaGIyZk9JempyeFlXSVcxQ1RhVFNPZWpQNU8ySWxRSWlEQXUzMDFiS2N4U3N4cEhLcU1EcFV6N0FLbHo4dUQ5QUYxWFR3cjJLajRlSjBrZk5pamhZVk4yR2ladkNlOFdBNjJMUE0wZ2N3MVI1VEtkb3p1ZjRZaFRTOUlGUGciLCJtYWMiOiI1ZTRlNjE0OGNkNTNlMDA4YmE4MjUwOTg4YWJkNGNkNDVhMjliMWZmNzljNjBiZGU1YzVlNjM3M2M3ZTZkYTdkIn0%3D; expires=Sat, 26-Nov-2022 19:31:31 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IkJXUGU4bHpsSnZMR09WeVRxS0tlZkE9PSIsInZhbHVlIjoiYnJyODROM1htR2doYVN1b05NZHJnZzRUdk9zUEk3ZENWZ3hIWEZISE5hd2JwaWxWNk9FZCs0NGIydUtwRGgxem44Y2FzcEY1dFFYN1F6eUZ6clFjbkliVytyM1wvZ0pZT1Q3Q2FOYzNNTkdSSm1uc1RJeFc0WVRSRVFnYnZvN2JXIiwibWFjIjoiNzE2ZDdiZGQ2M2Q1OWIzNWUyMWM2NmRjZDU2OTk2MzA1OWMwOWE3OTM3YmY4MzM3NjkxNmI5NTAwN2IzOWI1MCJ9; expires=Sat, 26-Nov-2022 19:31:31 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6Ikk0WWhVaURGck1KQUdmcTFYc3VtbEE9PSIsInZhbHVlIjoibkxHRmxmNTRzNjhEXC9IbHpvRXNXZElKU0s1MW5hQXhwa0JYcEZ3WjRXUjN5d2pFTEF4cEpNUmJ4bHpYZU5nZlRvK3RKQWZmcTlJV3FGZEZkeHVPdW1CTW5ZbUZ6b1A5UkJGTVFEMkthaGNmMDR1NnRjYVZWYkJsb2czdHZKS0dZIiwibWFjIjoiYjBiN2E1NDg3MDc5NmI2OGQyZjRhOGY3N2RmZTQwYTIzMmIxZmU2MmM0YzRjNWY3MzI4MDI1NWI2OTMwMzhlYiJ9; expires=Sat, 26-Nov-2022 19:31:31 GMT; Max-Age=1209600; path=/; httponly
X-Host: blu70.sf2p.intern.weebly.net
X-Revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
X-Request-ID: 206364e145f863596d308bf6edd8729a
Content-Encoding: gzip
www.thehairalcove.com/app/cms/api/v1/instagram/22135660-3e14-11ed-8501-39f7e972f5bc/assets?per_page=20&show_hidden=0
199.34.228.185200 OK 7.2 kB URL HTTP/1.1 www.thehairalcove.com/app/cms/api/v1/instagram/22135660-3e14-11ed-8501-39f7e972f5bc/assets?per_page=20&show_hidden=0
IP 199.34.228.185:0
File type JSON data\012- , ASCII text, with very long lines (30271), with no line terminators
Hash 382a60a58656e7b03922dcaeb60e78f9
62bc01f89e9917adfb55306bebd091f81a6029a6
34f598ecf3c4eb30d5bbd9af67301b8f4ff8ec2abc577d1c2822e085da19a58b
Analyzer Verdict Alert quad9 Sinkholed
GET /app/cms/api/v1/instagram/22135660-3e14-11ed-8501-39f7e972f5bc/assets?per_page=20&show_hidden=0 HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D; websitespring-xsrf=eyJpdiI6IlJWMFhOcmFsQXp4eTYxXC92V2gzekJnPT0iLCJ2YWx1ZSI6Ilo2cm1GZ0pOb3hLSXQzaHVwWHlSa1FhUUhcLzVHUnppdWtKdlhpZmlXQ21Ub21NbGlOS1NQa3hXN2dQTjJZQitnaEdBMm9zNFlaT0ZQZWQ1SXNTTm1MREkyQnJXNTFcLzRUdEVEMkcwbElxYmFqUGxLUlhzbElRbDk1ejVreU5IeTgiLCJtYWMiOiJhNGI0YTRiY2U2MDFlOGEyNjc3NGIzMzJhNWJmZWMxMzQzZDg0OTk2YjQ3N2VkMDFkNjZhMzAwZjUxYTZkZDI2In0%3D; _snow_ses.f4d9=*; _snow_id.f4d9=fcfc75ba-743b-4a8d-a166-e96eb6946959.1668281489.1.1668281489.1668281489.e922023a-5b7f-47ab-b47e-b01ec306bb9d; square-sync-csrf=eyJpdiI6IjBxTFlpeldueng2ajF0eGhvU0xuVkE9PSIsInZhbHVlIjoiS2c2T2dHTmpkcmIzQlFJV3g4U0hleTd5UXFhdWdNSGljdDUraXlDNHgzdXJMZUNOY1R1K2lvMzBcLzI2NDdUQXFhd3NvQ0JMQ05mRzQweXdPdnhWZkJJeHdRVSs5TnFEOTVNa3JzSFdxcjc3TnZpUnRXOWdYa1ZUWjJ1NWxNOEFYIiwibWFjIjoiNTZhYWE4OWJkZmU0MzBjYmIyODkzOWU5NTlhMDRkOThjMzJlNTU5ZTFlZTBiZmRjMWJkNzdhNjA3OWY0NWNmNiJ9; square-sync_session=eyJpdiI6Imc3elwvQ1BCT3RaXC9LRk9VeWRzN2pNZz09IiwidmFsdWUiOiJjYnVjVEFiUUZudVE3VnFQU2M5Zm9BeURzdGhyRDIrRng3Yld6WmkxY2lxNUE4N0dKdXR2N3B3VVVTXC9YUTByMWtIdUVTbHFuMVNwZ0kzd3NUbWRKVER3MUhQcDB2TndDZjgyVGJHSm9DU2dCZEs0TkwxbHZ6bDJpTVZESG5QT1ciLCJtYWMiOiI4OTk3M2YyMGJkMjdhNzhmNTMzNDIzOWI1ODlhMmU2NjM2MTFmNWMxYTY1YWZhN2Y5NDk5YjVhZjRmYmQ3OWVjIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sat, 12 Nov 2022 19:31:31 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6Im9kWTdpNFpoNmVuSk5reWZKRFVYWXc9PSIsInZhbHVlIjoiM042TW5OVUd6UzVZNVE5R2lIb1lyMVFQU091bFNPdnlKeGtYSlpOUG9TeHR0YXU2cExvNEdNZ0pPRm1sR05vdHlhQ1o3aVpmSHVRTDlUa2xWRHVMR2hrWGFPTnl2eXRkWmc4Y29vS2M4cnhnQzRDU3ZBVGhFajBId09YQXBFYzQiLCJtYWMiOiJlNTVkMmRlYTQwZWY3YThmNTljMzcxNjEzYjNlZGY0MTc0M2Q3ZDdjYmJlY2UyZjhiMzI3YTM5Yzc3YTEzMzIxIn0%3D; expires=Sat, 26-Nov-2022 19:31:31 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6InNlT0FlaDJzZHdKbkpEbEhpV0s5V2c9PSIsInZhbHVlIjoiUXAxeVRQcjZcL2xqTnVQZ21yUmxMbFZ3Mm5cL2NxVlwvUnMzMTBXR0dkK2Iwa3BHRlpCczdpc09tYjVUeVQ0K0xcL1VsMVFucHV6QmhuTDRQMm81M0tIWTlIekhGYXl2SGJXekNST242dGRqM1ZmXC81SnExbWVkd2tJa0tvRXhXWXdpZSIsIm1hYyI6IjkzMzg5MjFlOGIyZWI5MDM5M2M4NDdmN2VhZjE5NzQ1NDU4MmVmMTM2MTliMjE3MTVjNzYyZTc5ZGZlYzZjNDkifQ%3D%3D; expires=Sat, 26-Nov-2022 19:31:31 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6IkpVZ1pZSHg4Y0hCTHRqS3NmaGtkdkE9PSIsInZhbHVlIjoieHo1cys0b3UzRUNXZDV5d3RxTTAzMVwvd3E0ZnlEcml5VmJzajdPWUxKcThod3g1V25wZ3pBc1RyQUh2RlwvYUZVQ3dKejhXaFJqdk41YVY1Y2FFYk9LaGl1b2ZreHF5cTJGWStwaDZpa0JHRG5YRDU5QkdyTXdUbGlkc01VWDNKSiIsIm1hYyI6ImZiYWY2ZmI1MDkyZDQ1YzcwMmZiZGMyNGYxMmI5NTYyYjU3MGQzNWU1NDQ3ZDMyMGViNTFkODk5MWM0ZjI5MWEifQ%3D%3D; expires=Sat, 26-Nov-2022 19:31:31 GMT; Max-Age=1209600; path=/; httponly
X-Host: blu72.sf2p.intern.weebly.net
X-Revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
X-Request-ID: 0be31d5c706ee4848b1d6726a97191b3
Content-Encoding: gzip
www.thehairalcove.com/app/website/cms/api/v1/users/143300550/customers/locale
199.34.228.185200 OK 36 B URL HTTP/1.1 www.thehairalcove.com/app/website/cms/api/v1/users/143300550/customers/locale
IP 199.34.228.185:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 84d8976e69ede075d29893d5a4edb32e
0d93241406b90b37202e0a9a4547159983e58a0d
4b3b556e9891c1d9bd2d7722fd46a43822113e738daf981ab4972a6bc18cea53
Analyzer Verdict Alert quad9 Sinkholed
