r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7914
Expires: Mon, 28 Nov 2022 19:04:06 GMT
Date: Mon, 28 Nov 2022 16:52:12 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3390
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:52:12 GMT
Last-Modified: Mon, 28 Nov 2022 15:55:42 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 16:17:48 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2064
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10114
Expires: Mon, 28 Nov 2022 19:40:46 GMT
Date: Mon, 28 Nov 2022 16:52:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: w+93YNLgddg1s/nzIXjr64d6jJQc95JgxOMzBfkYtp/R2VxGMWYzLHje9KSfbDv6MiWT3JqDzKU=
x-amz-request-id: HSAR3Y9KCYXK8G2Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 16:42:08 GMT
age: 604
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 16:52:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash e6ab66388a89251f30b095988a6ff20f
e2a2d6ad7da3dec0f09d009a0a84f855aa15892f
6b6ec03e0ee29280cd0ee564ed30403a1152352ccc4314bb0689aa59be40d8d5
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "6B6EC03E0EE29280CD0EE564ED30403A1152352CCC4314BB0689AA59BE40D8D5"
Last-Modified: Mon, 28 Nov 2022 10:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3127
Expires: Mon, 28 Nov 2022 17:44:19 GMT
Date: Mon, 28 Nov 2022 16:52:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 16:08:55 GMT
cache-control: public,max-age=3600
age: 2597
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 420
Cache-Control: max-age=145302
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:52:13 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 09:13:55 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.162.125.72101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.125.72:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pASRsguCLoJ0Ah7SUUWDYA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wAEMAtGZwXN1CBe4ViF/QkSA6Ys=
currently-merge.square.site/
199.34.228.40200 OK 9.8 kB URL HTTP/1.1 currently-merge.square.site/
IP 199.34.228.40:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (24702)
Hash fc612a0c3ec9a808759612f0cfccd7b5
0609bd5baa3e526b1ece2f0884bda3c3ab207f88
17a2db64da4569d303d56b277aac8527ea7ccb9946c4643fef7cde1b4f0ef757
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET / HTTP/1.1
Host: currently-merge.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Mon, 28 Nov 2022 16:52:13 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6InJ3MzcweTN1TFdjZVNhNFhtbTRwc0E9PSIsInZhbHVlIjoiRGJxTGM4Y0REaUpiY2NiR2FhVmkwbDNadTRZWGhieVZuUU9ub1FcLzJNSFhmTTNjWk43elRYNGNsSHM1VGhjV1wvcUVUQkVreFFWSHdyQWViREhYc0ErZkI0T25Nc0xjeG94NE5SdW1KUWxXNXFcL1FnMHNweThQblBwUUpaUUo1XC9YIiwibWFjIjoiZDkxMDEyNWQ5NmI3YmYwZTIwZTlkN2MyNjljNDM2OTMyMWMzODFjNDIxODkyZGM0Yzg0ZTBjZDdhMmIwYmNlOSJ9; expires=Mon, 12-Dec-2022 16:52:13 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IktHU0lJWElQZ0l0MDdHQVRzWTFoaXc9PSIsInZhbHVlIjoiVTlhQWFDRWJxcUx6RTlvRldQbWZoeTZya2xPanRWZXo3U1VyUHdwK3U3T1Y0SHM3MTRFOGdOemlzWnhidzQycDZYbUpnZUZ5bkNLXC9pTTl4WmZMMjY0RHRGRGRPVGhOZDlJUTA2VTVcL3JkWTh5R3l5NEhiMEZkbjBxM0pcL2xWT2MiLCJtYWMiOiIwOWI5NmE2MzUwOTc1NGM0YzU3MGJlNzQxMDdhZTg2ZDMzZmEyYWYwZTIxMDU0YzFlOGM5NzI2NDcwZTdlOGExIn0%3D; expires=Mon, 12-Dec-2022 16:52:13 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6IjhzRlRTNDk1QWdaYkk1cjJpdDVwZ1E9PSIsInZhbHVlIjoiVlk4cFZUTE9Sa05IXC96U1VEMWs5ZUhjVlhhM0xoUkRRME5PN21qZjZcL3B3TUhUVmVGUVFZQ3FPOWxaQjM0WG5CNWZOQ2NGUGZyR3g2bWFDU2JpMHQwVndcLzVveXRSa3BiYVV4XC9oXC9ZdEVkcXBQNXZOdHc4VURQajJ6ZVBrUzNRYSIsIm1hYyI6IjQwYzUxMDQ3MGJiMjcwNGExMjFhMzljZDFmYzE2MjliNTdhNzMyZGIzNzZmMDVmMGFiODU3Yjc5ZDBlNjdjYjMifQ%3D%3D; expires=Mon, 12-Dec-2022 16:52:13 GMT; Max-Age=1209600; path=/; httponly
X-Host: blu128.sf2p.intern.weebly.net
X-Revision: aba69181966a1a9229b2f5527bc29ef4864d9bed
X-Request-ID: 9ed7abe6a4e2755a0f21e224c6dc4fef
Content-Encoding: gzip
cdn2.editmysite.com/js/wsnbn/snowday262.js
151.101.85.46200 OK 26 kB URL HTTP/2 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (2512)
Hash 234327230add9a5a5d61a48829ea4565
7966cc0e4bd76f88ff193c8a99a067de804b7129
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://currently-merge.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 18:03:15 GMT
etag: "637e6063-124fe"
expires: Thu, 08 Dec 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: grn145.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 28 Nov 2022 16:52:13 GMT
age: 375212
x-served-by: cache-sjc10061-SJC, cache-bma1663-BMA
x-cache: HIT, HIT
x-cache-hits: 36, 4087
x-timer: S1669654334.813105,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25752
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/css/site.1212ec71ad4b7ff5f443.css
151.101.85.46200 OK 24 kB URL HTTP/2 cdn3.editmysite.com/app/website/css/site.1212ec71ad4b7ff5f443.css
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (64930), with no line terminators
Hash 95f18bd4635781a99daed1dd3de8adc1
ac08c18cc726deed47eb6b8f68ec3b5239a2fd91
ef25fa02ff6fba3fa3c90616e1ddbea7d9695867b40a81889074051552b7fff5
GET /app/website/css/site.1212ec71ad4b7ff5f443.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://currently-merge.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Wed, 09 Nov 2022 21:23:11 GMT
x-rgw-object-type: Normal
etag: W/"c22f38a806467cd0cdff32ec647019f0"
x-amz-request-id: tx00000000000002d07c203-00636c1aa2-c67eadd-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 64414abb58e4acfdd0b6e55daa9d9489195edb4b
x-request-id: 463ecf92fd5e50a7617749451e59789e
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Mon, 28 Nov 2022 16:52:13 GMT
via: 1.1 varnish
age: 1188491
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1669654334.816690,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23817
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/css/wcko.577957259b9178e25575.css
151.101.85.46200 OK 23 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/css/wcko.577957259b9178e25575.css
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (64270), with no line terminators
Hash d4a7cac8be5683713ff6e8d0784011f2
e2a97aa958426f4a35d0428ba833ced0c6cc6042
286ee096d03d0f9e94833359780ff046c322ba1ea9be4a432a1ae6a89970ecb5
GET /app/checkout/assets/checkout/css/wcko.577957259b9178e25575.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://currently-merge.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Wed, 09 Nov 2022 21:41:51 GMT
x-rgw-object-type: Normal
etag: W/"2a31fcbf4eb69762b720ec1ef08544e0"
x-amz-request-id: tx00000000000002d0bf7b3-00636c1f88-c67eadd-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Mon, 28 Nov 2022 16:52:13 GMT
via: 1.1 varnish
age: 1623949
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1669654334.816796,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22873
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/runtime.a24540d9f69dfebc1c6b.js
151.101.85.46200 OK 25 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/runtime.a24540d9f69dfebc1c6b.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (50950)
Hash d7aa02a8cc0582f3062bed63eba8f842
f8722ff0f0f2325f866fd9ab7f5fd9e89d0dba9a
2b1ca59fc9c7f2a934d3208d4e79ec23b1cf2585a4545ea5ef3fd4756ab81211
GET /app/website/js/runtime.a24540d9f69dfebc1c6b.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://currently-merge.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Nov 2022 15:56:25 GMT
x-rgw-object-type: Normal
etag: W/"6f7230023a22735694db2db08b2ea0d2"
x-amz-request-id: tx00000000000003c16b91c-006384da98-c696eea-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/runtime.a24540d9f69dfebc1c6b.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 8b6d9d887a47f8cceadf99cb849a3347de2cf18d
x-request-id: f7d535aabb3c79f3b9fe1574604f184a
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Mon, 28 Nov 2022 16:52:13 GMT
via: 1.1 varnish
age: 3198
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1669654334.822105,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24919
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/vue-modules.9bc3531c7b14b533b653.js
151.101.85.46200 OK 72 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/vue-modules.9bc3531c7b14b533b653.js
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (27432)
Hash f4b29141d74cfc31ae87b2379bf827c6
d3cecf2609cbc423e0a59e9cad96c96595fc550c
