merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
13.107.237.53302 Found 0 B URL HTTP/1.1 merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558 HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Location: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
X-Azure-Ref: 0Ai0nZAAAAABOYvqE4kZhSZfJyi6sUuyGQ1BIMzBFREdFMDQxMwBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
Date: Fri, 31 Mar 2023 18:57:05 GMT
Content-Length: 0
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12951
Expires: Fri, 31 Mar 2023 22:32:57 GMT
Date: Fri, 31 Mar 2023 18:57:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9933
Expires: Fri, 31 Mar 2023 21:42:39 GMT
Date: Fri, 31 Mar 2023 18:57:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76218c893040d958ae1c4231cdd2133c
6a7b336dee91d4aec26ace0a5883ecdfac52e68f
d35492b04d16ed00e9e195e7c84c99aa6a2b8a93abeb656baae0918986f0a7e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D35492B04D16ED00E9E195E7C84C99AA6A2B8A93ABEB656BAAE0918986F0A7E4"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4492
Expires: Fri, 31 Mar 2023 20:11:58 GMT
Date: Fri, 31 Mar 2023 18:57:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Alert, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 31 Mar 2023 18:28:25 GMT
content-type: application/json
age: 1721
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: cdH1t/RE6LCbB/BTpeTaeohp82fpvCsGk79C63tNyfUoCCj9L0xWiH+uy5GXptiwA3Z4jVzOeE8=
x-amz-request-id: VVSF6TWY9Q9P99QP
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 31 Mar 2023 18:03:26 GMT
age: 3220
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 18:57:06 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 89403d2634ef51fc8db83d9f6fafd823
86bd49d15156418baa7b89786578cc766910ba2d
e484b8a447c7d8203b2f06f4a989321a84fd0ad99e7bca15956b2c37864e687d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 18:57:06 GMT
Server: ECAcc (amb/6AC3)
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Pragma, Backoff, Expires, Last-Modified, Content-Type, Alert, Retry-After, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 31 Mar 2023 18:14:39 GMT
age: 2548
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b3df8c73360b4239af64e11f9d2388be
dc5463ff26615b40e4eab388052790d6c30ea5e6
877b23d16abf2e0e9f649f53747e82af0b75e8595abd71728254e612847cfdb6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "877B23D16ABF2E0E9F649F53747E82AF0B75E8595ABD71728254E612847CFDB6"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17523
Expires: Fri, 31 Mar 2023 23:49:10 GMT
Date: Fri, 31 Mar 2023 18:57:07 GMT
Connection: keep-alive
merchant.securely.us/assets/logos/Securely-VerticalLogo-RGB.svg
13.107.238.53200 OK 8.2 kB URL HTTP/2 merchant.securely.us/assets/logos/Securely-VerticalLogo-RGB.svg
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (8176), with no line terminators
Hash 773eadbea5928f36cfd5e00a550daeb2
7a80a490bd714d9477c6b24cd93aa462b4f94bf3
43f96ad5783fba2a4b15e4ac3e5a39f4abf0ea75f0bf6f6645fd043ce0977d72
Analyzer Verdict Alert fortinet Phishing
GET /assets/logos/Securely-VerticalLogo-RGB.svg HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-length: 8176
content-type: image/svg+xml
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0Ay0nZAAAAAB/T5pxj0fQQaArTOKaJN6bRlJBMjMxMDUwNDE3MDA5AGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0Ay0nZAAAAADW9CiiKgH1R68EzRQW+tXwQ1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:06 GMT
X-Firefox-Spdy: h2
merchant.securely.us/Inter-Regular.d9c0f26157d26d70.woff2
13.107.238.53200 OK 99 kB URL HTTP/2 merchant.securely.us/Inter-Regular.d9c0f26157d26d70.woff2
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 98888, version 1.0\012- data
Hash 11c5c6e58b259aeae260719950964fe1
e590efe6104bf378522ce0dfeaa9223c19c3e249
3d9f7e18c52f0fa73581e86ca63beba8fcb5eb5cf770661a5fd6e4e00aaed747
Analyzer Verdict Alert fortinet Phishing
GET /Inter-Regular.d9c0f26157d26d70.woff2 HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=3600
content-length: 98888
content-type: font/woff2
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0Ay0nZAAAAAC10tAKhB11RKP3cFaacPZKRlJBMjMxMDUwNDE4MDUxAGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0Ay0nZAAAAAC+0fq6UMN8ToO26uREvAgPQ1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:06 GMT
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.83.98.99101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.98.99:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nP3rwiV8ThGRbqN4DyJQXA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DGX+/R0b7u28xBT5kzYOs7l6avQ=
merchant.securely.us/src/assets/favicons/android-chrome-512x512.png
13.107.238.53404 Not Found 14 kB URL HTTP/2 merchant.securely.us/src/assets/favicons/android-chrome-512x512.png
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5843)
Hash e3238b021b498580e3636f34aad37357
1579c2de3f40e592f8074050b26a71a393c32a7b