GET /app/website/cms/api/v1/users/143300550/customers/locale HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6ImluNnFsaGxUMEI1RklsbFo2ckN3RHc9PSIsInZhbHVlIjoieCtwOXI1cTY4ZHRidGZjWXBjd2VxcHhiSnVIWnE0a0htanl1Q3doV216aHdNQkViQllLR05qaUY3STM4dVM0SnFYTXRpUkFjRndoRHJ1d1pSSThHdGx1SFVSXC9rejQySVdsRUJOeUhwQXdvekdST0xidVZCQTBHYnRGd01LSVl2IiwibWFjIjoiOTZlM2M5ZmE0OTQyNTVlNjMxMDlmNjRjZmVkMTJjNzhiN2Q2NDVkMDA2NzE2NTM1ZDE5MmZkOTNjNThjZjZhMiJ9; XSRF-TOKEN=eyJpdiI6IldPdzZGbEd6R0taREV1dVFoRkRFTnc9PSIsInZhbHVlIjoiejJ0YkxYTTBtK1BSbGEycHZFZ1VXRE5hS2VNZkRRREN6SU8xMFVEMjNrR01uSWNUUkRZR2x2Rkpmd1wvMGhTWnFGVXdqR3dNbjhWaWRUeHRLRThzK25hWm05QXFhNWRWTGdIS096MTJGbExaWFBXSGxtNEUwd2VjWXdPUkhWZGtnIiwibWFjIjoiMDBjN2RiYTZiZDNiMjYxOWQxYzIwNzk0MjE4OThjZWJiMTM1NTg0M2Y5OGI3ZTc0MmJjNTkyMzdlOGI4NWRlYSJ9; PublishedSiteSession=eyJpdiI6InEwNDk5OFR6TEs0cm5idEdRTU1wN3c9PSIsInZhbHVlIjoibTM5WUlObU5QdWRrc3BSZlwvVU9uYTd2ZkkxQ1BVZVhMYkRWMmg0dlRIYk1ONWZLYlZRcDJ0UjZ3YmlSc0Zxd1BiZjdOYTZPR3JGTEJ4WU1FcDBcL0ZMWjhMNFRKZ3VsVzFFcjJXVmwrSzdPNkdDK3ZIV3RKSkpXeGNVamE3WnI2eSIsIm1hYyI6IjYzMTRiNDAwYzczMWRjNjI3YWIyOWIxMWVjZGQxMTkxNzdlZjMwNTIzNDZkMDQxMmNkYTM1OThmMzIxMThlOWIifQ%3D%3D; websitespring-xsrf=eyJpdiI6IlJWMFhOcmFsQXp4eTYxXC92V2gzekJnPT0iLCJ2YWx1ZSI6Ilo2cm1GZ0pOb3hLSXQzaHVwWHlSa1FhUUhcLzVHUnppdWtKdlhpZmlXQ21Ub21NbGlOS1NQa3hXN2dQTjJZQitnaEdBMm9zNFlaT0ZQZWQ1SXNTTm1MREkyQnJXNTFcLzRUdEVEMkcwbElxYmFqUGxLUlhzbElRbDk1ejVreU5IeTgiLCJtYWMiOiJhNGI0YTRiY2U2MDFlOGEyNjc3NGIzMzJhNWJmZWMxMzQzZDg0OTk2YjQ3N2VkMDFkNjZhMzAwZjUxYTZkZDI2In0%3D; _snow_ses.f4d9=*; _snow_id.f4d9=fcfc75ba-743b-4a8d-a166-e96eb6946959.1668281489.1.1668281489.1668281489.e922023a-5b7f-47ab-b47e-b01ec306bb9d; square-sync-csrf=eyJpdiI6ImRLMnA1aHVIMFJOaTVEeFwvbTNRUFR3PT0iLCJ2YWx1ZSI6IlwvNTg1N3VwNXY1NlplcVAwRmQzVktFWCt1RFVSRTVMb2ZwcnFpQmtvU3pONTF5TDZHK1wvVnJEdm5mUUNWSUxidEFydHdwVlhXZ3FBUm03QW5TNk5LZ25xdGRaZm1aYTU0MllwZGtrcVVJaFBcL3g1S3ZOdjRHSDFRanA1OVwvUTNjSCIsIm1hYyI6ImJiZTQzMWVlM2E2NWIyNGQzZDdiZDY3N2EwZjQxMzNhNmYzN2E4ZmRjMGU4MmVlODEzNzk1NmEwYzIxM2Q2Y2UifQ%3D%3D; square-sync_session=eyJpdiI6IjFZWjJ0ZzBYblc4cmFVcFppSDJlQ1E9PSIsInZhbHVlIjoiTmFjTWFRVmVmRkNha2JVYXhkbjFKanY0V25CYkFoejhua1lsYncwMzF6emNZa1BzMzRYaG9jVUxsTUFcL1YyYmxoY1MxYnpLdUIwVDZkM1pFUER5M3dpUjlpMU9rdldCUzNTekliNlNGUm14c0tKcE92NDc1QThiRWFaMFpNSUJhIiwibWFjIjoiM2U1MjhmYmI2YjA1OWFlZWNkMTliNTU5ZWJmNmQ1NDM4MWVhMWNhNzNlYjkyYmY3NmIzODlmMjhiOTA4ZjAxOCJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Sat, 12 Nov 2022 19:31:31 GMT
Set-Cookie: websitespring-xsrf=eyJpdiI6IlhrQm1GZFo5dzVYbGc5ZU9BdURqRFE9PSIsInZhbHVlIjoiYVNxS24wUmIwa1NzYTNXNFJxSDFxc0dDVjJRMWxFMzh6SFRjKzhUR1lzeldocjJHSDNlaDMwcVNRR0ViZHRPcWhlNlwvc3Q1VGxtd1U2d0hxS1R2aVlKWTc4Q2grZWw4cGtPN1RBWjdia1wvdTFVVGhHbFlKbFFoYkg5ME9cL2JRUWYiLCJtYWMiOiI4Njc1YzEyNWEzNjQ4NDY2MDE0OTY3OTEzOGJlMDRiNmI2N2Q0MGRjYzliNTg5NGE1NmMzYmZiZjJiYTI3OTk5In0%3D; expires=Sat, 26-Nov-2022 19:31:31 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IjA4RWtuOStQQ3RpOVk5OEp0MGxLaGc9PSIsInZhbHVlIjoiallSZHpXcUR3NEJRV1ZyaHN4dzBaYVY4VHVVZ0s4YlBDblMxNFVRc0p5SG01XC9nblRUUHplSnFEa1wvZUZ1YkNuaEpSYXJEeFVoXC9KRWJQMXpPMVF2NHJMU3Y1S0Y0RWNCUGQxZmd3ckhqcndJeTlZQlA1OGlWRTNycGpUYzY0ZVkiLCJtYWMiOiJkNTgyNjNlOTM1YzU0OTNiZWQxNThlZTA3ZjkwNTA0NDMyNjVhMzc4N2U1NTk0ODMxOWZmMTc0OWVhMzczM2ZiIn0%3D; expires=Sat, 26-Nov-2022 19:31:31 GMT; Max-Age=1209600; path=/
X-Host: blu66.sf2p.intern.weebly.net
X-Revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
X-Request-ID: e359fa52fbab926c4b73ca23c486aaf6
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2f759be7390758504ebad918e8b74daa
d37ee86f330bf0d042275269d47764a1af39526e
11652a490e7625b69f1910842fcc9057411cb812c0bce9d728d0fb7fc7e53195
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4984
Cache-Control: max-age=169118
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:31:32 GMT
Etag: "636fd2ba-1d7"
Expires: Mon, 14 Nov 2022 18:30:10 GMT
Last-Modified: Sat, 12 Nov 2022 17:07:06 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2f759be7390758504ebad918e8b74daa
d37ee86f330bf0d042275269d47764a1af39526e
11652a490e7625b69f1910842fcc9057411cb812c0bce9d728d0fb7fc7e53195
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4984
Cache-Control: max-age=169118
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:31:32 GMT
Etag: "636fd2ba-1d7"
Expires: Mon, 14 Nov 2022 18:30:10 GMT
Last-Modified: Sat, 12 Nov 2022 17:07:06 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
images.unsplash.com/photo-1463430144406-394c977562d7?crop=entropy&cs=tinysrgb&fm=jpg&ixid=Mnw0NjE4NHwwfDF8c2VhcmNofDc5Nnx8aGFpciUyMHNhbG9ufGVufDB8fHx8MTY2Njc4MjIwMg&ixlib=rb-4.0.3&q=80&w=800&dpr=1
151.101.86.208200 OK 27 kB URL HTTP/2 images.unsplash.com/photo-1463430144406-394c977562d7?crop=entropy&cs=tinysrgb&fm=jpg&ixid=Mnw0NjE4NHwwfDF8c2VhcmNofDc5Nnx8aGFpciUyMHNhbG9ufGVufDB8fHx8MTY2Njc4MjIwMg&ixlib=rb-4.0.3&q=80&w=800&dpr=1
IP 151.101.86.208:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x532, components 3\012- data
Hash 18fc20afe3535a39c8016e7e4487e6f0
9c2284f81d5a534c113de8402a71faa69590bbd9
d5e5deb2c30a99fc3f8c45a2114802163bab0fb8d7fbd2ea10a334b03c1d3821
GET /photo-1463430144406-394c977562d7?crop=entropy&cs=tinysrgb&fm=jpg&ixid=Mnw0NjE4NHwwfDF8c2VhcmNofDc5Nnx8aGFpciUyMHNhbG9ufGVufDB8fHx8MTY2Njc4MjIwMg&ixlib=rb-4.0.3&q=80&w=800&dpr=1 HTTP/1.1
Host: images.unsplash.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: ugid=6461806687ff9dd048a40b6b7dfa094e5560938
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 12 Nov 2022 19:31:31 GMT
cache-control: public, max-age=315360000
server: imgix
x-imgix-id: d737839f2d37139a04880921f48a2a55a37e2971
x-imgix-render-farm: 01.592
date: Sat, 12 Nov 2022 19:31:32 GMT
age: 0
accept-ranges: bytes
set-cookie: ugid=6461806687ff9dd048a40b6b7dfa094e5560938;domain=.unsplash.com;path=/;expires=Sun, 12 Nov 2023 19:31:31 GMT;SameSite=None;Secure
content-type: image/jpeg
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10053-SJC, cache-bma1639-BMA
x-cache: MISS, MISS
content-length: 26862
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2f759be7390758504ebad918e8b74daa
d37ee86f330bf0d042275269d47764a1af39526e
11652a490e7625b69f1910842fcc9057411cb812c0bce9d728d0fb7fc7e53195
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5079
Cache-Control: max-age=169213
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:31:32 GMT
Etag: "636fd2ba-1d7"
Expires: Mon, 14 Nov 2022 18:31:45 GMT
Last-Modified: Sat, 12 Nov 2022 17:07:06 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2f759be7390758504ebad918e8b74daa
d37ee86f330bf0d042275269d47764a1af39526e
11652a490e7625b69f1910842fcc9057411cb812c0bce9d728d0fb7fc7e53195