77ba93a6fbe46719dede0298898f4d896c073a42d0c093179615edf38f1fd0e5
GET /app/website/js/vue-modules.9bc3531c7b14b533b653.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://currently-merge.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Mon, 24 Oct 2022 20:40:22 GMT
x-rgw-object-type: Normal
etag: W/"be42f69ec175a01b6e195526f58dae71"
x-amz-request-id: tx00000000000002109ab7c-006356f891-c695612-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/vue-modules.9bc3531c7b14b533b653.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 1d15aad34e0d20a973977ec67b3bf5090814a6cf
x-request-id: f2d07942d6e3e48efaf38632576a5abf
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Mon, 28 Nov 2022 16:52:13 GMT
via: 1.1 varnish
age: 2211204
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1669654334.826573,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 72192
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/languages/en.6d50ad64662dbbeedf3c.js
151.101.85.46200 OK 152 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/languages/en.6d50ad64662dbbeedf3c.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 152 kB (151481 bytes)
Hash b2e41a04ed8c31f931573b77f15479cd
7deaec1bc01c8ca735e6f5f5518d53aab0e420a9
6714ba4d36f548cd0ade52c09be79c7945ce26f49f8e66b9ea52f76223384436
GET /app/website/js/languages/en.6d50ad64662dbbeedf3c.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://currently-merge.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Nov 2022 15:56:25 GMT
x-rgw-object-type: Normal
etag: W/"7672a647b0c98f23d0ba58c7600d6fa2"
x-amz-request-id: tx00000000000003b4e9606-006384da8f-c67eadd-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/languages/en.6d50ad64662dbbeedf3c.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: aba69181966a1a9229b2f5527bc29ef4864d9bed
x-request-id: bdcc8bb276f18927feab6443166c0db1
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Mon, 28 Nov 2022 16:52:13 GMT
via: 1.1 varnish
age: 3198
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669654334.827805,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 151481
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
151.101.85.46200 OK 5.0 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (11882), with no line terminators
Hash 20a4e66f534b80396d40bbc4291b2172
d7c962996f2715d94483be2bf9b644c7185d7ec7
0f19e8ad1c9bd5ae2ae5141f31b4e491bb460558da0ac51cd402964e716880ac
GET /app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://currently-merge.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Mar 2022 18:09:33 GMT
x-rgw-object-type: Normal
etag: W/"40372ca3b0cfa19f4e5d664243108364"
x-amz-request-id: tx00000000000005ce1aaac-0062434bb9-a9f1ce7-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Mon, 28 Nov 2022 16:52:13 GMT
via: 1.1 varnish
age: 1179073
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1669654334.867062,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4998
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/site.897486cdc239799ff395.js
151.101.85.46200 OK 624 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/site.897486cdc239799ff395.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (50429)
Size 624 kB (623735 bytes)
Hash 79514ffd4f10ce16100000bdc584b5e1
3e918634b49c39a2beea49bbe59188f4755ed5c8
66b6117652be6f63e188f08c6e4f87250d9c859693b977b25e40436ea704c3b1
GET /app/website/js/site.897486cdc239799ff395.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://currently-merge.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Nov 2022 15:56:25 GMT
x-rgw-object-type: Normal
etag: W/"d1a6a4a96c473b73b551259fcbe24f59"
x-amz-request-id: tx00000000000003b4e94b7-006384da8d-c67eadd-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/site.897486cdc239799ff395.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: aba69181966a1a9229b2f5527bc29ef4864d9bed
x-request-id: 4edcafde6801b91c6fb0bf16c16c6cd0
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Mon, 28 Nov 2022 16:52:13 GMT
via: 1.1 varnish
age: 3198
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669654334.829094,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 623735
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.20.226:0
Hash 190f8181cfc8dcc1df695134165b66b4
1583541993130f97ec75d82bbd1ffcdd7a3afe1f
b37394886eb6e32269bad101d7b2ab16cc8f8a9af8398fcf02294d009a1554db
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 16:52:13 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "F9B0BA749866C420FFB098B7C75EF13B35C6CB49"
Expires: Tue, 29 Nov 2022 04:00:00 GMT
Last-Modified: Mon, 28 Nov 2022 16:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 839
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77149ce2ebbcb4e8-OSL
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 43f411ea449c964cff67f17987f882b4
5eb4efaf34efc9b68f4ae4ebc8f51d9073f944cf
f0bda1b41e9f570bacdd6a9e7aa4dabe70f7a62697fe3469bb9958a84ec71571
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=93262
Date: Mon, 28 Nov 2022 16:52:14 GMT
Etag: "6383a1a3-1d7"
Expires: Tue, 29 Nov 2022 18:46:36 GMT
Last-Modified: Sun, 27 Nov 2022 17:42:59 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: N4JPlauG2tEByIHw-dRLdrL5o25IBdlSSqZb2qPJIT1f_3KXh96GdQ==
Age: 3817
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 43f411ea449c964cff67f17987f882b4
5eb4efaf34efc9b68f4ae4ebc8f51d9073f944cf
f0bda1b41e9f570bacdd6a9e7aa4dabe70f7a62697fe3469bb9958a84ec71571
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=92277
Date: Mon, 28 Nov 2022 16:52:14 GMT
Etag: "6383a1a3-1d7"
Expires: Tue, 29 Nov 2022 18:30:11 GMT
Last-Modified: Sun, 27 Nov 2022 17:42:59 GMT
Server: ECS (nyb/1D2F)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: J03nLkVZ8FrLj_OnLS46vHQnxtPo2IRgKYchjRWe-biM0Pv1g3879A==
Age: 2832
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
34.214.185.169200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 34.214.185.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://currently-merge.square.site/
Origin: https://currently-merge.square.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 16:52:14 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://currently-merge.square.site
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
34.214.185.169200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 34.214.185.169:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1946
Origin: https://currently-merge.square.site
Connection: keep-alive
Referer: https://currently-merge.square.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 16:52:14 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=56fd0712-c28f-48aa-9c10-e2fb0614c53c; Expires=Tue, 28 Nov 2023 16:52:14 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://currently-merge.square.site
access-control-allow-credentials: true
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6068
Expires: Mon, 28 Nov 2022 18:33:22 GMT
Date: Mon, 28 Nov 2022 16:52:14 GMT
Connection: keep-alive
currently-merge.square.site/static/icons/payment-methods/applepay.svg
199.34.228.40200 OK 3.0 kB URL HTTP/1.1 currently-merge.square.site/static/icons/payment-methods/applepay.svg
IP 199.34.228.40:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2381)
Hash c9f0fd2c3c94b10595455b840e220672
7734e007c6a4dd650d38be5b29c7335cf9cbfb97
a1aedf64c61a6c121aa0e78164ad0d32f1ebbfd949197c88c7f48462bcbed3ab
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET /static/icons/payment-methods/applepay.svg HTTP/1.1
Host: currently-merge.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://currently-merge.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6InJ3MzcweTN1TFdjZVNhNFhtbTRwc0E9PSIsInZhbHVlIjoiRGJxTGM4Y0REaUpiY2NiR2FhVmkwbDNadTRZWGhieVZuUU9ub1FcLzJNSFhmTTNjWk43elRYNGNsSHM1VGhjV1wvcUVUQkVreFFWSHdyQWViREhYc0ErZkI0T25Nc0xjeG94NE5SdW1KUWxXNXFcL1FnMHNweThQblBwUUpaUUo1XC9YIiwibWFjIjoiZDkxMDEyNWQ5NmI3YmYwZTIwZTlkN2MyNjljNDM2OTMyMWMzODFjNDIxODkyZGM0Yzg0ZTBjZDdhMmIwYmNlOSJ9; XSRF-TOKEN=eyJpdiI6IktHU0lJWElQZ0l0MDdHQVRzWTFoaXc9PSIsInZhbHVlIjoiVTlhQWFDRWJxcUx6RTlvRldQbWZoeTZya2xPanRWZXo3U1VyUHdwK3U3T1Y0SHM3MTRFOGdOemlzWnhidzQycDZYbUpnZUZ5bkNLXC9pTTl4WmZMMjY0RHRGRGRPVGhOZDlJUTA2VTVcL3JkWTh5R3l5NEhiMEZkbjBxM0pcL2xWT2MiLCJtYWMiOiIwOWI5NmE2MzUwOTc1NGM0YzU3MGJlNzQxMDdhZTg2ZDMzZmEyYWYwZTIxMDU0YzFlOGM5NzI2NDcwZTdlOGExIn0%3D; PublishedSiteSession=eyJpdiI6IjhzRlRTNDk1QWdaYkk1cjJpdDVwZ1E9PSIsInZhbHVlIjoiVlk4cFZUTE9Sa05IXC96U1VEMWs5ZUhjVlhhM0xoUkRRME5PN21qZjZcL3B3TUhUVmVGUVFZQ3FPOWxaQjM0WG5CNWZOQ2NGUGZyR3g2bWFDU2JpMHQwVndcLzVveXRSa3BiYVV4XC9oXC9ZdEVkcXBQNXZOdHc4VURQajJ6ZVBrUzNRYSIsIm1hYyI6IjQwYzUxMDQ3MGJiMjcwNGExMjFhMzljZDFmYzE2MjliNTdhNzMyZGIzNzZmMDVmMGFiODU3Yjc5ZDBlNjdjYjMifQ%3D%3D; _snow_ses.df7f=*; _snow_id.df7f=8f793126-1c6a-4a15-a3d3-54e0afc0d4ac.1669654333.1.1669654333.1669654333.9bdcd527-94ca-476c-8662-6802390e0274; _dd_s=rum=1&id=653d5b7b-b305-4d55-a135-8799995667e6&created=1669654333827&expire=1669655233827
