r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 048cda18c6dbe7c4e4b106f5e1104b0a
1bd6f3367ccf446263b00ad8c1ece15a4164730b
66a680d9b8e454db94e14d2c4a466891e538b2d83ccee0dc65be62163992b4e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "66A680D9B8E454DB94E14D2C4A466891E538B2D83CCEE0DC65BE62163992B4E0"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10198
Expires: Tue, 20 Dec 2022 22:09:50 GMT
Date: Tue, 20 Dec 2022 19:19:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 04c14564c7083355371e41c5a09acada
ea488e34661be5420c798c7e26f193b4dee7bb37
d7e5c37d8e6cbed236670d050f84f288539642f7a41a54b0abd39357f7c42232
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7E5C37D8E6CBED236670D050F84F288539642F7A41A54B0ABD39357F7C42232"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7375
Expires: Tue, 20 Dec 2022 21:22:47 GMT
Date: Tue, 20 Dec 2022 19:19:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cf03270e3476f7482a2cc7ddc6a9e857
ab70d5ee87b01e0601f8e518bf36f97c8ceeba9a
43a4e796860a1481636dac103488cadc68c261d13cfe835d273efc368e569f97
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43A4E796860A1481636DAC103488CADC68C261D13CFE835D273EFC368E569F97"
Last-Modified: Sun, 18 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7225
Expires: Tue, 20 Dec 2022 21:20:17 GMT
Date: Tue, 20 Dec 2022 19:19:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 20 Dec 2022 18:34:27 GMT
content-type: application/json
age: 2725
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: grGNnfDnWXUn6Q7S723Y9jsgb9r4B2Wp+7iggMmNfu4x4GJx5Ymlslt8Yob6DnEDiTal6QBttM8=
x-amz-request-id: VXW6V9Z9R9S73CQ7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 20 Dec 2022 18:55:05 GMT
age: 1487
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 19:19:52 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash f89773dbbc1dcd69413231f616540369
7c80f4b8122afc8fe2ee1a8a94b2fc78d929f744
3195910868d6c5c99c10256d063a5dacb1be5387b36e7b99661b66c188baebdc
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "3195910868D6C5C99C10256D063A5DACB1BE5387B36E7B99661B66C188BAEBDC"
Last-Modified: Tue, 20 Dec 2022 10:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3583
Expires: Tue, 20 Dec 2022 20:19:36 GMT
Date: Tue, 20 Dec 2022 19:19:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 20 Dec 2022 18:33:24 GMT
age: 2789
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0c2b6760f2b58f445446dd2276d5af4
aeedf417b1ebde86ce837ca02ba934abb938b1a4
8fe72d0ce839150559da5ddf46bf87d26b6b9cbe34d09641b29a53be24997c81
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6409
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 19:19:53 GMT
Last-Modified: Tue, 20 Dec 2022 17:33:04 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
att-103619.square.site/
199.34.228.39200 OK 8.9 kB IP 199.34.228.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (19615)
Hash 02f05ad35fd4893fe9adcfd8ac1ce430
ff982fabc904803c9969db35357492a817a35e5b
8d259c7cf9da881c9e241e6ab3cc5a4bbb6a5185c308f2277c3da5692d0988a1
Analyzer Verdict Alert openphish AT&T Inc.
GET / HTTP/1.1
Host: att-103619.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Tue, 20 Dec 2022 19:19:53 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6IktJOFlWajd3OWR2NTdTM3QrVDMwVFE9PSIsInZhbHVlIjoiUGlYRDdZRVU3SWd1cjB5Y0F4cnFnTUZtellWekxZTUcwRWNvVVwvS2ZyZ2RjMnErWEM1VE1kZjRPTFVmbXNDbko2bGQzNVwvQVNUTlVDT1lnWDhHM2c2dVg3Z2poaVVMXC82WE5tTUtjRktGRHlYaTZKdVIxWVdqVGd2UlwvUUVWRXFzIiwibWFjIjoiMjA2NzliMDZiODZmOWIyMjQxODRiOTUwM2M3MjBiNWQwMWRiN2VlZmQ4Yjk3Mzc4NjJiMTM2YWU3ZGQ1ZDU3MSJ9; expires=Tue, 03-Jan-2023 19:19:53 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6ImttWEV2dHE5eVJmNDBYSU9zRXBEeWc9PSIsInZhbHVlIjoick42ajFHZUZnbWp6cUtjaHExR1VzM0c3TlEyV0FIbVE1RTB6TUR4NHVaM1wvS3l4U1ZIczIrWEd3Y20wQ3c2c2tTc3Nld1RFV3EzUEo3U1wvaVh4cGhBM015Rmc3RE83cU54eVE3djBncTdVaDJLWjdGdkM3T0xZTThGdXI4RmJyRyIsIm1hYyI6IjM4N2VmZGJkMmQwNmY2Y2QzODUxNzM4YTE4MTdhYTg3YzMwZTE3NTY3ZjI5NGZjM2JhZjAxOTNiZGZmNjFjODkifQ%3D%3D; expires=Tue, 03-Jan-2023 19:19:53 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6IjltWXBiaTV1MlpmZEVUc01oSUZGSUE9PSIsInZhbHVlIjoiV1Y5eDJMUkhpcThpVVBnXC9yWFpkTDdFUHBrcFhsRVZJXC80RU0xR1dLbGVlWjBrQmo2aVNxb2hZaVk2RllTSEN6dlBDcHRKSEpXNTF4T3B4MTg4eG42XC9DUXVydWZNME12aThQVmNKVjFzUDl6VTdqSUZNcnZyc1dTNjVuY2NpR3oiLCJtYWMiOiJiYjU1NDkyMzY0MWUyMmIwZmMzZTczYTAwYzkwODg5MzJmMjk2MzgzZTljYjNmNTQ5MTRkNDUwMjM3OTdjYWI5In0%3D; expires=Tue, 03-Jan-2023 19:19:53 GMT; Max-Age=1209600; path=/; httponly
X-Host: grn135.sf2p.intern.weebly.net
X-Revision: a39cdda500970c491f87798f46893a9fb788971c
X-Request-ID: aaf24f4bc8a37ed09f9e5798dab9b50c
Content-Encoding: gzip
push.services.mozilla.com/
44.237.93.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.93.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hB4RfBFKfjQ0GfEiCQDraA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: luRtc+wDt7lXInywZbgD+pseL0E=
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.20.226:0
Hash e6a74a985d3ac4a8ecdec584cbb3d5b0
bfe49c5a45d3cd01faf282a2fed8328c9b8dfce3
754054d20d623e45ead65d663980f22bba85b0e363aa96a6523abfc30233d6f6
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 19:19:53 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "39E45AA819B81A7CA560329D751D3D2901655891"
Expires: Wed, 21 Dec 2022 07:00:00 GMT
Last-Modified: Tue, 20 Dec 2022 19:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 18
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77cabb71b877b506-OSL
cdn2.editmysite.com/js/wsnbn/snowday262.js
151.101.129.46200 OK 26 kB URL HTTP/2 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP 151.101.129.46:0
File type ASCII text, with very long lines (2512)
Hash 234327230add9a5a5d61a48829ea4565
7966cc0e4bd76f88ff193c8a99a067de804b7129
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-103619.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 07 Dec 2022 20:12:37 GMT
etag: "6390f3b5-124fe"
expires: Thu, 22 Dec 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: grn97.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 20 Dec 2022 19:19:53 GMT
age: 1075272
x-served-by: cache-sjc10061-SJC, cache-bma1672-BMA
x-cache: HIT, HIT
x-cache-hits: 9, 9667
x-timer: S1671563994.895792,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25752
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 21a5eac5f3bcaeb11141588404483a6d
08540bede2d02da5f969e0350123845d222cfe3a
4914736002dd79a1bf28c4c3dd7bace7865ba9fb565f36ee43e4af97420cea9b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=168379
Date: Tue, 20 Dec 2022 19:19:54 GMT
Etag: "63a1f425-1d7"
Expires: Thu, 22 Dec 2022 18:06:13 GMT
Last-Modified: Tue, 20 Dec 2022 17:43:01 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: S3LybX5kqohagTJwmUWE-MtjfYyCUydl1Taxs1AA2h9wSY3fWjr6Pw==
Age: 1393
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash e0e44c022080930136affc9fa6d8ec6f
f1772bbe9fc01d61b1f18ec06519d465702d51a8
2c37db83c3fb7d0e4970099e594fa1bccd39a8d58138c29bf02898c2cce53e7d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Dec 2022 19:19:54 GMT
Last-Modified: Tue, 20 Dec 2022 17:33:02 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DfsA3veNWMQbrvuH5F_VLl1bM2kV1sD9yuYI7kEZHaUhISekS_v7Uw==
Age: 6412
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.232.197.188200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.232.197.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://att-103619.square.site/
Origin: https://att-103619.square.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Dec 2022 19:19:54 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://att-103619.square.site
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.232.197.188200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.232.197.188:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1988