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4984
Cache-Control: max-age=169118
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:31:32 GMT
Etag: "636fd2ba-1d7"
Expires: Mon, 14 Nov 2022 18:30:10 GMT
Last-Modified: Sat, 12 Nov 2022 17:07:06 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4deebe79c6aa7dc9f0dd8669f31f46d4
7e1f82163343cee8eeecbeb555a4a40bb257a4f2
1fc0eff08309d7db2ec5dfc42b32e55dd824941618b61681501cdbcd6086cb8e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5489
Cache-Control: max-age=109463
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:31:32 GMT
Etag: "636ee7ba-1d7"
Expires: Mon, 14 Nov 2022 01:55:55 GMT
Last-Modified: Sat, 12 Nov 2022 00:24:26 GMT
Server: ECS (amb/6B77)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2f759be7390758504ebad918e8b74daa
d37ee86f330bf0d042275269d47764a1af39526e
11652a490e7625b69f1910842fcc9057411cb812c0bce9d728d0fb7fc7e53195
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5079
Cache-Control: max-age=169213
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:31:32 GMT
Etag: "636fd2ba-1d7"
Expires: Mon, 14 Nov 2022 18:31:45 GMT
Last-Modified: Sat, 12 Nov 2022 17:07:06 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
www.editmysite.com/ajax/apps/generateMap.php?elementid=9bd40640-62c0-11ed-b4d5-275ce3e757ed&map=google&ineditor=0&width=auto&point=1&control=3&scalecontrol=1&height=350px&zoom=10&zoomScale=70&lat=30.326534&long=-97.707397&pincolor=%23b1a59a&pincontrastcolor=%23000000&styles=%5B%7B%22featureType%22%3A%22poi%22%2C%22elementType%22%3A%22labels.text%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%2C%7B%22featureType%22%3A%22poi.business%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%2C%7B%22featureType%22%3A%22road%22%2C%22elementType%22%3A%22labels.icon%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%2C%7B%22featureType%22%3A%22transit%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%5D&touch=1&forcemapdrag=1
74.115.50.67200 OK 12 kB URL HTTP/1.1 www.editmysite.com/ajax/apps/generateMap.php?elementid=9bd40640-62c0-11ed-b4d5-275ce3e757ed&map=google&ineditor=0&width=auto&point=1&control=3&scalecontrol=1&height=350px&zoom=10&zoomScale=70&lat=30.326534&long=-97.707397&pincolor=%23b1a59a&pincontrastcolor=%23000000&styles=%5B%7B%22featureType%22%3A%22poi%22%2C%22elementType%22%3A%22labels.text%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%2C%7B%22featureType%22%3A%22poi.business%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%2C%7B%22featureType%22%3A%22road%22%2C%22elementType%22%3A%22labels.icon%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%2C%7B%22featureType%22%3A%22transit%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%5D&touch=1&forcemapdrag=1
IP 74.115.50.67:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (827)
Hash cc2826d966b38042e7707e35dd0f1598
ebed8ea38013f2c20e2bc5083b0007eeced7d10b
0f47bab9b7077e2a9ff65728711e2008a1e9c49afc4435dae39644f86f54d06e
GET /ajax/apps/generateMap.php?elementid=9bd40640-62c0-11ed-b4d5-275ce3e757ed&map=google&ineditor=0&width=auto&point=1&control=3&scalecontrol=1&height=350px&zoom=10&zoomScale=70&lat=30.326534&long=-97.707397&pincolor=%23b1a59a&pincontrastcolor=%23000000&styles=%5B%7B%22featureType%22%3A%22poi%22%2C%22elementType%22%3A%22labels.text%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%2C%7B%22featureType%22%3A%22poi.business%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%2C%7B%22featureType%22%3A%22road%22%2C%22elementType%22%3A%22labels.icon%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%2C%7B%22featureType%22%3A%22transit%22%2C%22stylers%22%3A%5B%7B%22visibility%22%3A%22off%22%7D%5D%7D%5D&touch=1&forcemapdrag=1 HTTP/1.1
Host: www.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 19:31:32 GMT
Server: Apache
X-Host: blu27.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 12032
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
Set-Cookie: sto-id-designer=PADMBNAK; Domain=editmysite.com; Path=/
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:31:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?v=3&client=gme-weeblyinc1
142.250.74.42200 OK 55 kB URL HTTP/2 maps.googleapis.com/maps/api/js?v=3&client=gme-weeblyinc1
IP 142.250.74.42:0
File type ASCII text, with very long lines (2461)
Hash 7a4f024885061ac5d17e69227e1216e5
15d9473b15b359a1850a1654c44dd78a840a73f5
8426012d32893cac63e8b182c631936f8eb34a82ecdd0f5306fe57c08a20d962
GET /maps/api/js?v=3&client=gme-weeblyinc1 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.editmysite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Sat, 12 Nov 2022 19:31:32 GMT
expires: Sat, 12 Nov 2022 20:01:32 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 55027
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=13
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:31:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/312118583_571743147704687_4664486017299397927_n.jpg?_nc_cat=103&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=3Oy3NnXM5SAAX-vIJnX&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfCnkTRWt_2cu54qHiY_OGD8rXiKL0VrEcMIeDz4jx9NdA&oe=6373CD13
157.240.11.52200 OK 72 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/312118583_571743147704687_4664486017299397927_n.jpg?_nc_cat=103&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=3Oy3NnXM5SAAX-vIJnX&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfCnkTRWt_2cu54qHiY_OGD8rXiKL0VrEcMIeDz4jx9NdA&oe=6373CD13
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x1280, components 3\012- data
Hash 9da29b274f34b832d66983e253ff4d13
7294bf22d0fc7261dea6d8c100b4d65f0f786fc6
92fcfa9b84fa503270dd7ddce8105e1c5a4e09d8b7d8ad1148cefe34d8d2deb1
GET /v/t51.29350-15/312118583_571743147704687_4664486017299397927_n.jpg?_nc_cat=103&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=3Oy3NnXM5SAAX-vIJnX&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfCnkTRWt_2cu54qHiY_OGD8rXiKL0VrEcMIeDz4jx9NdA&oe=6373CD13 HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 20 Oct 2022 14:13:24 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 367654650