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 16:52:14 GMT
Content-Type: image/svg+xml
Content-Length: 2986
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "c9f0fd2c3c94b10595455b840e220672"
x-amz-request-id: tx000000000000001ac6b03-00628473fa-b9fbc64-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu128.sf2p.intern.weebly.net
X-Revision: aba69181966a1a9229b2f5527bc29ef4864d9bed
X-Request-ID: 13c11dcfee247fe1204847d00a581535
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6068
Expires: Mon, 28 Nov 2022 18:33:22 GMT
Date: Mon, 28 Nov 2022 16:52:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6068
Expires: Mon, 28 Nov 2022 18:33:22 GMT
Date: Mon, 28 Nov 2022 16:52:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6068
Expires: Mon, 28 Nov 2022 18:33:22 GMT
Date: Mon, 28 Nov 2022 16:52:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6068
Expires: Mon, 28 Nov 2022 18:33:22 GMT
Date: Mon, 28 Nov 2022 16:52:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:43 GMT
age: 68431
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a1a4e00f1f15827cf651f373863c379
70c2a238f06ca7e56ef80c83738e081bf0de3330
3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEFSeIAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 08:11:39 GMT
age: 31235
etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:16 GMT
age: 67858
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F955ba04e-80cb-43a1-bc6a-3e502a79144e.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F955ba04e-80cb-43a1-bc6a-3e502a79144e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9a6e5f60b87d3879606a6707feb37a73
373c96c2e0006d70954d4b4ebd850f62f558e92c
1ae48f692f44d357e21eec708b46f22c36a3de21be8d0f1c2035d197e0aa89de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F955ba04e-80cb-43a1-bc6a-3e502a79144e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9546
x-amzn-requestid: 60e352b5-ab38-4975-bf26-500f0a639a2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFfulExwIAMFzQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637edff6-1364912f7fd292da6453a83e;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 03:07:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qtRAIXoswvTgNWZzaQE1WHZQXoJRtK9nKpusFtXH3pDRHH_DZtsLFw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 11:59:09 GMT
age: 17585
etag: "373c96c2e0006d70954d4b4ebd850f62f558e92c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 741ddfb19764ac9a77509e7e87cfbfb2
308c08784ce4a0757cbd112807555b83e17a1d56
e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8817
x-amzn-requestid: 31bd21c7-1d75-4159-af51-52035da16da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-krGE6AIAMF2Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c1b13-32a7b9c6642592c70783a0cf;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 00:42:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZJu4cMNnQTavxqB1MnRFluzfZC59BcUnIHgXh9h6LJWYgsFL83rHoQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 16:15:25 GMT
age: 2209
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78b1389f425425d0450c94d900404dc4
53b12a8702f7c5b7cc697e2a24da824d9434be65
0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:26 GMT
age: 67848
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
35.188.42.15200 OK 2 B URL HTTP/1.1 sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
IP 35.188.42.15:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://currently-merge.square.site/
Content-Type: text/plain;charset=UTF-8
Origin: https://currently-merge.square.site
Content-Length: 429
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 16:52:14 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://currently-merge.square.site
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
currently-merge.square.site/static/icons/payment-methods/googlepay.svg
199.34.228.40200 OK 3.1 kB URL HTTP/1.1 currently-merge.square.site/static/icons/payment-methods/googlepay.svg
IP 199.34.228.40:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1581)
Hash 2e6b26f9d61dd22468981356313ca58c
df83a373e46337f409c59947b4ae5f9abe1d896a
85d63842ff30824d4324316344c9eea12995869cc3f5f353fbfa2c3008980222
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET /static/icons/payment-methods/googlepay.svg HTTP/1.1
Host: currently-merge.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://currently-merge.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6InJ3MzcweTN1TFdjZVNhNFhtbTRwc0E9PSIsInZhbHVlIjoiRGJxTGM4Y0REaUpiY2NiR2FhVmkwbDNadTRZWGhieVZuUU9ub1FcLzJNSFhmTTNjWk43elRYNGNsSHM1VGhjV1wvcUVUQkVreFFWSHdyQWViREhYc0ErZkI0T25Nc0xjeG94NE5SdW1KUWxXNXFcL1FnMHNweThQblBwUUpaUUo1XC9YIiwibWFjIjoiZDkxMDEyNWQ5NmI3YmYwZTIwZTlkN2MyNjljNDM2OTMyMWMzODFjNDIxODkyZGM0Yzg0ZTBjZDdhMmIwYmNlOSJ9; XSRF-TOKEN=eyJpdiI6IktHU0lJWElQZ0l0MDdHQVRzWTFoaXc9PSIsInZhbHVlIjoiVTlhQWFDRWJxcUx6RTlvRldQbWZoeTZya2xPanRWZXo3U1VyUHdwK3U3T1Y0SHM3MTRFOGdOemlzWnhidzQycDZYbUpnZUZ5bkNLXC9pTTl4WmZMMjY0RHRGRGRPVGhOZDlJUTA2VTVcL3JkWTh5R3l5NEhiMEZkbjBxM0pcL2xWT2MiLCJtYWMiOiIwOWI5NmE2MzUwOTc1NGM0YzU3MGJlNzQxMDdhZTg2ZDMzZmEyYWYwZTIxMDU0YzFlOGM5NzI2NDcwZTdlOGExIn0%3D; PublishedSiteSession=eyJpdiI6IjhzRlRTNDk1QWdaYkk1cjJpdDVwZ1E9PSIsInZhbHVlIjoiVlk4cFZUTE9Sa05IXC96U1VEMWs5ZUhjVlhhM0xoUkRRME5PN21qZjZcL3B3TUhUVmVGUVFZQ3FPOWxaQjM0WG5CNWZOQ2NGUGZyR3g2bWFDU2JpMHQwVndcLzVveXRSa3BiYVV4XC9oXC9ZdEVkcXBQNXZOdHc4VURQajJ6ZVBrUzNRYSIsIm1hYyI6IjQwYzUxMDQ3MGJiMjcwNGExMjFhMzljZDFmYzE2MjliNTdhNzMyZGIzNzZmMDVmMGFiODU3Yjc5ZDBlNjdjYjMifQ%3D%3D; _snow_ses.df7f=*; _snow_id.df7f=8f793126-1c6a-4a15-a3d3-54e0afc0d4ac.1669654333.1.1669654333.1669654333.9bdcd527-94ca-476c-8662-6802390e0274; _dd_s=rum=1&id=653d5b7b-b305-4d55-a135-8799995667e6&created=1669654333827&expire=1669655233827
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 16:52:14 GMT
Content-Type: image/svg+xml
Content-Length: 3115
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "2e6b26f9d61dd22468981356313ca58c"
x-amz-request-id: tx000000000000001a8879f-00628473fc-b9fbc20-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu128.sf2p.intern.weebly.net
X-Revision: aba69181966a1a9229b2f5527bc29ef4864d9bed
X-Request-ID: 959762c841642456c402edd67461f845
currently-merge.square.site/static/icons/payment-methods/americanexpress.svg
199.34.228.40200 OK 1.2 kB URL HTTP/1.1 currently-merge.square.site/static/icons/payment-methods/americanexpress.svg
IP 199.34.228.40:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (955)
Hash 2d510915ad1e47e7f6fa0a9ca6dfe7d2
a94981dcae88d70869bce16df350fbc0fbc0c138
52c75baa1c05af510c5017a200f40094bba37a6ccbb2fe5ce2542f331b812204
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET /static/icons/payment-methods/americanexpress.svg HTTP/1.1
Host: currently-merge.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://currently-merge.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6InJ3MzcweTN1TFdjZVNhNFhtbTRwc0E9PSIsInZhbHVlIjoiRGJxTGM4Y0REaUpiY2NiR2FhVmkwbDNadTRZWGhieVZuUU9ub1FcLzJNSFhmTTNjWk43elRYNGNsSHM1VGhjV1wvcUVUQkVreFFWSHdyQWViREhYc0ErZkI0T25Nc0xjeG94NE5SdW1KUWxXNXFcL1FnMHNweThQblBwUUpaUUo1XC9YIiwibWFjIjoiZDkxMDEyNWQ5NmI3YmYwZTIwZTlkN2MyNjljNDM2OTMyMWMzODFjNDIxODkyZGM0Yzg0ZTBjZDdhMmIwYmNlOSJ9; XSRF-TOKEN=eyJpdiI6IktHU0lJWElQZ0l0MDdHQVRzWTFoaXc9PSIsInZhbHVlIjoiVTlhQWFDRWJxcUx6RTlvRldQbWZoeTZya2xPanRWZXo3U1VyUHdwK3U3T1Y0SHM3MTRFOGdOemlzWnhidzQycDZYbUpnZUZ5bkNLXC9pTTl4WmZMMjY0RHRGRGRPVGhOZDlJUTA2VTVcL3JkWTh5R3l5NEhiMEZkbjBxM0pcL2xWT2MiLCJtYWMiOiIwOWI5NmE2MzUwOTc1NGM0YzU3MGJlNzQxMDdhZTg2ZDMzZmEyYWYwZTIxMDU0YzFlOGM5NzI2NDcwZTdlOGExIn0%3D; PublishedSiteSession=eyJpdiI6IjhzRlRTNDk1QWdaYkk1cjJpdDVwZ1E9PSIsInZhbHVlIjoiVlk4cFZUTE9Sa05IXC96U1VEMWs5ZUhjVlhhM0xoUkRRME5PN21qZjZcL3B3TUhUVmVGUVFZQ3FPOWxaQjM0WG5CNWZOQ2NGUGZyR3g2bWFDU2JpMHQwVndcLzVveXRSa3BiYVV4XC9oXC9ZdEVkcXBQNXZOdHc4VURQajJ6ZVBrUzNRYSIsIm1hYyI6IjQwYzUxMDQ3MGJiMjcwNGExMjFhMzljZDFmYzE2MjliNTdhNzMyZGIzNzZmMDVmMGFiODU3Yjc5ZDBlNjdjYjMifQ%3D%3D; _snow_ses.df7f=*; _snow_id.df7f=8f793126-1c6a-4a15-a3d3-54e0afc0d4ac.1669654333.1.1669654333.1669654333.9bdcd527-94ca-476c-8662-6802390e0274; _dd_s=rum=1&id=653d5b7b-b305-4d55-a135-8799995667e6&created=1669654333827&expire=1669655233827