Origin: https://att-103619.square.site
Connection: keep-alive
Referer: https://att-103619.square.site/
Cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 19:19:54 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c; Expires=Wed, 20 Dec 2023 19:19:54 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://att-103619.square.site
access-control-allow-credentials: true
X-Firefox-Spdy: h2
sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
35.188.42.15200 OK 2 B URL HTTP/1.1 sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
IP 35.188.42.15:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://att-103619.square.site/
Content-Type: text/plain;charset=UTF-8
Origin: https://att-103619.square.site
Content-Length: 429
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 19:19:54 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://att-103619.square.site
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2344
Expires: Tue, 20 Dec 2022 19:58:59 GMT
Date: Tue, 20 Dec 2022 19:19:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2344
Expires: Tue, 20 Dec 2022 19:58:59 GMT
Date: Tue, 20 Dec 2022 19:19:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2344
Expires: Tue, 20 Dec 2022 19:58:59 GMT
Date: Tue, 20 Dec 2022 19:19:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2344
Expires: Tue, 20 Dec 2022 19:58:59 GMT
Date: Tue, 20 Dec 2022 19:19:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2344
Expires: Tue, 20 Dec 2022 19:58:59 GMT
Date: Tue, 20 Dec 2022 19:19:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7b99ff1-3a90-4792-98d7-d8a29855c0b3.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7b99ff1-3a90-4792-98d7-d8a29855c0b3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49a98c00b1949e152b5f31c588a76a63
1315068dfd111f24e39d14434c719ef10328bfbf
6f67099495261e1114eeca46d2afd3c0bc6921fbc20a6e3e78c4af5d1c9edbc2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7b99ff1-3a90-4792-98d7-d8a29855c0b3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9593
x-amzn-requestid: 3a50abdf-4974-4f53-bdc6-5c15a84fea65
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: da6rNHYQoAMFdzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a10b14-40a012f068ef226f07b54875;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 01:08:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: _0MpwiIILMLLAXutPvNrycEQypsLabZiiSEUKOWJnGWz5Q4gYsxcow==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 01:33:12 GMT
age: 64003
etag: "1315068dfd111f24e39d14434c719ef10328bfbf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2f35059-99cc-477d-9e68-c3a035d125df.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2f35059-99cc-477d-9e68-c3a035d125df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bba7c67bdc57d1fe2870ebd4ee9fd5c9
127850560e258665ca8074757c1b66f680d2bd78
9edd765e65644edfe4221352225cb89ebe98fa451d9528b8b614d594a20e100d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2f35059-99cc-477d-9e68-c3a035d125df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9265
x-amzn-requestid: d84f905b-7faf-409a-b188-4b8cf06b9e4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: da4KJGx9oAMFrQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a1070d-43152d9651bcb4a15ffe1cfa;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 00:51:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: uGYoskcC2ev3JFxsBZGglmBiCCWmjo5Xg2zqe5925zArdzRk5QtuTQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 c5c7edc18be1805f007e0576da02e554.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 01:24:18 GMT
age: 64537
etag: "127850560e258665ca8074757c1b66f680d2bd78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82b028aa-d0e3-4082-a385-1385bc5c6e06.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82b028aa-d0e3-4082-a385-1385bc5c6e06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 045f016fb66e6e0d1da1fb742d9b19a7
8f98bf2cedfccfce71464a733e2fd37482fd71c2
593cf38d1c2c315ff23fcda60e41141caa0266874f36a0c517554ca01ea51f12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82b028aa-d0e3-4082-a385-1385bc5c6e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9216
x-amzn-requestid: 460a95bf-5724-4bea-b6c1-f6ce263da5e7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabq8FXboAMFwCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d979-70340469247cdcf952a98c3e;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:36:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 7yYJKslDn22-iL_OH_VIiZdrTMJ-9c-DyORpGZ4d2MZLDoX5PpekRw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 21:48:32 GMT
age: 77483
etag: "8f98bf2cedfccfce71464a733e2fd37482fd71c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c7ac0b5738bab6b4ed770c26ca922250
e56fd4ee2f5354a54a6271db2be528f98eecd3d7
5997d5be6bbeb189ef08af2f6c6dd5bb0cfa70ad7b40daab8712efe5adc2c6e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8450
x-amzn-requestid: a9f11c68-8327-46ba-9075-e316a2f9fdbb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabr3FoSIAMFdtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d97e-61b788f5675fe0e815e1e967;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:37:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: EFtrPmVeBdwlINxF0wQq0671EksYsi6nsyFd5E4SCSH4_bQyGaNQHQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 21:48:36 GMT
age: 77479
etag: "e56fd4ee2f5354a54a6271db2be528f98eecd3d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bfd0e913579b4ff2f511223d70cb01fb
497e0ffef816e100e6ddc221ec17d5f389c1142a
bee68ae1a938a5111a32dab4ec4f6964994e6c39143eac9ab94d6c5e29999372
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5185
x-amzn-requestid: 3087af97-3f2d-4848-b297-eba8d84f10c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10YHv8oAMF2sg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-7527022d4bd9c15518fe75cc;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KyEMrUTeuVTPJ3EIkrH1DLYqa4bHK7fe6dApTAFP4XY0G4airnflGA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 21:37:07 GMT
age: 78168
etag: "497e0ffef816e100e6ddc221ec17d5f389c1142a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e977b0b-6e7d-42dd-9743-5064708ab1e0.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e977b0b-6e7d-42dd-9743-5064708ab1e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b5da803c751be159f0f5b3c2f65bd2b6
39139480cfc2ed0781b51745bfaabed4490aa0db
920ee464843101c638327866fbfcc9c7f00fc19b7cdbc8948fbe53d2b6fb4ed3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e977b0b-6e7d-42dd-9743-5064708ab1e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7876
x-amzn-requestid: 668c95f2-a1b1-4abd-9f4e-23d05c4998a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: da270EFlIAMFR5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a10518-56d6db4f4cff1b4e08b87046;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 00:43:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Hy6G0TSJc89Fyo8X3mLQ4nY4Y-2Xva9gqcLLAZH_T61Kk-6cMmhqQQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 01:08:39 GMT
age: 65476
etag: "39139480cfc2ed0781b51745bfaabed4490aa0db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
att-103619.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
199.34.228.39200 OK 894 B URL HTTP/1.1 att-103619.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
IP 199.34.228.39:0
File type JSON data\012- , ASCII text, with very long lines (894), with no line terminators
Hash 5b1fb0ca173c8231fd42d32944fd0ac8
3ed43e7b4cc3da5dedf2396cb7d14217ad481ea9
fe6f4880585507c8dc99e708f36614cae3794c2eadd482ec65bb5cb6e507cd87
Analyzer Verdict Alert openphish AT&T Inc.