b666b978e2499f9f04ac5b2ec579e055134be152bd71b2808c1133d7bd40603e
GET /src/assets/favicons/android-chrome-512x512.png HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache
content-length: 14158
content-type: text/html
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0Ay0nZAAAAAA9az4VCsW1R7MrTjSUB/5LRlJBMjMxMDUwNDE3MDM3AGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0Ay0nZAAAAAB0MxCXRYesRrEcYjgx49ewQ1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:07 GMT
X-Firefox-Spdy: h2
merchant.securely.us/favicon.ico
13.107.238.53200 OK 15 kB URL HTTP/2 merchant.securely.us/favicon.ico
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 09b525a8ce51d3a244db1ac972cc8247
dabf3272200b30871931f9201908577e91f4288d
e19422bc8f68a431bfdbc9d8e3886f1a694f9ae3037d1ff538314125ad194576
GET /favicon.ico HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=3600
content-length: 15406
content-type: image/vnd.microsoft.icon
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0Ay0nZAAAAABsgQ1RIJXjSYm1zqL2BYh4RlJBMjMxMDUwNDE3MDIxAGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0Ay0nZAAAAACyEV1dVX+9TY7eiQ+cBfk6Q1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:07 GMT
X-Firefox-Spdy: h2
api.securely.us/monolith-api/application/features
20.109.225.46200 OK 1.2 kB URL HTTP/1.1 api.securely.us/monolith-api/application/features
IP 20.109.225.46:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (1206), with no line terminators
Hash 93c4d5e596b492279ccc3ea7378714e6
1cd87bea8bf5c8c809a2fb137038d23d3e6cdf64
2bf8ba292e69d33b277dd7542f8f9752f143fa140caaa3dedd49fe6ed2dbbde7
Analyzer Verdict Alert fortinet Phishing
GET /monolith-api/application/features HTTP/1.1
Host: api.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://merchant.securely.us
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 18:57:08 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 1206
Connection: keep-alive
Access-Control-Allow-Origin: *
Request-Context: appId=cid-v1:e741ea7b-3c7e-4de9-bad7-83316e9acd42
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8552
Expires: Fri, 31 Mar 2023 21:19:40 GMT
Date: Fri, 31 Mar 2023 18:57:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8552
Expires: Fri, 31 Mar 2023 21:19:40 GMT
Date: Fri, 31 Mar 2023 18:57:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8552
Expires: Fri, 31 Mar 2023 21:19:40 GMT
Date: Fri, 31 Mar 2023 18:57:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8552
Expires: Fri, 31 Mar 2023 21:19:40 GMT
Date: Fri, 31 Mar 2023 18:57:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8552
Expires: Fri, 31 Mar 2023 21:19:40 GMT
Date: Fri, 31 Mar 2023 18:57:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4de055bc-1569-4c9a-9ff5-b5ce7d869905.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4de055bc-1569-4c9a-9ff5-b5ce7d869905.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41f0baa1423dbd529f6c47bd51fe708f
f09b44f30b63f5e29dd247f592147ffc6b308e72
313b769259453565919ab14410faea927a23ad75636abc57851dfe67d43ea156
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4de055bc-1569-4c9a-9ff5-b5ce7d869905.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4370
x-amzn-requestid: 5791c184-d5eb-4666-bc94-f838cd0183af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUllHrcIAMFSWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-15fb3d2f67359d6837df5d0d;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: SutOql3FzsHZoFN5TXMJZ1NZzBplZK1w0zNIzAN1rUQ2cKeSrCiA6w==
via: 1.1 99db15345b0e5e7ad9c267ae999b8cf4.cloudfront.net (CloudFront), 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:50 GMT
age: 76158
etag: "f09b44f30b63f5e29dd247f592147ffc6b308e72"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 424b55535e5fd622b2fc96aac1246324
cf7cf08aa8969a86bf03695af2129686fd62fe86
c4bb26a7b2c431282b53b4df9999b9cc8e61369a79c606688a76499b31a65127
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10271
x-amzn-requestid: db0d1fe4-060a-4e61-90f3-ec9befee1295
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkBoXGh5oAMFfzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424afce-2e9251552b4acdcb19e02dfc;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 1cXec9_e-KpzyTwiHaNAaf0y5i12tw7BkZTXnduS5ek7yAAZ0LXTWw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:48:08 GMT
age: 76140
etag: "cf7cf08aa8969a86bf03695af2129686fd62fe86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
merchant.securely.us/main.af2f67b177d8bc1b.js
13.107.238.53200 OK 341 kB URL HTTP/2 merchant.securely.us/main.af2f67b177d8bc1b.js
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65536), with no line terminators
Size 341 kB (341271 bytes)
Hash 033738f734475152f734ff37b7c6614f
fc5adc6d630426cf13248dfdad240a588a41fbc6
201caf049fa042e46f0ea3e14deb7476374ac7521a33ecfb57d18b15cb6fcb1e
Analyzer Verdict Alert fortinet Phishing
GET /main.af2f67b177d8bc1b.js HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: text/javascript