x-needle-checksum: 2267978700
content-digest: adler32=2267978700
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 71468
x-fb-trip-id: 382461245
date: Sat, 12 Nov 2022 19:31:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/314840338_5443792472385009_5854180698090008626_n.jpg?_nc_cat=103&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=2OLlsYVSHpEAX_79B1d&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfDOHFoAn93AGw9HHbxUyhufkbrwhE5AfRiyDQMhwsgPXA&oe=6373644E
157.240.11.52200 OK 95 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/314840338_5443792472385009_5854180698090008626_n.jpg?_nc_cat=103&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=2OLlsYVSHpEAX_79B1d&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfDOHFoAn93AGw9HHbxUyhufkbrwhE5AfRiyDQMhwsgPXA&oe=6373644E
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 989x1087, components 3\012- data
Hash 32f9d7dc2313f54216ccd56f3176ad5a
68378954ef805df6f477b40b33e00f7a85e855b9
388d1d2ba6b1da99e399abd4d8ac2f3ae65f5de86bd692bed4e1c13ed860d920
GET /v/t51.29350-15/314840338_5443792472385009_5854180698090008626_n.jpg?_nc_cat=103&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=2OLlsYVSHpEAX_79B1d&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfDOHFoAn93AGw9HHbxUyhufkbrwhE5AfRiyDQMhwsgPXA&oe=6373644E HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 10 Nov 2022 16:28:05 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 1839180553
x-needle-checksum: 4040417770
content-digest: adler32=4040417770
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 94952
x-fb-trip-id: 382461245
date: Sat, 12 Nov 2022 19:31:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/306548013_971253094266853_1236565290670814413_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=ltZp0NEDkusAX-EUkEm&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfAS4VFgd2cok322DS_LzYIhQ4oTKnUuvrjan-YUOW5i8A&oe=637506A7
157.240.11.52200 OK 186 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/306548013_971253094266853_1236565290670814413_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=ltZp0NEDkusAX-EUkEm&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfAS4VFgd2cok322DS_LzYIhQ4oTKnUuvrjan-YUOW5i8A&oe=637506A7
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1598, components 3\012- data
Size 186 kB (185986 bytes)
Hash be6a384a1c2e6024a4cc0f067f8fc303
3a4caf12ee983c60f6494339cf09c911ca91ab94
61ae220aa64361173b98f23e369f05dba916ec718e8f0ef1d96141be59c22c4c
GET /v/t51.29350-15/306548013_971253094266853_1236565290670814413_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=ltZp0NEDkusAX-EUkEm&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfAS4VFgd2cok322DS_LzYIhQ4oTKnUuvrjan-YUOW5i8A&oe=637506A7 HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 11 Oct 2022 20:10:43 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 3847150303
x-needle-checksum: 3720842547
content-digest: adler32=3720842547
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 185986
x-fb-trip-id: 382461245
date: Sat, 12 Nov 2022 19:31:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/315233207_660840655669557_1995963545106457973_n.jpg?_nc_cat=104&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=PaJZrr0vW6sAX8TbP3I&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfAZfsJe6sz5pIlEIbPbwgMma1U2_Rcek55YSl49m5IqQQ&oe=63743799
157.240.11.52200 OK 208 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/315233207_660840655669557_1995963545106457973_n.jpg?_nc_cat=104&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=PaJZrr0vW6sAX8TbP3I&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfAZfsJe6sz5pIlEIbPbwgMma1U2_Rcek55YSl49m5IqQQ&oe=63743799
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1800, components 3\012- data
Size 208 kB (207907 bytes)
Hash 6f71dd6cdea706e5117d40e16beca687
91c1ade88d830c19b5070a27e3f100e099f3a6fc
18d3291432a772ae1f4a2f1595fe0635143519abec38a718c9c4935c0f532ca2
GET /v/t51.29350-15/315233207_660840655669557_1995963545106457973_n.jpg?_nc_cat=104&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=PaJZrr0vW6sAX8TbP3I&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfAZfsJe6sz5pIlEIbPbwgMma1U2_Rcek55YSl49m5IqQQ&oe=63743799 HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 11 Nov 2022 19:31:25 GMT
content-type: image/jpeg
x-needle-checksum: 813774553
content-digest: adler32=813774553
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 207907
x-fb-trip-id: 382461245
date: Sat, 12 Nov 2022 19:31:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/310677727_828593281610845_9080218614421014979_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=jg_HRBEvPNwAX_YdXsk&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfAlHkwqY4bZb2Gc1R4bBw3kKsuLgsM-b1K87-Y-HjW1sA&oe=6373E674
157.240.11.52200 OK 158 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/310677727_828593281610845_9080218614421014979_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=jg_HRBEvPNwAX_YdXsk&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfAlHkwqY4bZb2Gc1R4bBw3kKsuLgsM-b1K87-Y-HjW1sA&oe=6373E674
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1398, components 3\012- data
Size 158 kB (158452 bytes)
Hash ea5aa2b715ad16fd0a6dc623284e88b9
8ec1a7b98505610119632b3ad7b06dbf23c1c1d8
3a5b68221dada69caafbf6e1043e0fcc890a0728f54dd1440af5108d1c84f0b7
GET /v/t51.29350-15/310677727_828593281610845_9080218614421014979_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=jg_HRBEvPNwAX_YdXsk&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfAlHkwqY4bZb2Gc1R4bBw3kKsuLgsM-b1K87-Y-HjW1sA&oe=6373E674 HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 07 Oct 2022 19:28:01 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 1798137800
x-needle-checksum: 3897703880