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig] HTTP/1.1
Host: att-103619.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-XSRF-TOKEN: eyJpdiI6ImttWEV2dHE5eVJmNDBYSU9zRXBEeWc9PSIsInZhbHVlIjoick42ajFHZUZnbWp6cUtjaHExR1VzM0c3TlEyV0FIbVE1RTB6TUR4NHVaM1wvS3l4U1ZIczIrWEd3Y20wQ3c2c2tTc3Nld1RFV3EzUEo3U1wvaVh4cGhBM015Rmc3RE83cU54eVE3djBncTdVaDJLWjdGdkM3T0xZTThGdXI4RmJyRyIsIm1hYyI6IjM4N2VmZGJkMmQwNmY2Y2QzODUxNzM4YTE4MTdhYTg3YzMwZTE3NTY3ZjI5NGZjM2JhZjAxOTNiZGZmNjFjODkifQ==
Content-Length: 78
Origin: https://att-103619.square.site
Connection: keep-alive
Referer: https://att-103619.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IktJOFlWajd3OWR2NTdTM3QrVDMwVFE9PSIsInZhbHVlIjoiUGlYRDdZRVU3SWd1cjB5Y0F4cnFnTUZtellWekxZTUcwRWNvVVwvS2ZyZ2RjMnErWEM1VE1kZjRPTFVmbXNDbko2bGQzNVwvQVNUTlVDT1lnWDhHM2c2dVg3Z2poaVVMXC82WE5tTUtjRktGRHlYaTZKdVIxWVdqVGd2UlwvUUVWRXFzIiwibWFjIjoiMjA2NzliMDZiODZmOWIyMjQxODRiOTUwM2M3MjBiNWQwMWRiN2VlZmQ4Yjk3Mzc4NjJiMTM2YWU3ZGQ1ZDU3MSJ9; XSRF-TOKEN=eyJpdiI6ImttWEV2dHE5eVJmNDBYSU9zRXBEeWc9PSIsInZhbHVlIjoick42ajFHZUZnbWp6cUtjaHExR1VzM0c3TlEyV0FIbVE1RTB6TUR4NHVaM1wvS3l4U1ZIczIrWEd3Y20wQ3c2c2tTc3Nld1RFV3EzUEo3U1wvaVh4cGhBM015Rmc3RE83cU54eVE3djBncTdVaDJLWjdGdkM3T0xZTThGdXI4RmJyRyIsIm1hYyI6IjM4N2VmZGJkMmQwNmY2Y2QzODUxNzM4YTE4MTdhYTg3YzMwZTE3NTY3ZjI5NGZjM2JhZjAxOTNiZGZmNjFjODkifQ%3D%3D; PublishedSiteSession=eyJpdiI6IjltWXBiaTV1MlpmZEVUc01oSUZGSUE9PSIsInZhbHVlIjoiV1Y5eDJMUkhpcThpVVBnXC9yWFpkTDdFUHBrcFhsRVZJXC80RU0xR1dLbGVlWjBrQmo2aVNxb2hZaVk2RllTSEN6dlBDcHRKSEpXNTF4T3B4MTg4eG42XC9DUXVydWZNME12aThQVmNKVjFzUDl6VTdqSUZNcnZyc1dTNjVuY2NpR3oiLCJtYWMiOiJiYjU1NDkyMzY0MWUyMmIwZmMzZTczYTAwYzkwODg5MzJmMjk2MzgzZTljYjNmNTQ5MTRkNDUwMjM3OTdjYWI5In0%3D; _snow_ses.eab8=*; _snow_id.eab8=13616b17-92de-44b7-966f-aae859e132c9.1671564001.1.1671564001.1671564001.568841f8-9c32-4b68-86b5-bba72fcf9874; _dd_s=rum=1&id=d809f915-5b42-45b7-8c93-508cf448175d&created=1671564001393&expire=1671564901393
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 19:19:54 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn32.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 894
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
att-103619.square.site/uploads/b/58fa2740-7fba-11ed-ae12-198311300a5c/icon_180x180_ios_Njg0Mz.png?width=180
199.34.228.39200 OK 430 B URL HTTP/1.1 att-103619.square.site/uploads/b/58fa2740-7fba-11ed-ae12-198311300a5c/icon_180x180_ios_Njg0Mz.png?width=180
IP 199.34.228.39:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0d3f90665a06a15d0ca6561e3c7ef0a9
afc38974ed273115fd12010994f07b07beaa50e8
6f7b14a837b1929d6bd6b25b86bde6e04cc55b4b9b93143708850934ec72dcd1
Analyzer Verdict Alert openphish AT&T Inc.
GET /uploads/b/58fa2740-7fba-11ed-ae12-198311300a5c/icon_180x180_ios_Njg0Mz.png?width=180 HTTP/1.1
Host: att-103619.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-103619.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IktJOFlWajd3OWR2NTdTM3QrVDMwVFE9PSIsInZhbHVlIjoiUGlYRDdZRVU3SWd1cjB5Y0F4cnFnTUZtellWekxZTUcwRWNvVVwvS2ZyZ2RjMnErWEM1VE1kZjRPTFVmbXNDbko2bGQzNVwvQVNUTlVDT1lnWDhHM2c2dVg3Z2poaVVMXC82WE5tTUtjRktGRHlYaTZKdVIxWVdqVGd2UlwvUUVWRXFzIiwibWFjIjoiMjA2NzliMDZiODZmOWIyMjQxODRiOTUwM2M3MjBiNWQwMWRiN2VlZmQ4Yjk3Mzc4NjJiMTM2YWU3ZGQ1ZDU3MSJ9; XSRF-TOKEN=eyJpdiI6ImttWEV2dHE5eVJmNDBYSU9zRXBEeWc9PSIsInZhbHVlIjoick42ajFHZUZnbWp6cUtjaHExR1VzM0c3TlEyV0FIbVE1RTB6TUR4NHVaM1wvS3l4U1ZIczIrWEd3Y20wQ3c2c2tTc3Nld1RFV3EzUEo3U1wvaVh4cGhBM015Rmc3RE83cU54eVE3djBncTdVaDJLWjdGdkM3T0xZTThGdXI4RmJyRyIsIm1hYyI6IjM4N2VmZGJkMmQwNmY2Y2QzODUxNzM4YTE4MTdhYTg3YzMwZTE3NTY3ZjI5NGZjM2JhZjAxOTNiZGZmNjFjODkifQ%3D%3D; PublishedSiteSession=eyJpdiI6IjltWXBiaTV1MlpmZEVUc01oSUZGSUE9PSIsInZhbHVlIjoiV1Y5eDJMUkhpcThpVVBnXC9yWFpkTDdFUHBrcFhsRVZJXC80RU0xR1dLbGVlWjBrQmo2aVNxb2hZaVk2RllTSEN6dlBDcHRKSEpXNTF4T3B4MTg4eG42XC9DUXVydWZNME12aThQVmNKVjFzUDl6VTdqSUZNcnZyc1dTNjVuY2NpR3oiLCJtYWMiOiJiYjU1NDkyMzY0MWUyMmIwZmMzZTczYTAwYzkwODg5MzJmMjk2MzgzZTljYjNmNTQ5MTRkNDUwMjM3OTdjYWI5In0%3D; _snow_ses.eab8=*; _snow_id.eab8=13616b17-92de-44b7-966f-aae859e132c9.1671564001.1.1671564001.1671564001.568841f8-9c32-4b68-86b5-bba72fcf9874; _dd_s=rum=1&id=d809f915-5b42-45b7-8c93-508cf448175d&created=1671564001393&expire=1671564901393
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 19:19:55 GMT
Content-Type: image/webp
Content-Length: 430
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "Ynk6ou6EgBjzoue4ZPldWcvwsqFGjCxpFlQFLAnj1m8"
Fastly-Io-Info: ifsz=801 idim=180x180 ifmt=png ofsz=430 odim=180x180 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx00000000000004bd5df9e-0063a13f4a-c67eadd-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: z29a6
X-Storage-Object: 29a64f2c19f34613f387013fc2222357ab5933decd63b53f10c97d426b9acb22
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-sjc10029-SJC, cache-pao17474-PAO
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1671563995.387086,VS0,VE32
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn152.sf2p.intern.weebly.net
att-103619.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
199.34.228.39200 OK 201 B URL HTTP/1.1 att-103619.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
IP 199.34.228.39:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bbf985fd86ef8add09a38860a98def2f
2804fa968da1e1b8be4b6f150438e45f4150d3c0
236153652c6f09415db4ee8f8b9a98827da5987a001a136d94d87f401ef6f160
Analyzer Verdict Alert openphish AT&T Inc.