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 16:52:15 GMT
Content-Type: image/svg+xml
Content-Length: 1206
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "2d510915ad1e47e7f6fa0a9ca6dfe7d2"
x-amz-request-id: tx000000000000001aa71ba-00628473fa-b9fbc7f-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu128.sf2p.intern.weebly.net
X-Revision: aba69181966a1a9229b2f5527bc29ef4864d9bed
X-Request-ID: 994da2f072eb72365a9ace9e4708d9be
currently-merge.square.site/static/icons/payment-methods/visa.svg
199.34.228.40200 OK 2.2 kB URL HTTP/1.1 currently-merge.square.site/static/icons/payment-methods/visa.svg
IP 199.34.228.40:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1610)
Hash 98e2d557ac9311fbf6c47dcb9cb2c730
e58712545669ba118a42f2e47fcaaabd095cdc6c
0647e086fe11b0748687b68e25c9d2830b8fa08c4397c6c7c6e327d5e8e6c43d
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET /static/icons/payment-methods/visa.svg HTTP/1.1
Host: currently-merge.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://currently-merge.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6InJ3MzcweTN1TFdjZVNhNFhtbTRwc0E9PSIsInZhbHVlIjoiRGJxTGM4Y0REaUpiY2NiR2FhVmkwbDNadTRZWGhieVZuUU9ub1FcLzJNSFhmTTNjWk43elRYNGNsSHM1VGhjV1wvcUVUQkVreFFWSHdyQWViREhYc0ErZkI0T25Nc0xjeG94NE5SdW1KUWxXNXFcL1FnMHNweThQblBwUUpaUUo1XC9YIiwibWFjIjoiZDkxMDEyNWQ5NmI3YmYwZTIwZTlkN2MyNjljNDM2OTMyMWMzODFjNDIxODkyZGM0Yzg0ZTBjZDdhMmIwYmNlOSJ9; XSRF-TOKEN=eyJpdiI6IktHU0lJWElQZ0l0MDdHQVRzWTFoaXc9PSIsInZhbHVlIjoiVTlhQWFDRWJxcUx6RTlvRldQbWZoeTZya2xPanRWZXo3U1VyUHdwK3U3T1Y0SHM3MTRFOGdOemlzWnhidzQycDZYbUpnZUZ5bkNLXC9pTTl4WmZMMjY0RHRGRGRPVGhOZDlJUTA2VTVcL3JkWTh5R3l5NEhiMEZkbjBxM0pcL2xWT2MiLCJtYWMiOiIwOWI5NmE2MzUwOTc1NGM0YzU3MGJlNzQxMDdhZTg2ZDMzZmEyYWYwZTIxMDU0YzFlOGM5NzI2NDcwZTdlOGExIn0%3D; PublishedSiteSession=eyJpdiI6IjhzRlRTNDk1QWdaYkk1cjJpdDVwZ1E9PSIsInZhbHVlIjoiVlk4cFZUTE9Sa05IXC96U1VEMWs5ZUhjVlhhM0xoUkRRME5PN21qZjZcL3B3TUhUVmVGUVFZQ3FPOWxaQjM0WG5CNWZOQ2NGUGZyR3g2bWFDU2JpMHQwVndcLzVveXRSa3BiYVV4XC9oXC9ZdEVkcXBQNXZOdHc4VURQajJ6ZVBrUzNRYSIsIm1hYyI6IjQwYzUxMDQ3MGJiMjcwNGExMjFhMzljZDFmYzE2MjliNTdhNzMyZGIzNzZmMDVmMGFiODU3Yjc5ZDBlNjdjYjMifQ%3D%3D; _snow_ses.df7f=*; _snow_id.df7f=8f793126-1c6a-4a15-a3d3-54e0afc0d4ac.1669654333.1.1669654333.1669654333.9bdcd527-94ca-476c-8662-6802390e0274; _dd_s=rum=1&id=653d5b7b-b305-4d55-a135-8799995667e6&created=1669654333827&expire=1669655233827
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 16:52:15 GMT
Content-Type: image/svg+xml
Content-Length: 2247
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 21:25:04 GMT
x-rgw-object-type: Normal
ETag: "98e2d557ac9311fbf6c47dcb9cb2c730"
x-amz-request-id: tx0000000000000345db325-00631274b0-bfe36ba-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu73.sf2p.intern.weebly.net
X-Revision: aba69181966a1a9229b2f5527bc29ef4864d9bed
X-Request-ID: 97589d84d180076b92f75b931e07a39f
currently-merge.square.site/static/icons/payment-methods/discover.svg
199.34.228.40200 OK 3.1 kB URL HTTP/1.1 currently-merge.square.site/static/icons/payment-methods/discover.svg
IP 199.34.228.40:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2151)
Hash 9e274d45e1f0b4185bb742d876cee3f5
67405429005f54a1cfb1a27e27491d89814f9ede
a9e66fbb3fb33098304147be606afc2b8e8c8f745db8a83bb6b2d7a0a9a42abc
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET /static/icons/payment-methods/discover.svg HTTP/1.1
Host: currently-merge.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://currently-merge.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6InJ3MzcweTN1TFdjZVNhNFhtbTRwc0E9PSIsInZhbHVlIjoiRGJxTGM4Y0REaUpiY2NiR2FhVmkwbDNadTRZWGhieVZuUU9ub1FcLzJNSFhmTTNjWk43elRYNGNsSHM1VGhjV1wvcUVUQkVreFFWSHdyQWViREhYc0ErZkI0T25Nc0xjeG94NE5SdW1KUWxXNXFcL1FnMHNweThQblBwUUpaUUo1XC9YIiwibWFjIjoiZDkxMDEyNWQ5NmI3YmYwZTIwZTlkN2MyNjljNDM2OTMyMWMzODFjNDIxODkyZGM0Yzg0ZTBjZDdhMmIwYmNlOSJ9; XSRF-TOKEN=eyJpdiI6IktHU0lJWElQZ0l0MDdHQVRzWTFoaXc9PSIsInZhbHVlIjoiVTlhQWFDRWJxcUx6RTlvRldQbWZoeTZya2xPanRWZXo3U1VyUHdwK3U3T1Y0SHM3MTRFOGdOemlzWnhidzQycDZYbUpnZUZ5bkNLXC9pTTl4WmZMMjY0RHRGRGRPVGhOZDlJUTA2VTVcL3JkWTh5R3l5NEhiMEZkbjBxM0pcL2xWT2MiLCJtYWMiOiIwOWI5NmE2MzUwOTc1NGM0YzU3MGJlNzQxMDdhZTg2ZDMzZmEyYWYwZTIxMDU0YzFlOGM5NzI2NDcwZTdlOGExIn0%3D; PublishedSiteSession=eyJpdiI6IjhzRlRTNDk1QWdaYkk1cjJpdDVwZ1E9PSIsInZhbHVlIjoiVlk4cFZUTE9Sa05IXC96U1VEMWs5ZUhjVlhhM0xoUkRRME5PN21qZjZcL3B3TUhUVmVGUVFZQ3FPOWxaQjM0WG5CNWZOQ2NGUGZyR3g2bWFDU2JpMHQwVndcLzVveXRSa3BiYVV4XC9oXC9ZdEVkcXBQNXZOdHc4VURQajJ6ZVBrUzNRYSIsIm1hYyI6IjQwYzUxMDQ3MGJiMjcwNGExMjFhMzljZDFmYzE2MjliNTdhNzMyZGIzNzZmMDVmMGFiODU3Yjc5ZDBlNjdjYjMifQ%3D%3D; _snow_ses.df7f=*; _snow_id.df7f=8f793126-1c6a-4a15-a3d3-54e0afc0d4ac.1669654333.1.1669654333.1669654333.9bdcd527-94ca-476c-8662-6802390e0274; _dd_s=rum=1&id=653d5b7b-b305-4d55-a135-8799995667e6&created=1669654333827&expire=1669655233827
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 16:52:15 GMT
Content-Type: image/svg+xml
Content-Length: 3087
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "9e274d45e1f0b4185bb742d876cee3f5"
x-amz-request-id: tx000000000000001aa7132-00628473f9-b9fbc7f-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu128.sf2p.intern.weebly.net
X-Revision: aba69181966a1a9229b2f5527bc29ef4864d9bed
X-Request-ID: de5561c2e0de96dfb21b95d70e73dbad
currently-merge.square.site/static/icons/payment-methods/mastercard.svg
199.34.228.40200 OK 1.7 kB URL HTTP/1.1 currently-merge.square.site/static/icons/payment-methods/mastercard.svg
IP 199.34.228.40:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (424)
Hash 1448577966d9c16095880130e876db7a
ecfaef0be795af04cab2f95d7457721a35cf1742
0b6808d0e93f753a1036f42b52c1a2616662d1503f8d07234a98ee54d7a3dd1e
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET /static/icons/payment-methods/mastercard.svg HTTP/1.1
Host: currently-merge.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://currently-merge.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6InJ3MzcweTN1TFdjZVNhNFhtbTRwc0E9PSIsInZhbHVlIjoiRGJxTGM4Y0REaUpiY2NiR2FhVmkwbDNadTRZWGhieVZuUU9ub1FcLzJNSFhmTTNjWk43elRYNGNsSHM1VGhjV1wvcUVUQkVreFFWSHdyQWViREhYc0ErZkI0T25Nc0xjeG94NE5SdW1KUWxXNXFcL1FnMHNweThQblBwUUpaUUo1XC9YIiwibWFjIjoiZDkxMDEyNWQ5NmI3YmYwZTIwZTlkN2MyNjljNDM2OTMyMWMzODFjNDIxODkyZGM0Yzg0ZTBjZDdhMmIwYmNlOSJ9; XSRF-TOKEN=eyJpdiI6IktHU0lJWElQZ0l0MDdHQVRzWTFoaXc9PSIsInZhbHVlIjoiVTlhQWFDRWJxcUx6RTlvRldQbWZoeTZya2xPanRWZXo3U1VyUHdwK3U3T1Y0SHM3MTRFOGdOemlzWnhidzQycDZYbUpnZUZ5bkNLXC9pTTl4WmZMMjY0RHRGRGRPVGhOZDlJUTA2VTVcL3JkWTh5R3l5NEhiMEZkbjBxM0pcL2xWT2MiLCJtYWMiOiIwOWI5NmE2MzUwOTc1NGM0YzU3MGJlNzQxMDdhZTg2ZDMzZmEyYWYwZTIxMDU0YzFlOGM5NzI2NDcwZTdlOGExIn0%3D; PublishedSiteSession=eyJpdiI6IjhzRlRTNDk1QWdaYkk1cjJpdDVwZ1E9PSIsInZhbHVlIjoiVlk4cFZUTE9Sa05IXC96U1VEMWs5ZUhjVlhhM0xoUkRRME5PN21qZjZcL3B3TUhUVmVGUVFZQ3FPOWxaQjM0WG5CNWZOQ2NGUGZyR3g2bWFDU2JpMHQwVndcLzVveXRSa3BiYVV4XC9oXC9ZdEVkcXBQNXZOdHc4VURQajJ6ZVBrUzNRYSIsIm1hYyI6IjQwYzUxMDQ3MGJiMjcwNGExMjFhMzljZDFmYzE2MjliNTdhNzMyZGIzNzZmMDVmMGFiODU3Yjc5ZDBlNjdjYjMifQ%3D%3D; _snow_ses.df7f=*; _snow_id.df7f=8f793126-1c6a-4a15-a3d3-54e0afc0d4ac.1669654333.1.1669654333.1669654333.9bdcd527-94ca-476c-8662-6802390e0274; _dd_s=rum=1&id=653d5b7b-b305-4d55-a135-8799995667e6&created=1669654333827&expire=1669655233827
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 16:52:15 GMT
Content-Type: image/svg+xml
Content-Length: 1657
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:39 GMT
x-rgw-object-type: Normal
ETag: "1448577966d9c16095880130e876db7a"
x-amz-request-id: tx000000000000001af98c5-00628473f6-b9fbc29-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu153.sf2p.intern.weebly.net
X-Revision: aba69181966a1a9229b2f5527bc29ef4864d9bed
X-Request-ID: f2b2cda13947e2d2e8696b715833554d
currently-merge.square.site/app/website/cms/api/v1/users/143979279/customers/coordinates
199.34.228.40200 OK 70 B URL HTTP/1.1 currently-merge.square.site/app/website/cms/api/v1/users/143979279/customers/coordinates
IP 199.34.228.40:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9752b06c768724a72741cf9388713596
3c05993fc47e53d1edaa9c03779565a7753f3a61