content-encoding: br
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
vary: Accept-Encoding
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0Ay0nZAAAAADIrqC6xeRBQY9+KADAPFkrRlJBMjMxMDUwNDE4MDM1AGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0Ay0nZAAAAABYImb8PnpvTK4qKP1/QSvSQ1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:06 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39bdd16276747b1445a79e674a2a3347
d0676f63738484298a78b7abf7e4934c3d256065
67aa526299060c2a39c4baa10fd03f121497dccd5e765676639ed73ac529c34b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11061
x-amzn-requestid: 428128ec-c441-4ff7-9c84-880a01672b00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnVFnFf0IAMFTvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260223-185c48300f161931310fa35f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:41:55 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: gc77o7y-moH1HuMEZFe9-00DVAda9baa-5VEPlMA4SIZDJNzQ8jUlA==
via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:50 GMT
etag: "d0676f63738484298a78b7abf7e4934c3d256065"
content-type: image/jpeg
age: 76158
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8600e41520408df4865627256a0a0736
dffeaf1a8f73ae9f6247b9dc7f05301fefc00aef
9163d80d7b6087b804e6682a50d4f66339d339894cf1c5808f2e5c2e0b3de930
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5806
x-amzn-requestid: cee5b166-592b-405e-b5f1-e36eb249ec59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUllFFooAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-01840fa47177285667bca060;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: WnrfQr57EWYnXt1xJt9tr5XCuM3gPYULlDdEVpv2Q2kz7MDIPxSPKA==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:50 GMT
age: 76158
etag: "dffeaf1a8f73ae9f6247b9dc7f05301fefc00aef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0530376e431b6563796e4abb0db0bc4e
6921f4bd83a806e1ea8247854ad4c045fa7ee298
d6371c81d5494d5e50fd5cc1cfe1ce28213dfa70ea5a94df82c9f4b3e6430a53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10490
x-amzn-requestid: 0525e5c4-485e-47eb-ab95-1136e4d5c29a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUnTEztoAMFzMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260161-54b47454475ff6ee4d880534;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:41 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: jl5cQc_Zqq5xNDMcs5jRHb3HBIjuucl-JHF126hInXrOfv_CG-UqSg==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:18:02 GMT
age: 74346
etag: "6921f4bd83a806e1ea8247854ad4c045fa7ee298"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.securely.us/monolith-api/application/features
20.109.225.46200 OK 1.2 kB URL HTTP/1.1 api.securely.us/monolith-api/application/features
IP 20.109.225.46:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (1206), with no line terminators
Hash 93c4d5e596b492279ccc3ea7378714e6
1cd87bea8bf5c8c809a2fb137038d23d3e6cdf64
2bf8ba292e69d33b277dd7542f8f9752f143fa140caaa3dedd49fe6ed2dbbde7
Analyzer Verdict Alert fortinet Phishing
GET /monolith-api/application/features HTTP/1.1
Host: api.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://merchant.securely.us
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 18:57:09 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 1206
Connection: keep-alive
Access-Control-Allow-Origin: *
Request-Context: appId=cid-v1:e741ea7b-3c7e-4de9-bad7-83316e9acd42
api.securely.us/eapi-authentication/auth/validation/verify/login
20.109.225.46200 OK 0 B URL HTTP/1.1 api.securely.us/eapi-authentication/auth/validation/verify/login
IP 20.109.225.46:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
OPTIONS /eapi-authentication/auth/validation/verify/login HTTP/1.1
Host: api.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://merchant.securely.us
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 18:57:09 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST
Request-Context: appId=cid-v1:e741ea7b-3c7e-4de9-bad7-83316e9acd42
merchant.securely.us/common.11655c439a8aab52.js
13.107.238.53200 OK 119 kB URL HTTP/2 merchant.securely.us/common.11655c439a8aab52.js
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (48387), with no line terminators
Size 119 kB (118886 bytes)
Hash 7bdd1259bc24321045407505f4661746
6cf766a1ae3fd031eeaee61bb44c0621032fe24e
f140b687b9e03da985c3954603adafad1bd1d7f4032e9aea6d50238e75851f86
Analyzer Verdict Alert fortinet Phishing
GET /common.11655c439a8aab52.js HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: text/javascript
content-encoding: br
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
vary: Accept-Encoding
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0BC0nZAAAAADNCjxKqv2KQqZxEbFVF2aMRlJBMjMxMDUwNDE4MDUzAGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0BC0nZAAAAACkgsgwhfmnRLF3GV9sKIYyQ1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:07 GMT
X-Firefox-Spdy: h2