POST /ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments] HTTP/1.1
Host: att-103619.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-XSRF-TOKEN: eyJpdiI6ImttWEV2dHE5eVJmNDBYSU9zRXBEeWc9PSIsInZhbHVlIjoick42ajFHZUZnbWp6cUtjaHExR1VzM0c3TlEyV0FIbVE1RTB6TUR4NHVaM1wvS3l4U1ZIczIrWEd3Y20wQ3c2c2tTc3Nld1RFV3EzUEo3U1wvaVh4cGhBM015Rmc3RE83cU54eVE3djBncTdVaDJLWjdGdkM3T0xZTThGdXI4RmJyRyIsIm1hYyI6IjM4N2VmZGJkMmQwNmY2Y2QzODUxNzM4YTE4MTdhYTg3YzMwZTE3NTY3ZjI5NGZjM2JhZjAxOTNiZGZmNjFjODkifQ==
Content-Length: 83
Origin: https://att-103619.square.site
Connection: keep-alive
Referer: https://att-103619.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IktJOFlWajd3OWR2NTdTM3QrVDMwVFE9PSIsInZhbHVlIjoiUGlYRDdZRVU3SWd1cjB5Y0F4cnFnTUZtellWekxZTUcwRWNvVVwvS2ZyZ2RjMnErWEM1VE1kZjRPTFVmbXNDbko2bGQzNVwvQVNUTlVDT1lnWDhHM2c2dVg3Z2poaVVMXC82WE5tTUtjRktGRHlYaTZKdVIxWVdqVGd2UlwvUUVWRXFzIiwibWFjIjoiMjA2NzliMDZiODZmOWIyMjQxODRiOTUwM2M3MjBiNWQwMWRiN2VlZmQ4Yjk3Mzc4NjJiMTM2YWU3ZGQ1ZDU3MSJ9; XSRF-TOKEN=eyJpdiI6ImttWEV2dHE5eVJmNDBYSU9zRXBEeWc9PSIsInZhbHVlIjoick42ajFHZUZnbWp6cUtjaHExR1VzM0c3TlEyV0FIbVE1RTB6TUR4NHVaM1wvS3l4U1ZIczIrWEd3Y20wQ3c2c2tTc3Nld1RFV3EzUEo3U1wvaVh4cGhBM015Rmc3RE83cU54eVE3djBncTdVaDJLWjdGdkM3T0xZTThGdXI4RmJyRyIsIm1hYyI6IjM4N2VmZGJkMmQwNmY2Y2QzODUxNzM4YTE4MTdhYTg3YzMwZTE3NTY3ZjI5NGZjM2JhZjAxOTNiZGZmNjFjODkifQ%3D%3D; PublishedSiteSession=eyJpdiI6IjltWXBiaTV1MlpmZEVUc01oSUZGSUE9PSIsInZhbHVlIjoiV1Y5eDJMUkhpcThpVVBnXC9yWFpkTDdFUHBrcFhsRVZJXC80RU0xR1dLbGVlWjBrQmo2aVNxb2hZaVk2RllTSEN6dlBDcHRKSEpXNTF4T3B4MTg4eG42XC9DUXVydWZNME12aThQVmNKVjFzUDl6VTdqSUZNcnZyc1dTNjVuY2NpR3oiLCJtYWMiOiJiYjU1NDkyMzY0MWUyMmIwZmMzZTczYTAwYzkwODg5MzJmMjk2MzgzZTljYjNmNTQ5MTRkNDUwMjM3OTdjYWI5In0%3D; _snow_ses.eab8=*; _snow_id.eab8=13616b17-92de-44b7-966f-aae859e132c9.1671564001.1.1671564001.1671564001.568841f8-9c32-4b68-86b5-bba72fcf9874; _dd_s=rum=1&id=d809f915-5b42-45b7-8c93-508cf448175d&created=1671564001393&expire=1671564901393
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 19:19:55 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu96.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 201
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
att-103619.square.site/app/website/cms/api/v1/users/144235723/customers/coordinates
199.34.228.39200 OK 70 B URL HTTP/1.1 att-103619.square.site/app/website/cms/api/v1/users/144235723/customers/coordinates
IP 199.34.228.39:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0202fec5c18173b1ccef517d7a8fb076
ed3c42952ab998b5f8f4570735caccb08bbbfbba
a496539bedf56d084f7654fb244367daf638da6ab09f7812b81c743baa995e26
Analyzer Verdict Alert openphish AT&T Inc.
GET /app/website/cms/api/v1/users/144235723/customers/coordinates HTTP/1.1
Host: att-103619.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6ImttWEV2dHE5eVJmNDBYSU9zRXBEeWc9PSIsInZhbHVlIjoick42ajFHZUZnbWp6cUtjaHExR1VzM0c3TlEyV0FIbVE1RTB6TUR4NHVaM1wvS3l4U1ZIczIrWEd3Y20wQ3c2c2tTc3Nld1RFV3EzUEo3U1wvaVh4cGhBM015Rmc3RE83cU54eVE3djBncTdVaDJLWjdGdkM3T0xZTThGdXI4RmJyRyIsIm1hYyI6IjM4N2VmZGJkMmQwNmY2Y2QzODUxNzM4YTE4MTdhYTg3YzMwZTE3NTY3ZjI5NGZjM2JhZjAxOTNiZGZmNjFjODkifQ==
Connection: keep-alive
Referer: https://att-103619.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IktJOFlWajd3OWR2NTdTM3QrVDMwVFE9PSIsInZhbHVlIjoiUGlYRDdZRVU3SWd1cjB5Y0F4cnFnTUZtellWekxZTUcwRWNvVVwvS2ZyZ2RjMnErWEM1VE1kZjRPTFVmbXNDbko2bGQzNVwvQVNUTlVDT1lnWDhHM2c2dVg3Z2poaVVMXC82WE5tTUtjRktGRHlYaTZKdVIxWVdqVGd2UlwvUUVWRXFzIiwibWFjIjoiMjA2NzliMDZiODZmOWIyMjQxODRiOTUwM2M3MjBiNWQwMWRiN2VlZmQ4Yjk3Mzc4NjJiMTM2YWU3ZGQ1ZDU3MSJ9; XSRF-TOKEN=eyJpdiI6ImttWEV2dHE5eVJmNDBYSU9zRXBEeWc9PSIsInZhbHVlIjoick42ajFHZUZnbWp6cUtjaHExR1VzM0c3TlEyV0FIbVE1RTB6TUR4NHVaM1wvS3l4U1ZIczIrWEd3Y20wQ3c2c2tTc3Nld1RFV3EzUEo3U1wvaVh4cGhBM015Rmc3RE83cU54eVE3djBncTdVaDJLWjdGdkM3T0xZTThGdXI4RmJyRyIsIm1hYyI6IjM4N2VmZGJkMmQwNmY2Y2QzODUxNzM4YTE4MTdhYTg3YzMwZTE3NTY3ZjI5NGZjM2JhZjAxOTNiZGZmNjFjODkifQ%3D%3D; PublishedSiteSession=eyJpdiI6IjltWXBiaTV1MlpmZEVUc01oSUZGSUE9PSIsInZhbHVlIjoiV1Y5eDJMUkhpcThpVVBnXC9yWFpkTDdFUHBrcFhsRVZJXC80RU0xR1dLbGVlWjBrQmo2aVNxb2hZaVk2RllTSEN6dlBDcHRKSEpXNTF4T3B4MTg4eG42XC9DUXVydWZNME12aThQVmNKVjFzUDl6VTdqSUZNcnZyc1dTNjVuY2NpR3oiLCJtYWMiOiJiYjU1NDkyMzY0MWUyMmIwZmMzZTczYTAwYzkwODg5MzJmMjk2MzgzZTljYjNmNTQ5MTRkNDUwMjM3OTdjYWI5In0%3D; _snow_ses.eab8=*; _snow_id.eab8=13616b17-92de-44b7-966f-aae859e132c9.1671564001.1.1671564001.1671564001.568841f8-9c32-4b68-86b5-bba72fcf9874; _dd_s=rum=1&id=d809f915-5b42-45b7-8c93-508cf448175d&created=1671564001393&expire=1671564901393
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Tue, 20 Dec 2022 19:19:55 GMT
Set-Cookie: websitespring-xsrf=eyJpdiI6IlhwSWk3bkhrUGRuRkpZVXNWSlJcL0p3PT0iLCJ2YWx1ZSI6IkpmNXJOZnNka3o1VURGVkx5azFYa3lJbGNEN2tUWEFOZEFRMGxtOEdzTERCNVdFYk5HQW1iTnZsTmhIQnpHdVRvSFBhYURkdFlrbFI0TGJ3enRHNkJNaktDZUV2WWJHMzQ2S2czZFZcLzhuNExqYVwvMnBzdjVjTFBpcyt4Zmd3SmMiLCJtYWMiOiI4MmQ3Njk2Zjc2MGU4OWYwNzE3ZGQzMjE0YWFiMTFiZTc5OTc4ZWViNjE3ZWY1OTNhZWViY2UzZTcwMDUyNWMwIn0%3D; expires=Tue, 03-Jan-2023 19:19:55 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6Ik1BVXFQWUFTcExYM1NzNVlmTWY1enc9PSIsInZhbHVlIjoiVUUxSERIbUU0N29hZnhYeExBY05tWmJOWDdYb3NKMVNwbEJxdHpVNGloNTh3ZUdaOE9jaTEyc0NGUU50TG9ORVwvakp4Z25GN3hlT2dpc0l6Mk1mU0F0OTE5Z1dvdlwvWXZDRHVDaTVpWDFKSlRUTm9xaVgxcElmSVJkbGlLTW0yaSIsIm1hYyI6IjVmZDIwZGY2ZTI1ZGMyMjMzNjBmYWQ4MmM1NjRiNmZlMDA5OTVjMGQ2MzkwOGYwNzU0NTA2OGFiMzNkMGI1ZmUifQ%3D%3D; expires=Tue, 03-Jan-2023 19:19:55 GMT; Max-Age=1209600; path=/
X-Host: blu75.sf2p.intern.weebly.net
X-Revision: a39cdda500970c491f87798f46893a9fb788971c
X-Request-ID: 5e903328a0d3e321dfc665ba94c2be77
Content-Encoding: gzip
cdn5.editmysite.com/app/store/api/v23/editor/users/144235723/sites/120448856856899326/store-locations?page=1&per_page=100&include=address,free_fulfillment_conditions&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1