content-digest: adler32=3897703880
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 158452
x-fb-trip-id: 382461245
date: Sat, 12 Nov 2022 19:31:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/301170060_158728580134032_2200603085005982583_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=CrNh6ANnQt8AX9s_L-t&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfDenYbG0p9hk3CO_wx7EGgb2E_zKLmNUf-nSIkfq41__g&oe=637537C3
157.240.11.52200 OK 157 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/301170060_158728580134032_2200603085005982583_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=CrNh6ANnQt8AX9s_L-t&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfDenYbG0p9hk3CO_wx7EGgb2E_zKLmNUf-nSIkfq41__g&oe=637537C3
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1440, components 3\012- data
Size 157 kB (157134 bytes)
Hash 2dc49b03747606968a03ee50785779b6
ba57971f6f550730274686863130fd7a690268f0
660921f57d5a6f3713fdd9bf49443a9729897c7f1b7e2bcb0b5e85879d574893
GET /v/t51.29350-15/301170060_158728580134032_2200603085005982583_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=CrNh6ANnQt8AX9s_L-t&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfDenYbG0p9hk3CO_wx7EGgb2E_zKLmNUf-nSIkfq41__g&oe=637537C3 HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-length: 157134
last-modified: Tue, 23 Aug 2022 21:17:46 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 274237657
x-needle-checksum: 2377442156
content-digest: adler32=2377442156
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-trip-id: 382461245
date: Sat, 12 Nov 2022 19:31:32 GMT
x-fb-edge-debug: cyuBo4RBRbggj8P_FH9c_HAop_DPjyK-o6_eZ_SBKYPXgD1-e7uuH76RozXudDpb5WrEI6PsFcopaTMVcdaTTVB3YoDj3qFl1VeSrgnOFA4
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/310385502_159812986734500_8602612017292523824_n.jpg?_nc_cat=106&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=4M5BN0dWujsAX_wUjTo&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfAd7UyHT3QX5B8xjWJdpFG5J7ZULaehrKPm6cqzmKOcyQ&oe=6373BD72
157.240.11.52200 OK 170 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/310385502_159812986734500_8602612017292523824_n.jpg?_nc_cat=106&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=4M5BN0dWujsAX_wUjTo&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfAd7UyHT3QX5B8xjWJdpFG5J7ZULaehrKPm6cqzmKOcyQ&oe=6373BD72
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1800, components 3\012- data
Size 170 kB (170447 bytes)
Hash 9829fd2ff8cee31caaec150e53df5f39
cd947584857eca61e5005468bd31dc3463ec35f3
d2770dba04ecd38eed06b5bd46534d50aa770c82a3f434b26c67d889a6b3b9f1
GET /v/t51.29350-15/310385502_159812986734500_8602612017292523824_n.jpg?_nc_cat=106&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=4M5BN0dWujsAX_wUjTo&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfAd7UyHT3QX5B8xjWJdpFG5J7ZULaehrKPm6cqzmKOcyQ&oe=6373BD72 HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 05 Oct 2022 14:42:49 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 1445489145
x-needle-checksum: 2894602011
content-digest: adler32=2894602011
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 170447
x-fb-trip-id: 382461245
date: Sat, 12 Nov 2022 19:31:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/306526533_599887558442951_5500288663479174068_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=rzrc6PiCi5wAX83Gun_&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfCKizSp7dXZDQyvqdJd03bFCpodWVnhREYoxQ8s-sNUFA&oe=63753CDF
157.240.11.52200 OK 198 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/306526533_599887558442951_5500288663479174068_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=rzrc6PiCi5wAX83Gun_&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfCKizSp7dXZDQyvqdJd03bFCpodWVnhREYoxQ8s-sNUFA&oe=63753CDF
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1654, components 3\012- data
Size 198 kB (197557 bytes)
Hash e4162b5fd872a4b5bc3ee106d6d117a4
b081d72b3ec31e8f070bbbf3ee0f8afe15bc38a1
914817411b9ab68f57ccab7599a260e58ed83ce582d5e0e8e4a7ce8bdb773793
GET /v/t51.29350-15/306526533_599887558442951_5500288663479174068_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=rzrc6PiCi5wAX83Gun_&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfCKizSp7dXZDQyvqdJd03bFCpodWVnhREYoxQ8s-sNUFA&oe=63753CDF HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 12 Sep 2022 14:05:12 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 2829289968
x-needle-checksum: 166541201
content-digest: adler32=166541201
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 197557
x-fb-trip-id: 382461245
date: Sat, 12 Nov 2022 19:31:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/300789804_1259338031498185_1124642817099460269_n.jpg?_nc_cat=101&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=oZTnhhCM-I8AX8j1I6o&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBVpSpZthFkSmJIbOnNloZPhCqgLYS_lSvPovlx2q5a3g&oe=6373E8B4
157.240.11.52200 OK 202 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/300789804_1259338031498185_1124642817099460269_n.jpg?_nc_cat=101&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=oZTnhhCM-I8AX8j1I6o&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBVpSpZthFkSmJIbOnNloZPhCqgLYS_lSvPovlx2q5a3g&oe=6373E8B4
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1800, components 3\012- data
Size 202 kB (201615 bytes)
Hash c92fc39bd69df8cfd5d3305345af60ee
f95e2a00db0a42b46440a28c03093d0a6f502d10
03447d634862d99228d2664b67abfa98c9b306745cc7aa657ffb7a426a587979
GET /v/t51.29350-15/300789804_1259338031498185_1124642817099460269_n.jpg?_nc_cat=101&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=oZTnhhCM-I8AX8j1I6o&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBVpSpZthFkSmJIbOnNloZPhCqgLYS_lSvPovlx2q5a3g&oe=6373E8B4 HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 24 Aug 2022 13:26:33 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 3896405874