1d97b677c782c9ae57c8b4dcb6afd88a8068ea3cd133a00cf1050dfe0b4d835c
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET /app/website/cms/api/v1/users/143979279/customers/coordinates HTTP/1.1
Host: currently-merge.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IktHU0lJWElQZ0l0MDdHQVRzWTFoaXc9PSIsInZhbHVlIjoiVTlhQWFDRWJxcUx6RTlvRldQbWZoeTZya2xPanRWZXo3U1VyUHdwK3U3T1Y0SHM3MTRFOGdOemlzWnhidzQycDZYbUpnZUZ5bkNLXC9pTTl4WmZMMjY0RHRGRGRPVGhOZDlJUTA2VTVcL3JkWTh5R3l5NEhiMEZkbjBxM0pcL2xWT2MiLCJtYWMiOiIwOWI5NmE2MzUwOTc1NGM0YzU3MGJlNzQxMDdhZTg2ZDMzZmEyYWYwZTIxMDU0YzFlOGM5NzI2NDcwZTdlOGExIn0=
Connection: keep-alive
Referer: https://currently-merge.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6InJ3MzcweTN1TFdjZVNhNFhtbTRwc0E9PSIsInZhbHVlIjoiRGJxTGM4Y0REaUpiY2NiR2FhVmkwbDNadTRZWGhieVZuUU9ub1FcLzJNSFhmTTNjWk43elRYNGNsSHM1VGhjV1wvcUVUQkVreFFWSHdyQWViREhYc0ErZkI0T25Nc0xjeG94NE5SdW1KUWxXNXFcL1FnMHNweThQblBwUUpaUUo1XC9YIiwibWFjIjoiZDkxMDEyNWQ5NmI3YmYwZTIwZTlkN2MyNjljNDM2OTMyMWMzODFjNDIxODkyZGM0Yzg0ZTBjZDdhMmIwYmNlOSJ9; XSRF-TOKEN=eyJpdiI6IktHU0lJWElQZ0l0MDdHQVRzWTFoaXc9PSIsInZhbHVlIjoiVTlhQWFDRWJxcUx6RTlvRldQbWZoeTZya2xPanRWZXo3U1VyUHdwK3U3T1Y0SHM3MTRFOGdOemlzWnhidzQycDZYbUpnZUZ5bkNLXC9pTTl4WmZMMjY0RHRGRGRPVGhOZDlJUTA2VTVcL3JkWTh5R3l5NEhiMEZkbjBxM0pcL2xWT2MiLCJtYWMiOiIwOWI5NmE2MzUwOTc1NGM0YzU3MGJlNzQxMDdhZTg2ZDMzZmEyYWYwZTIxMDU0YzFlOGM5NzI2NDcwZTdlOGExIn0%3D; PublishedSiteSession=eyJpdiI6IjhzRlRTNDk1QWdaYkk1cjJpdDVwZ1E9PSIsInZhbHVlIjoiVlk4cFZUTE9Sa05IXC96U1VEMWs5ZUhjVlhhM0xoUkRRME5PN21qZjZcL3B3TUhUVmVGUVFZQ3FPOWxaQjM0WG5CNWZOQ2NGUGZyR3g2bWFDU2JpMHQwVndcLzVveXRSa3BiYVV4XC9oXC9ZdEVkcXBQNXZOdHc4VURQajJ6ZVBrUzNRYSIsIm1hYyI6IjQwYzUxMDQ3MGJiMjcwNGExMjFhMzljZDFmYzE2MjliNTdhNzMyZGIzNzZmMDVmMGFiODU3Yjc5ZDBlNjdjYjMifQ%3D%3D; _snow_ses.df7f=*; _snow_id.df7f=8f793126-1c6a-4a15-a3d3-54e0afc0d4ac.1669654333.1.1669654333.1669654333.9bdcd527-94ca-476c-8662-6802390e0274; _dd_s=rum=1&id=653d5b7b-b305-4d55-a135-8799995667e6&created=1669654333827&expire=1669655233827
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Mon, 28 Nov 2022 16:52:15 GMT
Set-Cookie: websitespring-xsrf=eyJpdiI6IkFidGRKTFN6cDFycU52RW5aUmNpS0E9PSIsInZhbHVlIjoibVl4N1pMVTV1dzBQaEo0cWRcL2JDN1h4WTBkbHZUMzZOQndNU0lYOFhXcHRCZ0dpT09JeU1YeExQWTRhK1l4YTdlcVdVSUNUdG85M2xzdkJcL081NHZUb09uQ0Vkdkd1QThxeTFqcVkzM1o3ZVBxb21mSWg2SUpWdHJVRHVhbTYzbCIsIm1hYyI6ImFlOTYxYzhhNjMxZDAwZTQ4YWY0MTcwYjI5NWRjMmY4N2U2YzE4OWFkNzU4ZjY3NmRjZmY4ZTc0NGFjNGVhNzQifQ%3D%3D; expires=Mon, 12-Dec-2022 16:52:15 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IlVrakx3S2orVFlaZUdWd1o5RHpvZHc9PSIsInZhbHVlIjoiRjhVc2VWQ2pqSmRDN2ZQNDZNT0pMbGp6NlBoSVhpaDBzaDJRTnVZT0VzSFlzV0N6MnZ1M3U3VTF4Q2liamczTGFCOFl6cnRQdlJ3RHJDTm05a1JPK3c2SkdmR2QwMXZBT3lBMDhkWEhJUkdYUVVzeGJlWVBRXC9jNEpNK05SQmt5IiwibWFjIjoiYjkzMjY5NzQ2NzkwZTJjOTg0ZDYwYWU4NDhlYmRjYzJjYjhjZDI4NDgyNWIxZWE4ZTI0MjM3NTRjNTAxYmQ0MSJ9; expires=Mon, 12-Dec-2022 16:52:15 GMT; Max-Age=1209600; path=/
X-Host: blu67.sf2p.intern.weebly.net
X-Revision: aba69181966a1a9229b2f5527bc29ef4864d9bed
X-Request-ID: 392587c9068dc90b7aa72b99a7300127
Content-Encoding: gzip
currently-merge.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
199.34.228.40200 OK 201 B URL HTTP/1.1 currently-merge.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
IP 199.34.228.40:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bbf985fd86ef8add09a38860a98def2f
2804fa968da1e1b8be4b6f150438e45f4150d3c0
236153652c6f09415db4ee8f8b9a98827da5987a001a136d94d87f401ef6f160
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments] HTTP/1.1
Host: currently-merge.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6IktHU0lJWElQZ0l0MDdHQVRzWTFoaXc9PSIsInZhbHVlIjoiVTlhQWFDRWJxcUx6RTlvRldQbWZoeTZya2xPanRWZXo3U1VyUHdwK3U3T1Y0SHM3MTRFOGdOemlzWnhidzQycDZYbUpnZUZ5bkNLXC9pTTl4WmZMMjY0RHRGRGRPVGhOZDlJUTA2VTVcL3JkWTh5R3l5NEhiMEZkbjBxM0pcL2xWT2MiLCJtYWMiOiIwOWI5NmE2MzUwOTc1NGM0YzU3MGJlNzQxMDdhZTg2ZDMzZmEyYWYwZTIxMDU0YzFlOGM5NzI2NDcwZTdlOGExIn0=
Content-Length: 83
Origin: https://currently-merge.square.site
Connection: keep-alive
Referer: https://currently-merge.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6InJ3MzcweTN1TFdjZVNhNFhtbTRwc0E9PSIsInZhbHVlIjoiRGJxTGM4Y0REaUpiY2NiR2FhVmkwbDNadTRZWGhieVZuUU9ub1FcLzJNSFhmTTNjWk43elRYNGNsSHM1VGhjV1wvcUVUQkVreFFWSHdyQWViREhYc0ErZkI0T25Nc0xjeG94NE5SdW1KUWxXNXFcL1FnMHNweThQblBwUUpaUUo1XC9YIiwibWFjIjoiZDkxMDEyNWQ5NmI3YmYwZTIwZTlkN2MyNjljNDM2OTMyMWMzODFjNDIxODkyZGM0Yzg0ZTBjZDdhMmIwYmNlOSJ9; XSRF-TOKEN=eyJpdiI6IktHU0lJWElQZ0l0MDdHQVRzWTFoaXc9PSIsInZhbHVlIjoiVTlhQWFDRWJxcUx6RTlvRldQbWZoeTZya2xPanRWZXo3U1VyUHdwK3U3T1Y0SHM3MTRFOGdOemlzWnhidzQycDZYbUpnZUZ5bkNLXC9pTTl4WmZMMjY0RHRGRGRPVGhOZDlJUTA2VTVcL3JkWTh5R3l5NEhiMEZkbjBxM0pcL2xWT2MiLCJtYWMiOiIwOWI5NmE2MzUwOTc1NGM0YzU3MGJlNzQxMDdhZTg2ZDMzZmEyYWYwZTIxMDU0YzFlOGM5NzI2NDcwZTdlOGExIn0%3D; PublishedSiteSession=eyJpdiI6IjhzRlRTNDk1QWdaYkk1cjJpdDVwZ1E9PSIsInZhbHVlIjoiVlk4cFZUTE9Sa05IXC96U1VEMWs5ZUhjVlhhM0xoUkRRME5PN21qZjZcL3B3TUhUVmVGUVFZQ3FPOWxaQjM0WG5CNWZOQ2NGUGZyR3g2bWFDU2JpMHQwVndcLzVveXRSa3BiYVV4XC9oXC9ZdEVkcXBQNXZOdHc4VURQajJ6ZVBrUzNRYSIsIm1hYyI6IjQwYzUxMDQ3MGJiMjcwNGExMjFhMzljZDFmYzE2MjliNTdhNzMyZGIzNzZmMDVmMGFiODU3Yjc5ZDBlNjdjYjMifQ%3D%3D; _snow_ses.df7f=*; _snow_id.df7f=8f793126-1c6a-4a15-a3d3-54e0afc0d4ac.1669654333.1.1669654333.1669654333.9bdcd527-94ca-476c-8662-6802390e0274; _dd_s=rum=1&id=653d5b7b-b305-4d55-a135-8799995667e6&created=1669654333827&expire=1669655233827
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 16:52:15 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu101.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 201
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
currently-merge.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
199.34.228.40200 OK 893 B URL HTTP/1.1 currently-merge.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
IP 199.34.228.40:0
File type JSON data\012- , ASCII text, with very long lines (893), with no line terminators
Hash 1737d6a3bf6e158107dc575504adf0e1
a3d8be2c39998668263b941fb1113b54fd789cb6
a96d8330834e7d6cb260fbdd5b9e3b346e7c65b2474723cf573a22ae795a60e2
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig] HTTP/1.1
Host: currently-merge.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6IktHU0lJWElQZ0l0MDdHQVRzWTFoaXc9PSIsInZhbHVlIjoiVTlhQWFDRWJxcUx6RTlvRldQbWZoeTZya2xPanRWZXo3U1VyUHdwK3U3T1Y0SHM3MTRFOGdOemlzWnhidzQycDZYbUpnZUZ5bkNLXC9pTTl4WmZMMjY0RHRGRGRPVGhOZDlJUTA2VTVcL3JkWTh5R3l5NEhiMEZkbjBxM0pcL2xWT2MiLCJtYWMiOiIwOWI5NmE2MzUwOTc1NGM0YzU3MGJlNzQxMDdhZTg2ZDMzZmEyYWYwZTIxMDU0YzFlOGM5NzI2NDcwZTdlOGExIn0=
Content-Length: 78
Origin: https://currently-merge.square.site
Connection: keep-alive
Referer: https://currently-merge.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6InJ3MzcweTN1TFdjZVNhNFhtbTRwc0E9PSIsInZhbHVlIjoiRGJxTGM4Y0REaUpiY2NiR2FhVmkwbDNadTRZWGhieVZuUU9ub1FcLzJNSFhmTTNjWk43elRYNGNsSHM1VGhjV1wvcUVUQkVreFFWSHdyQWViREhYc0ErZkI0T25Nc0xjeG94NE5SdW1KUWxXNXFcL1FnMHNweThQblBwUUpaUUo1XC9YIiwibWFjIjoiZDkxMDEyNWQ5NmI3YmYwZTIwZTlkN2MyNjljNDM2OTMyMWMzODFjNDIxODkyZGM0Yzg0ZTBjZDdhMmIwYmNlOSJ9; XSRF-TOKEN=eyJpdiI6IktHU0lJWElQZ0l0MDdHQVRzWTFoaXc9PSIsInZhbHVlIjoiVTlhQWFDRWJxcUx6RTlvRldQbWZoeTZya2xPanRWZXo3U1VyUHdwK3U3T1Y0SHM3MTRFOGdOemlzWnhidzQycDZYbUpnZUZ5bkNLXC9pTTl4WmZMMjY0RHRGRGRPVGhOZDlJUTA2VTVcL3JkWTh5R3l5NEhiMEZkbjBxM0pcL2xWT2MiLCJtYWMiOiIwOWI5NmE2MzUwOTc1NGM0YzU3MGJlNzQxMDdhZTg2ZDMzZmEyYWYwZTIxMDU0YzFlOGM5NzI2NDcwZTdlOGExIn0%3D; PublishedSiteSession=eyJpdiI6IjhzRlRTNDk1QWdaYkk1cjJpdDVwZ1E9PSIsInZhbHVlIjoiVlk4cFZUTE9Sa05IXC96U1VEMWs5ZUhjVlhhM0xoUkRRME5PN21qZjZcL3B3TUhUVmVGUVFZQ3FPOWxaQjM0WG5CNWZOQ2NGUGZyR3g2bWFDU2JpMHQwVndcLzVveXRSa3BiYVV4XC9oXC9ZdEVkcXBQNXZOdHc4VURQajJ6ZVBrUzNRYSIsIm1hYyI6IjQwYzUxMDQ3MGJiMjcwNGExMjFhMzljZDFmYzE2MjliNTdhNzMyZGIzNzZmMDVmMGFiODU3Yjc5ZDBlNjdjYjMifQ%3D%3D; _snow_ses.df7f=*; _snow_id.df7f=8f793126-1c6a-4a15-a3d3-54e0afc0d4ac.1669654333.1.1669654333.1669654333.9bdcd527-94ca-476c-8662-6802390e0274; _dd_s=rum=1&id=653d5b7b-b305-4d55-a135-8799995667e6&created=1669654333827&expire=1669655233827
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 16:52:15 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu124.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 893
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
currently-merge.square.site/static/icons/payment-methods/cashapp.svg