151.101.65.46200 OK 1.4 kB URL HTTP/2 cdn5.editmysite.com/app/store/api/v23/editor/users/144235723/sites/120448856856899326/store-locations?page=1&per_page=100&include=address,free_fulfillment_conditions&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1
IP 151.101.65.46:0
File type JSON data\012- , ASCII text, with very long lines (3794), with no line terminators
Hash f09131707c7d46769b65157a54e8591a
3d3f1c334699f70c55316218d514f4e1220b2871
12724ce0f6bc09424ac9f3bb7503c4013c35e2c6d6ed5490afd1fbf4cff5caa6
GET /app/store/api/v23/editor/users/144235723/sites/120448856856899326/store-locations?page=1&per_page=100&include=address,free_fulfillment_conditions&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1 HTTP/1.1
Host: cdn5.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://att-103619.square.site
Connection: keep-alive
Referer: https://att-103619.square.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/json
cache-control: s-maxage=604800
etag: W/"f8a611964acdde106c617b2cd75c2946"
access-control-allow-methods: GET, HEAD
fullcache: h
x-revision: 76c8048908df9b148c15faf5f59be421f0436a80
x-request-id: fd21fba11a6e497da38290de9913e419
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Tue, 20 Dec 2022 19:19:55 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1639-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1671563996.577200,VS0,VE195
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1356
X-Firefox-Spdy: h2
att-103619.square.site/square.ico
199.34.228.39200 OK 6.5 kB URL HTTP/1.1 att-103619.square.site/square.ico
IP 199.34.228.39:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash d810985ef4dc1c0bd5811e36d13c8ca3
2b45bb77c68c937af6a2d9854dc82301526473aa
770e0889aefd823056c7cdbb066a445be0f0754c1b4d4cba877e120fdbcb63e6
Analyzer Verdict Alert openphish AT&T Inc.
GET /square.ico HTTP/1.1
Host: att-103619.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-103619.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IktJOFlWajd3OWR2NTdTM3QrVDMwVFE9PSIsInZhbHVlIjoiUGlYRDdZRVU3SWd1cjB5Y0F4cnFnTUZtellWekxZTUcwRWNvVVwvS2ZyZ2RjMnErWEM1VE1kZjRPTFVmbXNDbko2bGQzNVwvQVNUTlVDT1lnWDhHM2c2dVg3Z2poaVVMXC82WE5tTUtjRktGRHlYaTZKdVIxWVdqVGd2UlwvUUVWRXFzIiwibWFjIjoiMjA2NzliMDZiODZmOWIyMjQxODRiOTUwM2M3MjBiNWQwMWRiN2VlZmQ4Yjk3Mzc4NjJiMTM2YWU3ZGQ1ZDU3MSJ9; XSRF-TOKEN=eyJpdiI6ImttWEV2dHE5eVJmNDBYSU9zRXBEeWc9PSIsInZhbHVlIjoick42ajFHZUZnbWp6cUtjaHExR1VzM0c3TlEyV0FIbVE1RTB6TUR4NHVaM1wvS3l4U1ZIczIrWEd3Y20wQ3c2c2tTc3Nld1RFV3EzUEo3U1wvaVh4cGhBM015Rmc3RE83cU54eVE3djBncTdVaDJLWjdGdkM3T0xZTThGdXI4RmJyRyIsIm1hYyI6IjM4N2VmZGJkMmQwNmY2Y2QzODUxNzM4YTE4MTdhYTg3YzMwZTE3NTY3ZjI5NGZjM2JhZjAxOTNiZGZmNjFjODkifQ%3D%3D; PublishedSiteSession=eyJpdiI6IjltWXBiaTV1MlpmZEVUc01oSUZGSUE9PSIsInZhbHVlIjoiV1Y5eDJMUkhpcThpVVBnXC9yWFpkTDdFUHBrcFhsRVZJXC80RU0xR1dLbGVlWjBrQmo2aVNxb2hZaVk2RllTSEN6dlBDcHRKSEpXNTF4T3B4MTg4eG42XC9DUXVydWZNME12aThQVmNKVjFzUDl6VTdqSUZNcnZyc1dTNjVuY2NpR3oiLCJtYWMiOiJiYjU1NDkyMzY0MWUyMmIwZmMzZTczYTAwYzkwODg5MzJmMjk2MzgzZTljYjNmNTQ5MTRkNDUwMjM3OTdjYWI5In0%3D; _snow_ses.eab8=*; _snow_id.eab8=13616b17-92de-44b7-966f-aae859e132c9.1671564001.1.1671564001.1671564001.568841f8-9c32-4b68-86b5-bba72fcf9874; _dd_s=rum=1&id=d809f915-5b42-45b7-8c93-508cf448175d&created=1671564001393&expire=1671564901393
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 19:19:55 GMT
Content-Type: image/x-icon
Content-Length: 6518
Connection: keep-alive
Last-Modified: Tue, 02 Apr 2019 14:51:59 GMT
x-rgw-object-type: Normal
ETag: "d810985ef4dc1c0bd5811e36d13c8ca3"
x-amz-request-id: tx000000000000001a88764-00628473fc-b9fbc20-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu66.sf2p.intern.weebly.net
X-Revision: a39cdda500970c491f87798f46893a9fb788971c
X-Request-ID: fbe4e310efcca5c5b8f3d281ee374dba
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.232.197.188200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.232.197.188:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 2428
Origin: https://att-103619.square.site
Connection: keep-alive
Referer: https://att-103619.square.site/
Cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 19:19:55 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c; Expires=Wed, 20 Dec 2023 19:19:55 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://att-103619.square.site
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3bd4cfbb7fdabaa48e85c5c95dc35823
5afc028d0f57cfb3bc4de9d95078ed49fc2356c0
06180e16da621757ffea8077fa94ea55a96ddb3242ac792fc335b34db91214aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3832
Cache-Control: max-age=134436
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 19:19:56 GMT
Etag: "63a16608-1d7"
Expires: Thu, 22 Dec 2022 08:40:32 GMT
Last-Modified: Tue, 20 Dec 2022 07:36:40 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.232.197.188200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.232.197.188:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1886
Origin: https://att-103619.square.site
Connection: keep-alive
Referer: https://att-103619.square.site/
Cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 19:19:56 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c; Expires=Wed, 20 Dec 2023 19:19:56 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://att-103619.square.site
access-control-allow-credentials: true
X-Firefox-Spdy: h2
att-103619.square.site/uploads/b/5f0012c955871584dea0a022acba29ce622e4b3b5ddd92f527d1ee30f91a09ec/AT_26T_2016_1671467498.png?width=400
199.34.228.39200 OK 7.4 kB URL HTTP/1.1 att-103619.square.site/uploads/b/5f0012c955871584dea0a022acba29ce622e4b3b5ddd92f527d1ee30f91a09ec/AT_26T_2016_1671467498.png?width=400
IP 199.34.228.39:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 785c02cb7f63e695037bfae92a877929
22878e4eb0deda663c1897192dc270f3c4e73995
f40189a4e9ca0b87d4acee85ecc6baaf9141685efdf561760adb56b3bbccac0c
Analyzer Verdict Alert openphish AT&T Inc.