api.securely.us/eapi-authentication/auth/validation/verify/login
20.109.225.46400 Bad Request 225 B URL HTTP/1.1 api.securely.us/eapi-authentication/auth/validation/verify/login
IP 20.109.225.46:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 5e153a0e7422e6b4bffc2e7513fd78d5
1d627020fee63d431cbc10a2ea42ed228d3b591f
cd85e78709081c88b70d75d3a3a5c039c500a7f23418ba512582c8a4d34ee7c0
Analyzer Verdict Alert fortinet Phishing
POST /eapi-authentication/auth/validation/verify/login HTTP/1.1
Host: api.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 93
Origin: https://merchant.securely.us
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 400 Bad Request
Date: Fri, 31 Mar 2023 18:57:09 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Request-Context: appId=cid-v1:e741ea7b-3c7e-4de9-bad7-83316e9acd42
Access-Control-Allow-Origin: *
merchant.securely.us/8510.a8945f8e8b18bcfb.js
13.107.238.53200 OK 0 B URL HTTP/2 merchant.securely.us/8510.a8945f8e8b18bcfb.js
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Analyzer Verdict Alert fortinet Phishing
GET /8510.a8945f8e8b18bcfb.js HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: text/javascript
content-encoding: br
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
vary: Accept-Encoding
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0BC0nZAAAAAD4WnYfsqcER5pYv1Y/cdMBRlJBMjMxMDUwNDE3MDExAGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0BC0nZAAAAAAXR9zH1JijRIIr7skMKzO6Q1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:07 GMT
X-Firefox-Spdy: h2
merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
13.107.238.53200 OK 0 B URL HTTP/2 merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558 HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: no-cache
content-type: text/html
content-encoding: br
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
vary: Accept-Encoding
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0Ai0nZAAAAABXjWA7gB/aT5HKiPYJbQL9RlJBMjMxMDUwNDE4MDM3AGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0Ai0nZAAAAABHXYGqTy3pSJz8g1bMLc4gQ1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:06 GMT
X-Firefox-Spdy: h2
merchant.securely.us/131.619a1eadfc49998d.js
13.107.238.53200 OK 0 B URL HTTP/2 merchant.securely.us/131.619a1eadfc49998d.js
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Analyzer Verdict Alert fortinet Phishing
GET /131.619a1eadfc49998d.js HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: text/javascript
content-encoding: br
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
vary: Accept-Encoding
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0BC0nZAAAAABi1/mO+cU3Qq7GfdQrduTlRlJBMjMxMDUwNDE4MDE3AGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0BC0nZAAAAACyYRK20vKGR6Fy3tjyPnc+Q1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:07 GMT
X-Firefox-Spdy: h2
merchant.securely.us/polyfills.780d73d063d08ee8.js
13.107.238.53200 OK 0 B URL HTTP/2 merchant.securely.us/polyfills.780d73d063d08ee8.js
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Analyzer Verdict Alert fortinet Phishing
GET /polyfills.780d73d063d08ee8.js HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: text/javascript
content-encoding: br
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
vary: Accept-Encoding
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0Ay0nZAAAAACjH7D529zqQKiPaDBN3yDnRlJBMjMxMDUwNDE3MDM1AGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0Ay0nZAAAAADQYrbnkwK4SK18VcTLHWp2Q1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:06 GMT
X-Firefox-Spdy: h2
merchant.securely.us/runtime.9a28a6c42956fe47.js
13.107.238.53200 OK 0 B URL HTTP/2 merchant.securely.us/runtime.9a28a6c42956fe47.js
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Analyzer Verdict Alert fortinet Phishing
GET /runtime.9a28a6c42956fe47.js HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: text/javascript
content-encoding: br
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
vary: Accept-Encoding
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0Ay0nZAAAAAAMFkm8CTdbRLdLafHaqrumRlJBMjMxMDUwNDE4MDE5AGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0Ay0nZAAAAAAQ3rRavwUHQYEPiDrcKJ1lQ1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:06 GMT
X-Firefox-Spdy: h2
merchant.securely.us/styles.9db2459e8af142a0.css
13.107.238.53200 OK 0 B URL HTTP/2 merchant.securely.us/styles.9db2459e8af142a0.css
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /styles.9db2459e8af142a0.css HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: text/css
content-encoding: br
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
vary: Accept-Encoding
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0Ay0nZAAAAADczxvFV1y5QaWRln4JvSPHRlJBMjMxMDUwNDE3MDIzAGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0Ay0nZAAAAAC3MfMqLD2MT5w57FkVrFhjQ1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:06 GMT
X-Firefox-Spdy: h2