199.34.228.40200 OK 1.4 kB URL HTTP/1.1 currently-merge.square.site/static/icons/payment-methods/cashapp.svg
IP 199.34.228.40:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1143)
Hash 4d9798d0983422b1931dbfb934e04144
b70cb2e3822c77177ba56a351e309d5394263105
880d2b790069e44a5ac9b19ea84372fb6289a1cddae239a7aea7d948fd9faa3a
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET /static/icons/payment-methods/cashapp.svg HTTP/1.1
Host: currently-merge.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://currently-merge.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6InJ3MzcweTN1TFdjZVNhNFhtbTRwc0E9PSIsInZhbHVlIjoiRGJxTGM4Y0REaUpiY2NiR2FhVmkwbDNadTRZWGhieVZuUU9ub1FcLzJNSFhmTTNjWk43elRYNGNsSHM1VGhjV1wvcUVUQkVreFFWSHdyQWViREhYc0ErZkI0T25Nc0xjeG94NE5SdW1KUWxXNXFcL1FnMHNweThQblBwUUpaUUo1XC9YIiwibWFjIjoiZDkxMDEyNWQ5NmI3YmYwZTIwZTlkN2MyNjljNDM2OTMyMWMzODFjNDIxODkyZGM0Yzg0ZTBjZDdhMmIwYmNlOSJ9; XSRF-TOKEN=eyJpdiI6IktHU0lJWElQZ0l0MDdHQVRzWTFoaXc9PSIsInZhbHVlIjoiVTlhQWFDRWJxcUx6RTlvRldQbWZoeTZya2xPanRWZXo3U1VyUHdwK3U3T1Y0SHM3MTRFOGdOemlzWnhidzQycDZYbUpnZUZ5bkNLXC9pTTl4WmZMMjY0RHRGRGRPVGhOZDlJUTA2VTVcL3JkWTh5R3l5NEhiMEZkbjBxM0pcL2xWT2MiLCJtYWMiOiIwOWI5NmE2MzUwOTc1NGM0YzU3MGJlNzQxMDdhZTg2ZDMzZmEyYWYwZTIxMDU0YzFlOGM5NzI2NDcwZTdlOGExIn0%3D; PublishedSiteSession=eyJpdiI6IjhzRlRTNDk1QWdaYkk1cjJpdDVwZ1E9PSIsInZhbHVlIjoiVlk4cFZUTE9Sa05IXC96U1VEMWs5ZUhjVlhhM0xoUkRRME5PN21qZjZcL3B3TUhUVmVGUVFZQ3FPOWxaQjM0WG5CNWZOQ2NGUGZyR3g2bWFDU2JpMHQwVndcLzVveXRSa3BiYVV4XC9oXC9ZdEVkcXBQNXZOdHc4VURQajJ6ZVBrUzNRYSIsIm1hYyI6IjQwYzUxMDQ3MGJiMjcwNGExMjFhMzljZDFmYzE2MjliNTdhNzMyZGIzNzZmMDVmMGFiODU3Yjc5ZDBlNjdjYjMifQ%3D%3D; _snow_ses.df7f=*; _snow_id.df7f=8f793126-1c6a-4a15-a3d3-54e0afc0d4ac.1669654333.1.1669654333.1669654333.9bdcd527-94ca-476c-8662-6802390e0274; _dd_s=rum=1&id=653d5b7b-b305-4d55-a135-8799995667e6&created=1669654333827&expire=1669655233827
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 16:52:15 GMT
Content-Type: image/svg+xml
Content-Length: 1394
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "4d9798d0983422b1931dbfb934e04144"
x-amz-request-id: tx00000000000000db9882a-00629614f5-b9fbc29-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu128.sf2p.intern.weebly.net
X-Revision: aba69181966a1a9229b2f5527bc29ef4864d9bed
X-Request-ID: e3cfaa77506160ebf1394c63f7dd5b8e
currently-merge.square.site/static/icons/payment-methods/afterpay.svg
199.34.228.40200 OK 2.1 kB URL HTTP/1.1 currently-merge.square.site/static/icons/payment-methods/afterpay.svg
IP 199.34.228.40:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (665)
Hash 260a26946c3308e835f83022e177e1aa
3ef5afcc903a2375bc686511214c5e9e535b2342
cb0d2b4c057e2dd0c0be626a3fc89c2fbfe23a8de627f2031d1c44de406ffc35
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET /static/icons/payment-methods/afterpay.svg HTTP/1.1
Host: currently-merge.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://currently-merge.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6InJ3MzcweTN1TFdjZVNhNFhtbTRwc0E9PSIsInZhbHVlIjoiRGJxTGM4Y0REaUpiY2NiR2FhVmkwbDNadTRZWGhieVZuUU9ub1FcLzJNSFhmTTNjWk43elRYNGNsSHM1VGhjV1wvcUVUQkVreFFWSHdyQWViREhYc0ErZkI0T25Nc0xjeG94NE5SdW1KUWxXNXFcL1FnMHNweThQblBwUUpaUUo1XC9YIiwibWFjIjoiZDkxMDEyNWQ5NmI3YmYwZTIwZTlkN2MyNjljNDM2OTMyMWMzODFjNDIxODkyZGM0Yzg0ZTBjZDdhMmIwYmNlOSJ9; XSRF-TOKEN=eyJpdiI6IlVrakx3S2orVFlaZUdWd1o5RHpvZHc9PSIsInZhbHVlIjoiRjhVc2VWQ2pqSmRDN2ZQNDZNT0pMbGp6NlBoSVhpaDBzaDJRTnVZT0VzSFlzV0N6MnZ1M3U3VTF4Q2liamczTGFCOFl6cnRQdlJ3RHJDTm05a1JPK3c2SkdmR2QwMXZBT3lBMDhkWEhJUkdYUVVzeGJlWVBRXC9jNEpNK05SQmt5IiwibWFjIjoiYjkzMjY5NzQ2NzkwZTJjOTg0ZDYwYWU4NDhlYmRjYzJjYjhjZDI4NDgyNWIxZWE4ZTI0MjM3NTRjNTAxYmQ0MSJ9; PublishedSiteSession=eyJpdiI6IjhzRlRTNDk1QWdaYkk1cjJpdDVwZ1E9PSIsInZhbHVlIjoiVlk4cFZUTE9Sa05IXC96U1VEMWs5ZUhjVlhhM0xoUkRRME5PN21qZjZcL3B3TUhUVmVGUVFZQ3FPOWxaQjM0WG5CNWZOQ2NGUGZyR3g2bWFDU2JpMHQwVndcLzVveXRSa3BiYVV4XC9oXC9ZdEVkcXBQNXZOdHc4VURQajJ6ZVBrUzNRYSIsIm1hYyI6IjQwYzUxMDQ3MGJiMjcwNGExMjFhMzljZDFmYzE2MjliNTdhNzMyZGIzNzZmMDVmMGFiODU3Yjc5ZDBlNjdjYjMifQ%3D%3D; _snow_ses.df7f=*; _snow_id.df7f=8f793126-1c6a-4a15-a3d3-54e0afc0d4ac.1669654333.1.1669654333.1669654333.9bdcd527-94ca-476c-8662-6802390e0274; _dd_s=rum=1&id=653d5b7b-b305-4d55-a135-8799995667e6&created=1669654333827&expire=1669655233827; websitespring-xsrf=eyJpdiI6IkFidGRKTFN6cDFycU52RW5aUmNpS0E9PSIsInZhbHVlIjoibVl4N1pMVTV1dzBQaEo0cWRcL2JDN1h4WTBkbHZUMzZOQndNU0lYOFhXcHRCZ0dpT09JeU1YeExQWTRhK1l4YTdlcVdVSUNUdG85M2xzdkJcL081NHZUb09uQ0Vkdkd1QThxeTFqcVkzM1o3ZVBxb21mSWg2SUpWdHJVRHVhbTYzbCIsIm1hYyI6ImFlOTYxYzhhNjMxZDAwZTQ4YWY0MTcwYjI5NWRjMmY4N2U2YzE4OWFkNzU4ZjY3NmRjZmY4ZTc0NGFjNGVhNzQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 16:52:15 GMT
Content-Type: image/svg+xml
Content-Length: 2148
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "260a26946c3308e835f83022e177e1aa"
x-amz-request-id: tx000000000000001ae6769-00628473fd-b9fbc63-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu153.sf2p.intern.weebly.net
X-Revision: aba69181966a1a9229b2f5527bc29ef4864d9bed
X-Request-ID: 6dbc23ebc213221539a39ed918393ca7
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df141b2870b815741dc933e28ccde012
c0be7764317f559566e95a3b4a98ca996d6605dd
791127d762d37f19c377b3f4e645e947a8127238752001af43b44f9743d89fdc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2150
Cache-Control: max-age=141611
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 16:52:15 GMT
Etag: "63846504-1d7"
Expires: Wed, 30 Nov 2022 08:12:26 GMT
Last-Modified: Mon, 28 Nov 2022 07:36:36 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
currently-merge.square.site/static/icons/payment-methods/jcb.svg
199.34.228.40200 OK 3.9 kB URL HTTP/1.1 currently-merge.square.site/static/icons/payment-methods/jcb.svg
IP 199.34.228.40:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1131)
Hash 32a219b916e0f1667aa650f7f8536a7b
a464d7ae31f4996c69c95a11fb791b01e55ceba8
4e8f269a2bf9b6d132634125bfe865e6342103f4cbd7953951d16c3442a24216
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET /static/icons/payment-methods/jcb.svg HTTP/1.1
Host: currently-merge.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://currently-merge.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6InJ3MzcweTN1TFdjZVNhNFhtbTRwc0E9PSIsInZhbHVlIjoiRGJxTGM4Y0REaUpiY2NiR2FhVmkwbDNadTRZWGhieVZuUU9ub1FcLzJNSFhmTTNjWk43elRYNGNsSHM1VGhjV1wvcUVUQkVreFFWSHdyQWViREhYc0ErZkI0T25Nc0xjeG94NE5SdW1KUWxXNXFcL1FnMHNweThQblBwUUpaUUo1XC9YIiwibWFjIjoiZDkxMDEyNWQ5NmI3YmYwZTIwZTlkN2MyNjljNDM2OTMyMWMzODFjNDIxODkyZGM0Yzg0ZTBjZDdhMmIwYmNlOSJ9; XSRF-TOKEN=eyJpdiI6IktHU0lJWElQZ0l0MDdHQVRzWTFoaXc9PSIsInZhbHVlIjoiVTlhQWFDRWJxcUx6RTlvRldQbWZoeTZya2xPanRWZXo3U1VyUHdwK3U3T1Y0SHM3MTRFOGdOemlzWnhidzQycDZYbUpnZUZ5bkNLXC9pTTl4WmZMMjY0RHRGRGRPVGhOZDlJUTA2VTVcL3JkWTh5R3l5NEhiMEZkbjBxM0pcL2xWT2MiLCJtYWMiOiIwOWI5NmE2MzUwOTc1NGM0YzU3MGJlNzQxMDdhZTg2ZDMzZmEyYWYwZTIxMDU0YzFlOGM5NzI2NDcwZTdlOGExIn0%3D; PublishedSiteSession=eyJpdiI6IjhzRlRTNDk1QWdaYkk1cjJpdDVwZ1E9PSIsInZhbHVlIjoiVlk4cFZUTE9Sa05IXC96U1VEMWs5ZUhjVlhhM0xoUkRRME5PN21qZjZcL3B3TUhUVmVGUVFZQ3FPOWxaQjM0WG5CNWZOQ2NGUGZyR3g2bWFDU2JpMHQwVndcLzVveXRSa3BiYVV4XC9oXC9ZdEVkcXBQNXZOdHc4VURQajJ6ZVBrUzNRYSIsIm1hYyI6IjQwYzUxMDQ3MGJiMjcwNGExMjFhMzljZDFmYzE2MjliNTdhNzMyZGIzNzZmMDVmMGFiODU3Yjc5ZDBlNjdjYjMifQ%3D%3D; _snow_ses.df7f=*; _snow_id.df7f=8f793126-1c6a-4a15-a3d3-54e0afc0d4ac.1669654333.1.1669654333.1669654333.9bdcd527-94ca-476c-8662-6802390e0274; _dd_s=rum=1&id=653d5b7b-b305-4d55-a135-8799995667e6&created=1669654333827&expire=1669655233827
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 16:52:15 GMT
Content-Type: image/svg+xml
Content-Length: 3876
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:39 GMT
x-rgw-object-type: Normal
ETag: "32a219b916e0f1667aa650f7f8536a7b"
x-amz-request-id: tx000000000000001af9a36-00628473f6-b9fbc29-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu73.sf2p.intern.weebly.net
X-Revision: aba69181966a1a9229b2f5527bc29ef4864d9bed
X-Request-ID: b293c9b1359ee33c2f038c64ac2bc71f
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-aba6918&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=67577ec8-050a-46e2-a421-9ef518bcbe93&batch_time=1669654334774
3.233.159.138202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-aba6918&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=67577ec8-050a-46e2-a421-9ef518bcbe93&batch_time=1669654334774
IP 3.233.159.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bdfbed137d618ac944dbc34e1c269edd