GET /uploads/b/5f0012c955871584dea0a022acba29ce622e4b3b5ddd92f527d1ee30f91a09ec/AT_26T_2016_1671467498.png?width=400 HTTP/1.1
Host: att-103619.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-103619.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IktJOFlWajd3OWR2NTdTM3QrVDMwVFE9PSIsInZhbHVlIjoiUGlYRDdZRVU3SWd1cjB5Y0F4cnFnTUZtellWekxZTUcwRWNvVVwvS2ZyZ2RjMnErWEM1VE1kZjRPTFVmbXNDbko2bGQzNVwvQVNUTlVDT1lnWDhHM2c2dVg3Z2poaVVMXC82WE5tTUtjRktGRHlYaTZKdVIxWVdqVGd2UlwvUUVWRXFzIiwibWFjIjoiMjA2NzliMDZiODZmOWIyMjQxODRiOTUwM2M3MjBiNWQwMWRiN2VlZmQ4Yjk3Mzc4NjJiMTM2YWU3ZGQ1ZDU3MSJ9; XSRF-TOKEN=eyJpdiI6Ik1BVXFQWUFTcExYM1NzNVlmTWY1enc9PSIsInZhbHVlIjoiVUUxSERIbUU0N29hZnhYeExBY05tWmJOWDdYb3NKMVNwbEJxdHpVNGloNTh3ZUdaOE9jaTEyc0NGUU50TG9ORVwvakp4Z25GN3hlT2dpc0l6Mk1mU0F0OTE5Z1dvdlwvWXZDRHVDaTVpWDFKSlRUTm9xaVgxcElmSVJkbGlLTW0yaSIsIm1hYyI6IjVmZDIwZGY2ZTI1ZGMyMjMzNjBmYWQ4MmM1NjRiNmZlMDA5OTVjMGQ2MzkwOGYwNzU0NTA2OGFiMzNkMGI1ZmUifQ%3D%3D; PublishedSiteSession=eyJpdiI6IjltWXBiaTV1MlpmZEVUc01oSUZGSUE9PSIsInZhbHVlIjoiV1Y5eDJMUkhpcThpVVBnXC9yWFpkTDdFUHBrcFhsRVZJXC80RU0xR1dLbGVlWjBrQmo2aVNxb2hZaVk2RllTSEN6dlBDcHRKSEpXNTF4T3B4MTg4eG42XC9DUXVydWZNME12aThQVmNKVjFzUDl6VTdqSUZNcnZyc1dTNjVuY2NpR3oiLCJtYWMiOiJiYjU1NDkyMzY0MWUyMmIwZmMzZTczYTAwYzkwODg5MzJmMjk2MzgzZTljYjNmNTQ5MTRkNDUwMjM3OTdjYWI5In0%3D; _snow_ses.eab8=*; _snow_id.eab8=13616b17-92de-44b7-966f-aae859e132c9.1671564001.1.1671564003.1671564001.568841f8-9c32-4b68-86b5-bba72fcf9874; _dd_s=rum=1&id=d809f915-5b42-45b7-8c93-508cf448175d&created=1671564001393&expire=1671564901393; websitespring-xsrf=eyJpdiI6IlhwSWk3bkhrUGRuRkpZVXNWSlJcL0p3PT0iLCJ2YWx1ZSI6IkpmNXJOZnNka3o1VURGVkx5azFYa3lJbGNEN2tUWEFOZEFRMGxtOEdzTERCNVdFYk5HQW1iTnZsTmhIQnpHdVRvSFBhYURkdFlrbFI0TGJ3enRHNkJNaktDZUV2WWJHMzQ2S2czZFZcLzhuNExqYVwvMnBzdjVjTFBpcyt4Zmd3SmMiLCJtYWMiOiI4MmQ3Njk2Zjc2MGU4OWYwNzE3ZGQzMjE0YWFiMTFiZTc5OTc4ZWViNjE3ZWY1OTNhZWViY2UzZTcwMDUyNWMwIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 19:19:56 GMT
Content-Type: image/webp
Content-Length: 7376
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "N9r3XrSVuhg1WZ9ASVuu8X85aJaIgEo3uk9qxLP3FpA"
Fastly-Io-Info: ifsz=15511 idim=340x140 ifmt=png ofsz=7376 odim=340x140 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx00000000000004c8c06b6-0063a091eb-c695612-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: zedb4
X-Storage-Object: edb4ae45525c2778deb0383efb06f048d4ef827b6d8a9b9533929dc144943c0e
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 236
X-Served-By: cache-sjc10037-SJC, cache-pao17474-PAO
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
X-Timer: S1671563996.362918,VS0,VE1
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn152.sf2p.intern.weebly.net
att-103619.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
199.34.228.39200 OK 182 B URL HTTP/1.1 att-103619.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
IP 199.34.228.39:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6f6b6b81dd3714cd388808342e960a10
f34bc92a2c7a4dfe56bd6f069ad601e6a61e3b61
2eb22bb7b96aaee11236fcf99e822ede29d3a2ddf2d6f019bb70005b5a1540ef
Analyzer Verdict Alert openphish AT&T Inc.