x-needle-checksum: 2261064000
content-digest: adler32=2261064000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 201615
x-fb-trip-id: 382461245
date: Sat, 12 Nov 2022 19:31:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/301216251_625988522486214_2983376856561994994_n.jpg?_nc_cat=109&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=E0eyMNeQY0oAX8bWxAj&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfAZSxWxSyd5S7tHnDpaDNzkjA-frTmRsGKnq8H_p4J-dg&oe=6373D4A7
157.240.11.52200 OK 213 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/301216251_625988522486214_2983376856561994994_n.jpg?_nc_cat=109&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=E0eyMNeQY0oAX8bWxAj&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfAZSxWxSyd5S7tHnDpaDNzkjA-frTmRsGKnq8H_p4J-dg&oe=6373D4A7
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1634, components 3\012- data
Size 213 kB (213039 bytes)
Hash 81d9b97b985ee60bcf490f4b988a6ce5
5c4dc4db10040212a06ab4fa289b5e5d184c4e3c
ae9f730910e0fcf836f165e3083b064af526b3587f040fcd08664211afd09a43
GET /v/t51.29350-15/301216251_625988522486214_2983376856561994994_n.jpg?_nc_cat=109&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=E0eyMNeQY0oAX8bWxAj&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfAZSxWxSyd5S7tHnDpaDNzkjA-frTmRsGKnq8H_p4J-dg&oe=6373D4A7 HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 26 Aug 2022 15:29:13 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 877820345
x-needle-checksum: 4087591883
content-digest: adler32=4087591883
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 213039
x-fb-trip-id: 382461245
date: Sat, 12 Nov 2022 19:31:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/305861596_5375958055791569_3109963680304759650_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=imUrDhni4wUAX-41yZk&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfDqSWEGv8AhDBD62zHqmBhGdA5yEQfQphnuWOZHRcnOlg&oe=6375247A
157.240.11.52200 OK 225 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/305861596_5375958055791569_3109963680304759650_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=imUrDhni4wUAX-41yZk&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfDqSWEGv8AhDBD62zHqmBhGdA5yEQfQphnuWOZHRcnOlg&oe=6375247A
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1799, components 3\012- data
Size 225 kB (224845 bytes)
Hash 682b0127bd6b76eef796ba7dd4c1e595
e7d144c40914d43bb9ab0aa1083d15c45fe5be75
3e822f76c0fd0aaa678729fe0f0859cf58ea343efd5aa7bbadaf04fc38bd2b9b
GET /v/t51.29350-15/305861596_5375958055791569_3109963680304759650_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=imUrDhni4wUAX-41yZk&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfDqSWEGv8AhDBD62zHqmBhGdA5yEQfQphnuWOZHRcnOlg&oe=6375247A HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 08 Sep 2022 16:53:34 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 3821228671
x-needle-checksum: 1963193120
content-digest: adler32=1963193120
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 224845
x-fb-trip-id: 382461245
date: Sat, 12 Nov 2022 19:31:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/314078634_610278757448894_6166280551105992440_n.jpg?_nc_cat=103&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=gamvRZEsjZ0AX9a1391&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBw8MTCZWzzvXjyI8j2M1ChgnQj7JVnuGJRHhZgtYW_WQ&oe=6374DD0A
157.240.11.52200 OK 234 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/314078634_610278757448894_6166280551105992440_n.jpg?_nc_cat=103&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=gamvRZEsjZ0AX9a1391&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBw8MTCZWzzvXjyI8j2M1ChgnQj7JVnuGJRHhZgtYW_WQ&oe=6374DD0A
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1800, components 3\012- data
Size 234 kB (233643 bytes)
Hash b0cc582e6fa8380d80d9d5f1c028368c
e6514700b83c6f1541013e7bc6cbd49f7318a546
d536518123002a79f7426d81eb2d58de2c35e5ff8eb9906d10a64e7007bb3c12
GET /v/t51.29350-15/314078634_610278757448894_6166280551105992440_n.jpg?_nc_cat=103&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=gamvRZEsjZ0AX9a1391&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBw8MTCZWzzvXjyI8j2M1ChgnQj7JVnuGJRHhZgtYW_WQ&oe=6374DD0A HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
content-length: 233643
last-modified: Thu, 03 Nov 2022 18:15:25 GMT
content-type: image/jpeg
x-needle-checksum: 1510683229
content-digest: adler32=1510683229
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-trip-id: 382461245
date: Sat, 12 Nov 2022 19:31:32 GMT
x-fb-edge-debug: lwki3R6OEJ3ZKpR9dlhn7Nb8osi1bjoF30RYk5dH1QsZrBEcklD15k6IAmjgvPVLRbL6atkqHIMVfjvQhRLsKVtCiSwM0Km9YNW5wD7W3i0
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/301682050_155502160484657_7320330960561079768_n.jpg?_nc_cat=102&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=jhh0N40pQrwAX_jW53E&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfAvHbeSwXQSysK2GQcviJF42Gq3Q7u0BdO5sK7inf8zhg&oe=6373D9A5
157.240.11.52200 OK 245 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/301682050_155502160484657_7320330960561079768_n.jpg?_nc_cat=102&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=jhh0N40pQrwAX_jW53E&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfAvHbeSwXQSysK2GQcviJF42Gq3Q7u0BdO5sK7inf8zhg&oe=6373D9A5
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1800, components 3\012- data
Size 245 kB (244876 bytes)
Hash 34a36520e2eee05610fbce81e0894104
5bed39c784516721371d2a723935175b63a9bcf8
3e44feb38afca1ea04fb9bd4c6fe91b22bba081f5abfe7e9aaeede48d4ea0dcf
GET /v/t51.29350-15/301682050_155502160484657_7320330960561079768_n.jpg?_nc_cat=102&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=jhh0N40pQrwAX_jW53E&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfAvHbeSwXQSysK2GQcviJF42Gq3Q7u0BdO5sK7inf8zhg&oe=6373D9A5 HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 29 Aug 2022 17:08:25 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 2951492724