9ce47595ce1d9f627dd651b4648675b26cbd376f
898e69da4ca8fcecdbf24e9bc9ccafb9b77585c61dadb266d273a367a3a95fc9
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-aba6918&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=67577ec8-050a-46e2-a421-9ef518bcbe93&batch_time=1669654334774 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15580
Origin: https://currently-merge.square.site
Connection: keep-alive
Referer: https://currently-merge.square.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Mon, 28 Nov 2022 16:52:15 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
34.214.185.169200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 34.214.185.169:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 2386
Origin: https://currently-merge.square.site
Connection: keep-alive
Referer: https://currently-merge.square.site/
Cookie: sp=56fd0712-c28f-48aa-9c10-e2fb0614c53c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 16:52:15 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=56fd0712-c28f-48aa-9c10-e2fb0614c53c; Expires=Tue, 28 Nov 2023 16:52:15 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://currently-merge.square.site
access-control-allow-credentials: true
X-Firefox-Spdy: h2
currently-merge.square.site/uploads/b/ec50be80-6cb6-11ed-84fe-f580f310dd97/icon_180x180_ios.png?width=180
199.34.228.40200 OK 1.8 kB URL HTTP/1.1 currently-merge.square.site/uploads/b/ec50be80-6cb6-11ed-84fe-f580f310dd97/icon_180x180_ios.png?width=180
IP 199.34.228.40:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 451489e7e152479163606a4854a43742
c053ef8e02678d53b8309c0e5d0827e2a99af5f7
b3a780c45be29c8c1859bccef034ad4ca43cab2c10cde3abf42cca3cb7947cae
GET /uploads/b/ec50be80-6cb6-11ed-84fe-f580f310dd97/icon_180x180_ios.png?width=180 HTTP/1.1
Host: currently-merge.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://currently-merge.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6InJ3MzcweTN1TFdjZVNhNFhtbTRwc0E9PSIsInZhbHVlIjoiRGJxTGM4Y0REaUpiY2NiR2FhVmkwbDNadTRZWGhieVZuUU9ub1FcLzJNSFhmTTNjWk43elRYNGNsSHM1VGhjV1wvcUVUQkVreFFWSHdyQWViREhYc0ErZkI0T25Nc0xjeG94NE5SdW1KUWxXNXFcL1FnMHNweThQblBwUUpaUUo1XC9YIiwibWFjIjoiZDkxMDEyNWQ5NmI3YmYwZTIwZTlkN2MyNjljNDM2OTMyMWMzODFjNDIxODkyZGM0Yzg0ZTBjZDdhMmIwYmNlOSJ9; XSRF-TOKEN=eyJpdiI6IlVrakx3S2orVFlaZUdWd1o5RHpvZHc9PSIsInZhbHVlIjoiRjhVc2VWQ2pqSmRDN2ZQNDZNT0pMbGp6NlBoSVhpaDBzaDJRTnVZT0VzSFlzV0N6MnZ1M3U3VTF4Q2liamczTGFCOFl6cnRQdlJ3RHJDTm05a1JPK3c2SkdmR2QwMXZBT3lBMDhkWEhJUkdYUVVzeGJlWVBRXC9jNEpNK05SQmt5IiwibWFjIjoiYjkzMjY5NzQ2NzkwZTJjOTg0ZDYwYWU4NDhlYmRjYzJjYjhjZDI4NDgyNWIxZWE4ZTI0MjM3NTRjNTAxYmQ0MSJ9; PublishedSiteSession=eyJpdiI6IjhzRlRTNDk1QWdaYkk1cjJpdDVwZ1E9PSIsInZhbHVlIjoiVlk4cFZUTE9Sa05IXC96U1VEMWs5ZUhjVlhhM0xoUkRRME5PN21qZjZcL3B3TUhUVmVGUVFZQ3FPOWxaQjM0WG5CNWZOQ2NGUGZyR3g2bWFDU2JpMHQwVndcLzVveXRSa3BiYVV4XC9oXC9ZdEVkcXBQNXZOdHc4VURQajJ6ZVBrUzNRYSIsIm1hYyI6IjQwYzUxMDQ3MGJiMjcwNGExMjFhMzljZDFmYzE2MjliNTdhNzMyZGIzNzZmMDVmMGFiODU3Yjc5ZDBlNjdjYjMifQ%3D%3D; _snow_ses.df7f=*; _snow_id.df7f=8f793126-1c6a-4a15-a3d3-54e0afc0d4ac.1669654333.1.1669654333.1669654333.9bdcd527-94ca-476c-8662-6802390e0274; _dd_s=rum=1&id=653d5b7b-b305-4d55-a135-8799995667e6&created=1669654333827&expire=1669655233827; websitespring-xsrf=eyJpdiI6IkFidGRKTFN6cDFycU52RW5aUmNpS0E9PSIsInZhbHVlIjoibVl4N1pMVTV1dzBQaEo0cWRcL2JDN1h4WTBkbHZUMzZOQndNU0lYOFhXcHRCZ0dpT09JeU1YeExQWTRhK1l4YTdlcVdVSUNUdG85M2xzdkJcL081NHZUb09uQ0Vkdkd1QThxeTFqcVkzM1o3ZVBxb21mSWg2SUpWdHJVRHVhbTYzbCIsIm1hYyI6ImFlOTYxYzhhNjMxZDAwZTQ4YWY0MTcwYjI5NWRjMmY4N2U2YzE4OWFkNzU4ZjY3NmRjZmY4ZTc0NGFjNGVhNzQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 16:52:15 GMT
Content-Type: image/webp
Content-Length: 1798
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "4N/jXWwoMCL2JocQCyA9CT+f+TGBzPHMPQld69XHD+U"
Fastly-Io-Info: ifsz=2862 idim=180x180 ifmt=png ofsz=1798 odim=180x180 ofmt=webp
Fastly-Stats: io=1
Fastly-Transform-Stats: tus=2289 cr=1.59
X-Amz-Request-Id: tx00000000000003b59fa77-006384e73f-c67eadd-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: zb8b5
X-Storage-Object: b8b5e3338a03f33a78e5906cf6090119321833f8e4f0dcad7098c5179b1622d1
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-sjc10034-SJC, cache-pao17435-PAO
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1669654336.901872,VS0,VE87
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn79.sf2p.intern.weebly.net
currently-merge.square.site/square.ico
199.34.228.40200 OK 6.5 kB URL HTTP/1.1 currently-merge.square.site/square.ico
IP 199.34.228.40:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash d810985ef4dc1c0bd5811e36d13c8ca3
2b45bb77c68c937af6a2d9854dc82301526473aa
770e0889aefd823056c7cdbb066a445be0f0754c1b4d4cba877e120fdbcb63e6
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET /square.ico HTTP/1.1
Host: currently-merge.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://currently-merge.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6InJ3MzcweTN1TFdjZVNhNFhtbTRwc0E9PSIsInZhbHVlIjoiRGJxTGM4Y0REaUpiY2NiR2FhVmkwbDNadTRZWGhieVZuUU9ub1FcLzJNSFhmTTNjWk43elRYNGNsSHM1VGhjV1wvcUVUQkVreFFWSHdyQWViREhYc0ErZkI0T25Nc0xjeG94NE5SdW1KUWxXNXFcL1FnMHNweThQblBwUUpaUUo1XC9YIiwibWFjIjoiZDkxMDEyNWQ5NmI3YmYwZTIwZTlkN2MyNjljNDM2OTMyMWMzODFjNDIxODkyZGM0Yzg0ZTBjZDdhMmIwYmNlOSJ9; XSRF-TOKEN=eyJpdiI6IlVrakx3S2orVFlaZUdWd1o5RHpvZHc9PSIsInZhbHVlIjoiRjhVc2VWQ2pqSmRDN2ZQNDZNT0pMbGp6NlBoSVhpaDBzaDJRTnVZT0VzSFlzV0N6MnZ1M3U3VTF4Q2liamczTGFCOFl6cnRQdlJ3RHJDTm05a1JPK3c2SkdmR2QwMXZBT3lBMDhkWEhJUkdYUVVzeGJlWVBRXC9jNEpNK05SQmt5IiwibWFjIjoiYjkzMjY5NzQ2NzkwZTJjOTg0ZDYwYWU4NDhlYmRjYzJjYjhjZDI4NDgyNWIxZWE4ZTI0MjM3NTRjNTAxYmQ0MSJ9; PublishedSiteSession=eyJpdiI6IjhzRlRTNDk1QWdaYkk1cjJpdDVwZ1E9PSIsInZhbHVlIjoiVlk4cFZUTE9Sa05IXC96U1VEMWs5ZUhjVlhhM0xoUkRRME5PN21qZjZcL3B3TUhUVmVGUVFZQ3FPOWxaQjM0WG5CNWZOQ2NGUGZyR3g2bWFDU2JpMHQwVndcLzVveXRSa3BiYVV4XC9oXC9ZdEVkcXBQNXZOdHc4VURQajJ6ZVBrUzNRYSIsIm1hYyI6IjQwYzUxMDQ3MGJiMjcwNGExMjFhMzljZDFmYzE2MjliNTdhNzMyZGIzNzZmMDVmMGFiODU3Yjc5ZDBlNjdjYjMifQ%3D%3D; _snow_ses.df7f=*; _snow_id.df7f=8f793126-1c6a-4a15-a3d3-54e0afc0d4ac.1669654333.1.1669654333.1669654333.9bdcd527-94ca-476c-8662-6802390e0274; _dd_s=rum=1&id=653d5b7b-b305-4d55-a135-8799995667e6&created=1669654333827&expire=1669655233827; websitespring-xsrf=eyJpdiI6IkFidGRKTFN6cDFycU52RW5aUmNpS0E9PSIsInZhbHVlIjoibVl4N1pMVTV1dzBQaEo0cWRcL2JDN1h4WTBkbHZUMzZOQndNU0lYOFhXcHRCZ0dpT09JeU1YeExQWTRhK1l4YTdlcVdVSUNUdG85M2xzdkJcL081NHZUb09uQ0Vkdkd1QThxeTFqcVkzM1o3ZVBxb21mSWg2SUpWdHJVRHVhbTYzbCIsIm1hYyI6ImFlOTYxYzhhNjMxZDAwZTQ4YWY0MTcwYjI5NWRjMmY4N2U2YzE4OWFkNzU4ZjY3NmRjZmY4ZTc0NGFjNGVhNzQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 16:52:15 GMT
Content-Type: image/x-icon
Content-Length: 6518
Connection: keep-alive
Last-Modified: Tue, 02 Apr 2019 14:51:59 GMT
x-rgw-object-type: Normal
ETag: "d810985ef4dc1c0bd5811e36d13c8ca3"
x-amz-request-id: tx000000000000001a88764-00628473fc-b9fbc20-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu73.sf2p.intern.weebly.net
X-Revision: aba69181966a1a9229b2f5527bc29ef4864d9bed
X-Request-ID: 8381d2f500a090947ca4b7a6714a2a91
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
34.214.185.169200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 34.214.185.169:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1845
Origin: https://currently-merge.square.site
Connection: keep-alive
Referer: https://currently-merge.square.site/
Cookie: sp=56fd0712-c28f-48aa-9c10-e2fb0614c53c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 16:52:16 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=56fd0712-c28f-48aa-9c10-e2fb0614c53c; Expires=Tue, 28 Nov 2023 16:52:16 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://currently-merge.square.site
access-control-allow-credentials: true
X-Firefox-Spdy: h2
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-aba6918&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=bd6639ef-b8dc-4f9c-a890-cbc6f68c0f4f&batch_time=1669654335583
3.233.159.138202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-aba6918&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=bd6639ef-b8dc-4f9c-a890-cbc6f68c0f4f&batch_time=1669654335583
IP 3.233.159.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d8caf2207bffeceb5b071b5e440e84f6
8b6cff90755c48e18e83803eaa57077c05d17189
b787b607e121507a3a1f491fc47d4aa200375c952436edbe42d87e29bde81575