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder] HTTP/1.1
Host: att-103619.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6Ik1BVXFQWUFTcExYM1NzNVlmTWY1enc9PSIsInZhbHVlIjoiVUUxSERIbUU0N29hZnhYeExBY05tWmJOWDdYb3NKMVNwbEJxdHpVNGloNTh3ZUdaOE9jaTEyc0NGUU50TG9ORVwvakp4Z25GN3hlT2dpc0l6Mk1mU0F0OTE5Z1dvdlwvWXZDRHVDaTVpWDFKSlRUTm9xaVgxcElmSVJkbGlLTW0yaSIsIm1hYyI6IjVmZDIwZGY2ZTI1ZGMyMjMzNjBmYWQ4MmM1NjRiNmZlMDA5OTVjMGQ2MzkwOGYwNzU0NTA2OGFiMzNkMGI1ZmUifQ==
Content-Length: 89
Origin: https://att-103619.square.site
Connection: keep-alive
Referer: https://att-103619.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IktJOFlWajd3OWR2NTdTM3QrVDMwVFE9PSIsInZhbHVlIjoiUGlYRDdZRVU3SWd1cjB5Y0F4cnFnTUZtellWekxZTUcwRWNvVVwvS2ZyZ2RjMnErWEM1VE1kZjRPTFVmbXNDbko2bGQzNVwvQVNUTlVDT1lnWDhHM2c2dVg3Z2poaVVMXC82WE5tTUtjRktGRHlYaTZKdVIxWVdqVGd2UlwvUUVWRXFzIiwibWFjIjoiMjA2NzliMDZiODZmOWIyMjQxODRiOTUwM2M3MjBiNWQwMWRiN2VlZmQ4Yjk3Mzc4NjJiMTM2YWU3ZGQ1ZDU3MSJ9; XSRF-TOKEN=eyJpdiI6Ik1BVXFQWUFTcExYM1NzNVlmTWY1enc9PSIsInZhbHVlIjoiVUUxSERIbUU0N29hZnhYeExBY05tWmJOWDdYb3NKMVNwbEJxdHpVNGloNTh3ZUdaOE9jaTEyc0NGUU50TG9ORVwvakp4Z25GN3hlT2dpc0l6Mk1mU0F0OTE5Z1dvdlwvWXZDRHVDaTVpWDFKSlRUTm9xaVgxcElmSVJkbGlLTW0yaSIsIm1hYyI6IjVmZDIwZGY2ZTI1ZGMyMjMzNjBmYWQ4MmM1NjRiNmZlMDA5OTVjMGQ2MzkwOGYwNzU0NTA2OGFiMzNkMGI1ZmUifQ%3D%3D; PublishedSiteSession=eyJpdiI6IjltWXBiaTV1MlpmZEVUc01oSUZGSUE9PSIsInZhbHVlIjoiV1Y5eDJMUkhpcThpVVBnXC9yWFpkTDdFUHBrcFhsRVZJXC80RU0xR1dLbGVlWjBrQmo2aVNxb2hZaVk2RllTSEN6dlBDcHRKSEpXNTF4T3B4MTg4eG42XC9DUXVydWZNME12aThQVmNKVjFzUDl6VTdqSUZNcnZyc1dTNjVuY2NpR3oiLCJtYWMiOiJiYjU1NDkyMzY0MWUyMmIwZmMzZTczYTAwYzkwODg5MzJmMjk2MzgzZTljYjNmNTQ5MTRkNDUwMjM3OTdjYWI5In0%3D; _snow_ses.eab8=*; _snow_id.eab8=13616b17-92de-44b7-966f-aae859e132c9.1671564001.1.1671564003.1671564001.568841f8-9c32-4b68-86b5-bba72fcf9874; _dd_s=rum=1&id=d809f915-5b42-45b7-8c93-508cf448175d&created=1671564001393&expire=1671564901393; websitespring-xsrf=eyJpdiI6IlhwSWk3bkhrUGRuRkpZVXNWSlJcL0p3PT0iLCJ2YWx1ZSI6IkpmNXJOZnNka3o1VURGVkx5azFYa3lJbGNEN2tUWEFOZEFRMGxtOEdzTERCNVdFYk5HQW1iTnZsTmhIQnpHdVRvSFBhYURkdFlrbFI0TGJ3enRHNkJNaktDZUV2WWJHMzQ2S2czZFZcLzhuNExqYVwvMnBzdjVjTFBpcyt4Zmd3SmMiLCJtYWMiOiI4MmQ3Njk2Zjc2MGU4OWYwNzE3ZGQzMjE0YWFiMTFiZTc5OTc4ZWViNjE3ZWY1OTNhZWViY2UzZTcwMDUyNWMwIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 19:19:56 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu32.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 182
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-a39cdda&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=7f40b51c-f3c9-4cb2-ad10-b6ddedf83d54&batch_time=1671564002846
3.233.153.140202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-a39cdda&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=7f40b51c-f3c9-4cb2-ad10-b6ddedf83d54&batch_time=1671564002846
IP 3.233.153.140:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e099ea69e6a1904e5363853404778092
94047dde941d6b5099544e950483845e7735c488
9ef71c399cfafc2725280b6bb1a5172600eb8e6c467ee0b2dd6815ee1d9062c8
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-a39cdda&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=7f40b51c-f3c9-4cb2-ad10-b6ddedf83d54&batch_time=1671564002846 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 16067
Origin: https://att-103619.square.site
Connection: keep-alive
Referer: https://att-103619.square.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Tue, 20 Dec 2022 19:19:56 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-a39cdda&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=29603f64-b85a-4c32-bad0-ebd07b0beaab&batch_time=1671564002997
3.233.153.140202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-a39cdda&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=29603f64-b85a-4c32-bad0-ebd07b0beaab&batch_time=1671564002997
IP 3.233.153.140:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7847135563aebc24610859be25e5191b
b034cec5a5d1a80c42a11dca7ca111f624233038
24b87d5b15738e950f5d97b1d3e92d800ec5eff7ad979ffd8dee1eaeea452a71
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-a39cdda&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=29603f64-b85a-4c32-bad0-ebd07b0beaab&batch_time=1671564002997 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 16367
Origin: https://att-103619.square.site
Connection: keep-alive
Referer: https://att-103619.square.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Tue, 20 Dec 2022 19:19:56 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
att-103619.square.site/app/website/square.ico
199.34.228.39200 OK 6.5 kB URL HTTP/1.1 att-103619.square.site/app/website/square.ico
IP 199.34.228.39:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash d810985ef4dc1c0bd5811e36d13c8ca3
2b45bb77c68c937af6a2d9854dc82301526473aa
770e0889aefd823056c7cdbb066a445be0f0754c1b4d4cba877e120fdbcb63e6
Analyzer Verdict Alert openphish AT&T Inc.