x-needle-checksum: 2112175566
content-digest: adler32=2112175566
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 244876
x-fb-trip-id: 382461245
date: Sat, 12 Nov 2022 19:31:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/300596412_884533689599575_5875559247093252803_n.jpg?_nc_cat=106&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=yQNYyCOv1lYAX8CMEqG&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBn7NLn20DCBUdP_3M_62uJ_TqXhTP78KNdijOYvm9omg&oe=63752AE0
157.240.11.52200 OK 254 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/300596412_884533689599575_5875559247093252803_n.jpg?_nc_cat=106&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=yQNYyCOv1lYAX8CMEqG&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBn7NLn20DCBUdP_3M_62uJ_TqXhTP78KNdijOYvm9omg&oe=63752AE0
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1800, components 3\012- data
Size 254 kB (254097 bytes)
Hash b7ca8ad4c3fdf1265ea981f5ca4288e7
d1f5ad34314acb4e958ab324c764b9fee01a88c7
e4b651e03606b7b2f35c900318cbdc0898567fb098bec3b3476a0d48e8d1c577
GET /v/t51.29350-15/300596412_884533689599575_5875559247093252803_n.jpg?_nc_cat=106&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=yQNYyCOv1lYAX8CMEqG&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBn7NLn20DCBUdP_3M_62uJ_TqXhTP78KNdijOYvm9omg&oe=63752AE0 HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 03 Oct 2022 18:12:47 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 793175738
x-needle-checksum: 3050823414
content-digest: adler32=3050823414
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 254097
x-fb-trip-id: 382461245
date: Sat, 12 Nov 2022 19:31:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/307192556_758533345207394_7338411924487469162_n.jpg?_nc_cat=110&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=9pQlTzEuoFsAX-PRmzs&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBV1DHUYx791Ygwp2tdIkcbUeGbap1x9aOrViscpdMQwA&oe=6373E9B8
157.240.11.52200 OK 264 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/307192556_758533345207394_7338411924487469162_n.jpg?_nc_cat=110&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=9pQlTzEuoFsAX-PRmzs&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBV1DHUYx791Ygwp2tdIkcbUeGbap1x9aOrViscpdMQwA&oe=6373E9B8
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1800, components 3\012- data
Size 264 kB (264034 bytes)
Hash 9ebcd444ae51be5073cff34163e8c2f1
f3c4856f282300dadcb140ccc7717e5cab97104b
dbd225f999930a183a67e86c4b5306f75bea640e6cc0569b810bdd254814d3fe
GET /v/t51.29350-15/307192556_758533345207394_7338411924487469162_n.jpg?_nc_cat=110&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=9pQlTzEuoFsAX-PRmzs&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfBV1DHUYx791Ygwp2tdIkcbUeGbap1x9aOrViscpdMQwA&oe=6373E9B8 HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 15 Sep 2022 15:00:26 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 2649184280
x-needle-checksum: 3122257467
content-digest: adler32=3122257467
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 264034
x-fb-trip-id: 382461245
date: Sat, 12 Nov 2022 19:31:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/302277234_388670623409427_335952263236735528_n.jpg?_nc_cat=109&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=XU7KcorV_UAAX-4fAE5&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfCAoRgqbSZwscUSEZkpsH5BWmGvVxnN65XLEIfTBe5eUQ&oe=6374936E
157.240.11.52200 OK 268 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/302277234_388670623409427_335952263236735528_n.jpg?_nc_cat=109&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=XU7KcorV_UAAX-4fAE5&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfCAoRgqbSZwscUSEZkpsH5BWmGvVxnN65XLEIfTBe5eUQ&oe=6374936E
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1800, components 3\012- data
Size 268 kB (268085 bytes)
Hash 652ec16aedbb7ae14cc5319d169126d0
87704b3c1a257fefb784ab8794b2040a60535633
fbad33583044d97de87fadf9ea74e8a5b3ae4315be9d67bcf26a17a13ed61e07
GET /v/t51.29350-15/302277234_388670623409427_335952263236735528_n.jpg?_nc_cat=109&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=XU7KcorV_UAAX-4fAE5&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfCAoRgqbSZwscUSEZkpsH5BWmGvVxnN65XLEIfTBe5eUQ&oe=6374936E HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 02 Sep 2022 13:13:55 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 2595011370
x-needle-checksum: 3819820886
content-digest: adler32=3819820886
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 268085
x-fb-trip-id: 382461245
date: Sat, 12 Nov 2022 19:31:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/313041455_683108943236284_4164175902887426679_n.jpg?_nc_cat=109&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=UjsivGzmgBAAX9ezCPc&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfARum0sLzgFM2bpH6AvS3Ulfe7J8Yl7wOFEFm5WumT_zQ&oe=637392A7
157.240.11.52200 OK 280 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/313041455_683108943236284_4164175902887426679_n.jpg?_nc_cat=109&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=UjsivGzmgBAAX9ezCPc&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfARum0sLzgFM2bpH6AvS3Ulfe7J8Yl7wOFEFm5WumT_zQ&oe=637392A7
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1799, components 3\012- data
Size 280 kB (280442 bytes)
Hash dbe881399b345090dc51473cdf008f76
c297bb1952ae88c1999326840100fd87815ce723
362a0cd03a6089a12d8abeee4d2e46b09c58b252403497575a96faa02dd04f70
GET /v/t51.29350-15/313041455_683108943236284_4164175902887426679_n.jpg?_nc_cat=109&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=UjsivGzmgBAAX9ezCPc&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfARum0sLzgFM2bpH6AvS3Ulfe7J8Yl7wOFEFm5WumT_zQ&oe=637392A7 HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 28 Oct 2022 18:28:36 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 1807456373