GET /app/website/square.ico HTTP/1.1
Host: att-103619.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://att-103619.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IktJOFlWajd3OWR2NTdTM3QrVDMwVFE9PSIsInZhbHVlIjoiUGlYRDdZRVU3SWd1cjB5Y0F4cnFnTUZtellWekxZTUcwRWNvVVwvS2ZyZ2RjMnErWEM1VE1kZjRPTFVmbXNDbko2bGQzNVwvQVNUTlVDT1lnWDhHM2c2dVg3Z2poaVVMXC82WE5tTUtjRktGRHlYaTZKdVIxWVdqVGd2UlwvUUVWRXFzIiwibWFjIjoiMjA2NzliMDZiODZmOWIyMjQxODRiOTUwM2M3MjBiNWQwMWRiN2VlZmQ4Yjk3Mzc4NjJiMTM2YWU3ZGQ1ZDU3MSJ9; XSRF-TOKEN=eyJpdiI6Ik1BVXFQWUFTcExYM1NzNVlmTWY1enc9PSIsInZhbHVlIjoiVUUxSERIbUU0N29hZnhYeExBY05tWmJOWDdYb3NKMVNwbEJxdHpVNGloNTh3ZUdaOE9jaTEyc0NGUU50TG9ORVwvakp4Z25GN3hlT2dpc0l6Mk1mU0F0OTE5Z1dvdlwvWXZDRHVDaTVpWDFKSlRUTm9xaVgxcElmSVJkbGlLTW0yaSIsIm1hYyI6IjVmZDIwZGY2ZTI1ZGMyMjMzNjBmYWQ4MmM1NjRiNmZlMDA5OTVjMGQ2MzkwOGYwNzU0NTA2OGFiMzNkMGI1ZmUifQ%3D%3D; PublishedSiteSession=eyJpdiI6IjltWXBiaTV1MlpmZEVUc01oSUZGSUE9PSIsInZhbHVlIjoiV1Y5eDJMUkhpcThpVVBnXC9yWFpkTDdFUHBrcFhsRVZJXC80RU0xR1dLbGVlWjBrQmo2aVNxb2hZaVk2RllTSEN6dlBDcHRKSEpXNTF4T3B4MTg4eG42XC9DUXVydWZNME12aThQVmNKVjFzUDl6VTdqSUZNcnZyc1dTNjVuY2NpR3oiLCJtYWMiOiJiYjU1NDkyMzY0MWUyMmIwZmMzZTczYTAwYzkwODg5MzJmMjk2MzgzZTljYjNmNTQ5MTRkNDUwMjM3OTdjYWI5In0%3D; _snow_ses.eab8=*; _snow_id.eab8=13616b17-92de-44b7-966f-aae859e132c9.1671564001.1.1671564003.1671564001.568841f8-9c32-4b68-86b5-bba72fcf9874; _dd_s=rum=1&id=d809f915-5b42-45b7-8c93-508cf448175d&created=1671564001393&expire=1671564901393; websitespring-xsrf=eyJpdiI6IlhwSWk3bkhrUGRuRkpZVXNWSlJcL0p3PT0iLCJ2YWx1ZSI6IkpmNXJOZnNka3o1VURGVkx5azFYa3lJbGNEN2tUWEFOZEFRMGxtOEdzTERCNVdFYk5HQW1iTnZsTmhIQnpHdVRvSFBhYURkdFlrbFI0TGJ3enRHNkJNaktDZUV2WWJHMzQ2S2czZFZcLzhuNExqYVwvMnBzdjVjTFBpcyt4Zmd3SmMiLCJtYWMiOiI4MmQ3Njk2Zjc2MGU4OWYwNzE3ZGQzMjE0YWFiMTFiZTc5OTc4ZWViNjE3ZWY1OTNhZWViY2UzZTcwMDUyNWMwIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 19:19:56 GMT
Content-Type: image/x-icon
Content-Length: 6518
Connection: keep-alive
Last-Modified: Tue, 02 Apr 2019 14:51:59 GMT
x-rgw-object-type: Normal
ETag: "d810985ef4dc1c0bd5811e36d13c8ca3"
x-amz-request-id: tx000000000000001aa728b-00628473fa-b9fbc7f-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn39.sf2p.intern.weebly.net
X-Revision: a39cdda500970c491f87798f46893a9fb788971c
X-Request-ID: a2c02f016d69f0c2c56090115abb43f8
att-103619.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
199.34.228.39200 OK 79 B URL HTTP/1.1 att-103619.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
IP 199.34.228.39:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 26e70d9925604cbe0c7e866fc54d87f4
ef5b3fb91cf2534cbf57806d14b21f0a5ae5c259
c0e7b562566962eced45cdf3319b692c55f3df7c3c6d39436a9d21bae2d2e049
Analyzer Verdict Alert openphish AT&T Inc.
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable] HTTP/1.1
Host: att-103619.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6Ik1BVXFQWUFTcExYM1NzNVlmTWY1enc9PSIsInZhbHVlIjoiVUUxSERIbUU0N29hZnhYeExBY05tWmJOWDdYb3NKMVNwbEJxdHpVNGloNTh3ZUdaOE9jaTEyc0NGUU50TG9ORVwvakp4Z25GN3hlT2dpc0l6Mk1mU0F0OTE5Z1dvdlwvWXZDRHVDaTVpWDFKSlRUTm9xaVgxcElmSVJkbGlLTW0yaSIsIm1hYyI6IjVmZDIwZGY2ZTI1ZGMyMjMzNjBmYWQ4MmM1NjRiNmZlMDA5OTVjMGQ2MzkwOGYwNzU0NTA2OGFiMzNkMGI1ZmUifQ==
Content-Length: 77
Origin: https://att-103619.square.site
Connection: keep-alive
Referer: https://att-103619.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IktJOFlWajd3OWR2NTdTM3QrVDMwVFE9PSIsInZhbHVlIjoiUGlYRDdZRVU3SWd1cjB5Y0F4cnFnTUZtellWekxZTUcwRWNvVVwvS2ZyZ2RjMnErWEM1VE1kZjRPTFVmbXNDbko2bGQzNVwvQVNUTlVDT1lnWDhHM2c2dVg3Z2poaVVMXC82WE5tTUtjRktGRHlYaTZKdVIxWVdqVGd2UlwvUUVWRXFzIiwibWFjIjoiMjA2NzliMDZiODZmOWIyMjQxODRiOTUwM2M3MjBiNWQwMWRiN2VlZmQ4Yjk3Mzc4NjJiMTM2YWU3ZGQ1ZDU3MSJ9; XSRF-TOKEN=eyJpdiI6Ik1BVXFQWUFTcExYM1NzNVlmTWY1enc9PSIsInZhbHVlIjoiVUUxSERIbUU0N29hZnhYeExBY05tWmJOWDdYb3NKMVNwbEJxdHpVNGloNTh3ZUdaOE9jaTEyc0NGUU50TG9ORVwvakp4Z25GN3hlT2dpc0l6Mk1mU0F0OTE5Z1dvdlwvWXZDRHVDaTVpWDFKSlRUTm9xaVgxcElmSVJkbGlLTW0yaSIsIm1hYyI6IjVmZDIwZGY2ZTI1ZGMyMjMzNjBmYWQ4MmM1NjRiNmZlMDA5OTVjMGQ2MzkwOGYwNzU0NTA2OGFiMzNkMGI1ZmUifQ%3D%3D; PublishedSiteSession=eyJpdiI6IjltWXBiaTV1MlpmZEVUc01oSUZGSUE9PSIsInZhbHVlIjoiV1Y5eDJMUkhpcThpVVBnXC9yWFpkTDdFUHBrcFhsRVZJXC80RU0xR1dLbGVlWjBrQmo2aVNxb2hZaVk2RllTSEN6dlBDcHRKSEpXNTF4T3B4MTg4eG42XC9DUXVydWZNME12aThQVmNKVjFzUDl6VTdqSUZNcnZyc1dTNjVuY2NpR3oiLCJtYWMiOiJiYjU1NDkyMzY0MWUyMmIwZmMzZTczYTAwYzkwODg5MzJmMjk2MzgzZTljYjNmNTQ5MTRkNDUwMjM3OTdjYWI5In0%3D; _snow_ses.eab8=*; _snow_id.eab8=13616b17-92de-44b7-966f-aae859e132c9.1671564001.1.1671564003.1671564001.568841f8-9c32-4b68-86b5-bba72fcf9874; _dd_s=rum=1&id=d809f915-5b42-45b7-8c93-508cf448175d&created=1671564001393&expire=1671564901393; websitespring-xsrf=eyJpdiI6IlhwSWk3bkhrUGRuRkpZVXNWSlJcL0p3PT0iLCJ2YWx1ZSI6IkpmNXJOZnNka3o1VURGVkx5azFYa3lJbGNEN2tUWEFOZEFRMGxtOEdzTERCNVdFYk5HQW1iTnZsTmhIQnpHdVRvSFBhYURkdFlrbFI0TGJ3enRHNkJNaktDZUV2WWJHMzQ2S2czZFZcLzhuNExqYVwvMnBzdjVjTFBpcyt4Zmd3SmMiLCJtYWMiOiI4MmQ3Njk2Zjc2MGU4OWYwNzE3ZGQzMjE0YWFiMTFiZTc5OTc4ZWViNjE3ZWY1OTNhZWViY2UzZTcwMDUyNWMwIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 19:19:56 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu96.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 79
Keep-Alive: timeout=10, max=74
Connection: Keep-Alive
Content-Type: application/json