x-needle-checksum: 3894393925
content-digest: adler32=3894393925
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 280442
x-fb-trip-id: 382461245
date: Sat, 12 Nov 2022 19:31:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lax3-2.cdninstagram.com/v/t51.29350-15/311319699_1132178804380817_1451243162524908023_n.jpg?_nc_cat=110&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=DmAdpMoc5KoAX-UUGsE&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfCF-dArgXK4zPFB9WAb6q6tvO_RCh1M0TLkfD1a0z5ZLw&oe=6374F6D9
157.240.11.52200 OK 292 kB URL HTTP/2 scontent-lax3-2.cdninstagram.com/v/t51.29350-15/311319699_1132178804380817_1451243162524908023_n.jpg?_nc_cat=110&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=DmAdpMoc5KoAX-UUGsE&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfCF-dArgXK4zPFB9WAb6q6tvO_RCh1M0TLkfD1a0z5ZLw&oe=6374F6D9
IP 157.240.11.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1782, components 3\012- data
Size 292 kB (291897 bytes)
Hash f402226cbdc15e844b83772450722914
ac3c6b0ff56f727e847a1c643a8fe916cc32dd13
e05393bb37f9564802509e8c727166c41984e057be1c359cd96549ab87c630d2
GET /v/t51.29350-15/311319699_1132178804380817_1451243162524908023_n.jpg?_nc_cat=110&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=DmAdpMoc5KoAX-UUGsE&_nc_ht=scontent-lax3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AfCF-dArgXK4zPFB9WAb6q6tvO_RCh1M0TLkfD1a0z5ZLw&oe=6374F6D9 HTTP/1.1
Host: scontent-lax3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 13 Oct 2022 18:58:11 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 3067977826
x-needle-checksum: 761525713
content-digest: adler32=761525713
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 291897
x-fb-trip-id: 382461245
date: Sat, 12 Nov 2022 19:31:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:31:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/mapfiles/openhand_8_8.cur
142.250.74.163200 OK 326 B URL HTTP/2 maps.gstatic.com/mapfiles/openhand_8_8.cur
IP 142.250.74.163:0
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @8x8\012- data
Hash feff9159f56cb2069041d660b484eb07
0d0a08cf25a258511957f357b89d3908f3c5e6e3
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
GET /mapfiles/openhand_8_8.cur HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.editmysite.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/bmp
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 326
date: Sat, 12 Nov 2022 19:31:33 GMT
expires: Sat, 12 Nov 2022 19:31:33 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:31:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.thehairalcove.com/app/website/square.ico
199.34.228.185200 OK 6.5 kB URL HTTP/1.1 www.thehairalcove.com/app/website/square.ico
IP 199.34.228.185:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash d810985ef4dc1c0bd5811e36d13c8ca3
2b45bb77c68c937af6a2d9854dc82301526473aa
770e0889aefd823056c7cdbb066a445be0f0754c1b4d4cba877e120fdbcb63e6
Analyzer Verdict Alert quad9 Sinkholed
GET /app/website/square.ico HTTP/1.1
Host: www.thehairalcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thehairalcove.com/
Cookie: publishedsite-xsrf=eyJpdiI6Im9kWTdpNFpoNmVuSk5reWZKRFVYWXc9PSIsInZhbHVlIjoiM042TW5OVUd6UzVZNVE5R2lIb1lyMVFQU091bFNPdnlKeGtYSlpOUG9TeHR0YXU2cExvNEdNZ0pPRm1sR05vdHlhQ1o3aVpmSHVRTDlUa2xWRHVMR2hrWGFPTnl2eXRkWmc4Y29vS2M4cnhnQzRDU3ZBVGhFajBId09YQXBFYzQiLCJtYWMiOiJlNTVkMmRlYTQwZWY3YThmNTljMzcxNjEzYjNlZGY0MTc0M2Q3ZDdjYmJlY2UyZjhiMzI3YTM5Yzc3YTEzMzIxIn0%3D; XSRF-TOKEN=eyJpdiI6IjA4RWtuOStQQ3RpOVk5OEp0MGxLaGc9PSIsInZhbHVlIjoiallSZHpXcUR3NEJRV1ZyaHN4dzBaYVY4VHVVZ0s4YlBDblMxNFVRc0p5SG01XC9nblRUUHplSnFEa1wvZUZ1YkNuaEpSYXJEeFVoXC9KRWJQMXpPMVF2NHJMU3Y1S0Y0RWNCUGQxZmd3ckhqcndJeTlZQlA1OGlWRTNycGpUYzY0ZVkiLCJtYWMiOiJkNTgyNjNlOTM1YzU0OTNiZWQxNThlZTA3ZjkwNTA0NDMyNjVhMzc4N2U1NTk0ODMxOWZmMTc0OWVhMzczM2ZiIn0%3D; PublishedSiteSession=eyJpdiI6IkpVZ1pZSHg4Y0hCTHRqS3NmaGtkdkE9PSIsInZhbHVlIjoieHo1cys0b3UzRUNXZDV5d3RxTTAzMVwvd3E0ZnlEcml5VmJzajdPWUxKcThod3g1V25wZ3pBc1RyQUh2RlwvYUZVQ3dKejhXaFJqdk41YVY1Y2FFYk9LaGl1b2ZreHF5cTJGWStwaDZpa0JHRG5YRDU5QkdyTXdUbGlkc01VWDNKSiIsIm1hYyI6ImZiYWY2ZmI1MDkyZDQ1YzcwMmZiZGMyNGYxMmI5NTYyYjU3MGQzNWU1NDQ3ZDMyMGViNTFkODk5MWM0ZjI5MWEifQ%3D%3D; websitespring-xsrf=eyJpdiI6IlhrQm1GZFo5dzVYbGc5ZU9BdURqRFE9PSIsInZhbHVlIjoiYVNxS24wUmIwa1NzYTNXNFJxSDFxc0dDVjJRMWxFMzh6SFRjKzhUR1lzeldocjJHSDNlaDMwcVNRR0ViZHRPcWhlNlwvc3Q1VGxtd1U2d0hxS1R2aVlKWTc4Q2grZWw4cGtPN1RBWjdia1wvdTFVVGhHbFlKbFFoYkg5ME9cL2JRUWYiLCJtYWMiOiI4Njc1YzEyNWEzNjQ4NDY2MDE0OTY3OTEzOGJlMDRiNmI2N2Q0MGRjYzliNTg5NGE1NmMzYmZiZjJiYTI3OTk5In0%3D; _snow_ses.f4d9=*; _snow_id.f4d9=fcfc75ba-743b-4a8d-a166-e96eb6946959.1668281489.1.1668281489.1668281489.e922023a-5b7f-47ab-b47e-b01ec306bb9d; square-sync-csrf=eyJpdiI6ImRLMnA1aHVIMFJOaTVEeFwvbTNRUFR3PT0iLCJ2YWx1ZSI6IlwvNTg1N3VwNXY1NlplcVAwRmQzVktFWCt1RFVSRTVMb2ZwcnFpQmtvU3pONTF5TDZHK1wvVnJEdm5mUUNWSUxidEFydHdwVlhXZ3FBUm03QW5TNk5LZ25xdGRaZm1aYTU0MllwZGtrcVVJaFBcL3g1S3ZOdjRHSDFRanA1OVwvUTNjSCIsIm1hYyI6ImJiZTQzMWVlM2E2NWIyNGQzZDdiZDY3N2EwZjQxMzNhNmYzN2E4ZmRjMGU4MmVlODEzNzk1NmEwYzIxM2Q2Y2UifQ%3D%3D; square-sync_session=eyJpdiI6IjFZWjJ0ZzBYblc4cmFVcFppSDJlQ1E9PSIsInZhbHVlIjoiTmFjTWFRVmVmRkNha2JVYXhkbjFKanY0V25CYkFoejhua1lsYncwMzF6emNZa1BzMzRYaG9jVUxsTUFcL1YyYmxoY1MxYnpLdUIwVDZkM1pFUER5M3dpUjlpMU9rdldCUzNTekliNlNGUm14c0tKcE92NDc1QThiRWFaMFpNSUJhIiwibWFjIjoiM2U1MjhmYmI2YjA1OWFlZWNkMTliNTU5ZWJmNmQ1NDM4MWVhMWNhNzNlYjkyYmY3NmIzODlmMjhiOTA4ZjAxOCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 12 Nov 2022 19:31:33 GMT
Content-Type: image/x-icon
Content-Length: 6518
Connection: keep-alive
Last-Modified: Tue, 02 Apr 2019 14:51:59 GMT
x-rgw-object-type: Normal
ETag: "d810985ef4dc1c0bd5811e36d13c8ca3"
x-amz-request-id: tx000000000000001ac6ae5-00628473fa-b9fbc64-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu66.sf2p.intern.weebly.net
X-Revision: 413ba75a29d332c4bd3f3593b6905d7bbfa563ef
X-Request-ID: cd72fa7c6f3185fc076aae86eea98569