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-aba6918&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=bd6639ef-b8dc-4f9c-a890-cbc6f68c0f4f&batch_time=1669654335583 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 16187
Origin: https://currently-merge.square.site
Connection: keep-alive
Referer: https://currently-merge.square.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Mon, 28 Nov 2022 16:52:16 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
currently-merge.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
199.34.228.40200 OK 182 B URL HTTP/1.1 currently-merge.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
IP 199.34.228.40:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6f6b6b81dd3714cd388808342e960a10
f34bc92a2c7a4dfe56bd6f069ad601e6a61e3b61
2eb22bb7b96aaee11236fcf99e822ede29d3a2ddf2d6f019bb70005b5a1540ef
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder] HTTP/1.1
Host: currently-merge.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6IlVrakx3S2orVFlaZUdWd1o5RHpvZHc9PSIsInZhbHVlIjoiRjhVc2VWQ2pqSmRDN2ZQNDZNT0pMbGp6NlBoSVhpaDBzaDJRTnVZT0VzSFlzV0N6MnZ1M3U3VTF4Q2liamczTGFCOFl6cnRQdlJ3RHJDTm05a1JPK3c2SkdmR2QwMXZBT3lBMDhkWEhJUkdYUVVzeGJlWVBRXC9jNEpNK05SQmt5IiwibWFjIjoiYjkzMjY5NzQ2NzkwZTJjOTg0ZDYwYWU4NDhlYmRjYzJjYjhjZDI4NDgyNWIxZWE4ZTI0MjM3NTRjNTAxYmQ0MSJ9
Content-Length: 89
Origin: https://currently-merge.square.site
Connection: keep-alive
Referer: https://currently-merge.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6InJ3MzcweTN1TFdjZVNhNFhtbTRwc0E9PSIsInZhbHVlIjoiRGJxTGM4Y0REaUpiY2NiR2FhVmkwbDNadTRZWGhieVZuUU9ub1FcLzJNSFhmTTNjWk43elRYNGNsSHM1VGhjV1wvcUVUQkVreFFWSHdyQWViREhYc0ErZkI0T25Nc0xjeG94NE5SdW1KUWxXNXFcL1FnMHNweThQblBwUUpaUUo1XC9YIiwibWFjIjoiZDkxMDEyNWQ5NmI3YmYwZTIwZTlkN2MyNjljNDM2OTMyMWMzODFjNDIxODkyZGM0Yzg0ZTBjZDdhMmIwYmNlOSJ9; XSRF-TOKEN=eyJpdiI6IlVrakx3S2orVFlaZUdWd1o5RHpvZHc9PSIsInZhbHVlIjoiRjhVc2VWQ2pqSmRDN2ZQNDZNT0pMbGp6NlBoSVhpaDBzaDJRTnVZT0VzSFlzV0N6MnZ1M3U3VTF4Q2liamczTGFCOFl6cnRQdlJ3RHJDTm05a1JPK3c2SkdmR2QwMXZBT3lBMDhkWEhJUkdYUVVzeGJlWVBRXC9jNEpNK05SQmt5IiwibWFjIjoiYjkzMjY5NzQ2NzkwZTJjOTg0ZDYwYWU4NDhlYmRjYzJjYjhjZDI4NDgyNWIxZWE4ZTI0MjM3NTRjNTAxYmQ0MSJ9; PublishedSiteSession=eyJpdiI6IjhzRlRTNDk1QWdaYkk1cjJpdDVwZ1E9PSIsInZhbHVlIjoiVlk4cFZUTE9Sa05IXC96U1VEMWs5ZUhjVlhhM0xoUkRRME5PN21qZjZcL3B3TUhUVmVGUVFZQ3FPOWxaQjM0WG5CNWZOQ2NGUGZyR3g2bWFDU2JpMHQwVndcLzVveXRSa3BiYVV4XC9oXC9ZdEVkcXBQNXZOdHc4VURQajJ6ZVBrUzNRYSIsIm1hYyI6IjQwYzUxMDQ3MGJiMjcwNGExMjFhMzljZDFmYzE2MjliNTdhNzMyZGIzNzZmMDVmMGFiODU3Yjc5ZDBlNjdjYjMifQ%3D%3D; _snow_ses.df7f=*; _snow_id.df7f=8f793126-1c6a-4a15-a3d3-54e0afc0d4ac.1669654333.1.1669654335.1669654333.9bdcd527-94ca-476c-8662-6802390e0274; _dd_s=rum=1&id=653d5b7b-b305-4d55-a135-8799995667e6&created=1669654333827&expire=1669655233827; websitespring-xsrf=eyJpdiI6IkFidGRKTFN6cDFycU52RW5aUmNpS0E9PSIsInZhbHVlIjoibVl4N1pMVTV1dzBQaEo0cWRcL2JDN1h4WTBkbHZUMzZOQndNU0lYOFhXcHRCZ0dpT09JeU1YeExQWTRhK1l4YTdlcVdVSUNUdG85M2xzdkJcL081NHZUb09uQ0Vkdkd1QThxeTFqcVkzM1o3ZVBxb21mSWg2SUpWdHJVRHVhbTYzbCIsIm1hYyI6ImFlOTYxYzhhNjMxZDAwZTQ4YWY0MTcwYjI5NWRjMmY4N2U2YzE4OWFkNzU4ZjY3NmRjZmY4ZTc0NGFjNGVhNzQifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 16:52:16 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu82.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 182
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
currently-merge.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
199.34.228.40200 OK 79 B URL HTTP/1.1 currently-merge.square.site/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
IP 199.34.228.40:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 26e70d9925604cbe0c7e866fc54d87f4
ef5b3fb91cf2534cbf57806d14b21f0a5ae5c259
c0e7b562566962eced45cdf3319b692c55f3df7c3c6d39436a9d21bae2d2e049
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable] HTTP/1.1
Host: currently-merge.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6IlVrakx3S2orVFlaZUdWd1o5RHpvZHc9PSIsInZhbHVlIjoiRjhVc2VWQ2pqSmRDN2ZQNDZNT0pMbGp6NlBoSVhpaDBzaDJRTnVZT0VzSFlzV0N6MnZ1M3U3VTF4Q2liamczTGFCOFl6cnRQdlJ3RHJDTm05a1JPK3c2SkdmR2QwMXZBT3lBMDhkWEhJUkdYUVVzeGJlWVBRXC9jNEpNK05SQmt5IiwibWFjIjoiYjkzMjY5NzQ2NzkwZTJjOTg0ZDYwYWU4NDhlYmRjYzJjYjhjZDI4NDgyNWIxZWE4ZTI0MjM3NTRjNTAxYmQ0MSJ9
Content-Length: 77
Origin: https://currently-merge.square.site
Connection: keep-alive
Referer: https://currently-merge.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6InJ3MzcweTN1TFdjZVNhNFhtbTRwc0E9PSIsInZhbHVlIjoiRGJxTGM4Y0REaUpiY2NiR2FhVmkwbDNadTRZWGhieVZuUU9ub1FcLzJNSFhmTTNjWk43elRYNGNsSHM1VGhjV1wvcUVUQkVreFFWSHdyQWViREhYc0ErZkI0T25Nc0xjeG94NE5SdW1KUWxXNXFcL1FnMHNweThQblBwUUpaUUo1XC9YIiwibWFjIjoiZDkxMDEyNWQ5NmI3YmYwZTIwZTlkN2MyNjljNDM2OTMyMWMzODFjNDIxODkyZGM0Yzg0ZTBjZDdhMmIwYmNlOSJ9; XSRF-TOKEN=eyJpdiI6IlVrakx3S2orVFlaZUdWd1o5RHpvZHc9PSIsInZhbHVlIjoiRjhVc2VWQ2pqSmRDN2ZQNDZNT0pMbGp6NlBoSVhpaDBzaDJRTnVZT0VzSFlzV0N6MnZ1M3U3VTF4Q2liamczTGFCOFl6cnRQdlJ3RHJDTm05a1JPK3c2SkdmR2QwMXZBT3lBMDhkWEhJUkdYUVVzeGJlWVBRXC9jNEpNK05SQmt5IiwibWFjIjoiYjkzMjY5NzQ2NzkwZTJjOTg0ZDYwYWU4NDhlYmRjYzJjYjhjZDI4NDgyNWIxZWE4ZTI0MjM3NTRjNTAxYmQ0MSJ9; PublishedSiteSession=eyJpdiI6IjhzRlRTNDk1QWdaYkk1cjJpdDVwZ1E9PSIsInZhbHVlIjoiVlk4cFZUTE9Sa05IXC96U1VEMWs5ZUhjVlhhM0xoUkRRME5PN21qZjZcL3B3TUhUVmVGUVFZQ3FPOWxaQjM0WG5CNWZOQ2NGUGZyR3g2bWFDU2JpMHQwVndcLzVveXRSa3BiYVV4XC9oXC9ZdEVkcXBQNXZOdHc4VURQajJ6ZVBrUzNRYSIsIm1hYyI6IjQwYzUxMDQ3MGJiMjcwNGExMjFhMzljZDFmYzE2MjliNTdhNzMyZGIzNzZmMDVmMGFiODU3Yjc5ZDBlNjdjYjMifQ%3D%3D; _snow_ses.df7f=*; _snow_id.df7f=8f793126-1c6a-4a15-a3d3-54e0afc0d4ac.1669654333.1.1669654335.1669654333.9bdcd527-94ca-476c-8662-6802390e0274; _dd_s=rum=1&id=653d5b7b-b305-4d55-a135-8799995667e6&created=1669654333827&expire=1669655233827; websitespring-xsrf=eyJpdiI6IkFidGRKTFN6cDFycU52RW5aUmNpS0E9PSIsInZhbHVlIjoibVl4N1pMVTV1dzBQaEo0cWRcL2JDN1h4WTBkbHZUMzZOQndNU0lYOFhXcHRCZ0dpT09JeU1YeExQWTRhK1l4YTdlcVdVSUNUdG85M2xzdkJcL081NHZUb09uQ0Vkdkd1QThxeTFqcVkzM1o3ZVBxb21mSWg2SUpWdHJVRHVhbTYzbCIsIm1hYyI6ImFlOTYxYzhhNjMxZDAwZTQ4YWY0MTcwYjI5NWRjMmY4N2U2YzE4OWFkNzU4ZjY3NmRjZmY4ZTc0NGFjNGVhNzQifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 16:52:16 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn150.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 79
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
currently-merge.square.site/uploads/b/6ce16b7bfbe85c22f5e61c998c901b8cc06f38a4e5098a5b8409f196f8ff2b4c/Currently_w%20teal%20comma_1669376924.png?width=400
199.34.228.40200 OK 18 kB URL HTTP/1.1 currently-merge.square.site/uploads/b/6ce16b7bfbe85c22f5e61c998c901b8cc06f38a4e5098a5b8409f196f8ff2b4c/Currently_w%20teal%20comma_1669376924.png?width=400
IP 199.34.228.40:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1efdc90df27204c905edd87c89f8fc32
dc8cfb4f3a4dd3f58643bc8474facdf7e8ed6ca5
930fa7c8d87176427ad86b3e7946d099e5dad9f785e1afa648e42208b0543660
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET /uploads/b/6ce16b7bfbe85c22f5e61c998c901b8cc06f38a4e5098a5b8409f196f8ff2b4c/Currently_w%20teal%20comma_1669376924.png?width=400 HTTP/1.1
Host: currently-merge.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://currently-merge.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6InJ3MzcweTN1TFdjZVNhNFhtbTRwc0E9PSIsInZhbHVlIjoiRGJxTGM4Y0REaUpiY2NiR2FhVmkwbDNadTRZWGhieVZuUU9ub1FcLzJNSFhmTTNjWk43elRYNGNsSHM1VGhjV1wvcUVUQkVreFFWSHdyQWViREhYc0ErZkI0T25Nc0xjeG94NE5SdW1KUWxXNXFcL1FnMHNweThQblBwUUpaUUo1XC9YIiwibWFjIjoiZDkxMDEyNWQ5NmI3YmYwZTIwZTlkN2MyNjljNDM2OTMyMWMzODFjNDIxODkyZGM0Yzg0ZTBjZDdhMmIwYmNlOSJ9; XSRF-TOKEN=eyJpdiI6IlVrakx3S2orVFlaZUdWd1o5RHpvZHc9PSIsInZhbHVlIjoiRjhVc2VWQ2pqSmRDN2ZQNDZNT0pMbGp6NlBoSVhpaDBzaDJRTnVZT0VzSFlzV0N6MnZ1M3U3VTF4Q2liamczTGFCOFl6cnRQdlJ3RHJDTm05a1JPK3c2SkdmR2QwMXZBT3lBMDhkWEhJUkdYUVVzeGJlWVBRXC9jNEpNK05SQmt5IiwibWFjIjoiYjkzMjY5NzQ2NzkwZTJjOTg0ZDYwYWU4NDhlYmRjYzJjYjhjZDI4NDgyNWIxZWE4ZTI0MjM3NTRjNTAxYmQ0MSJ9; PublishedSiteSession=eyJpdiI6IjhzRlRTNDk1QWdaYkk1cjJpdDVwZ1E9PSIsInZhbHVlIjoiVlk4cFZUTE9Sa05IXC96U1VEMWs5ZUhjVlhhM0xoUkRRME5PN21qZjZcL3B3TUhUVmVGUVFZQ3FPOWxaQjM0WG5CNWZOQ2NGUGZyR3g2bWFDU2JpMHQwVndcLzVveXRSa3BiYVV4XC9oXC9ZdEVkcXBQNXZOdHc4VURQajJ6ZVBrUzNRYSIsIm1hYyI6IjQwYzUxMDQ3MGJiMjcwNGExMjFhMzljZDFmYzE2MjliNTdhNzMyZGIzNzZmMDVmMGFiODU3Yjc5ZDBlNjdjYjMifQ%3D%3D; _snow_ses.df7f=*; _snow_id.df7f=8f793126-1c6a-4a15-a3d3-54e0afc0d4ac.1669654333.1.1669654335.1669654333.9bdcd527-94ca-476c-8662-6802390e0274; _dd_s=rum=1&id=653d5b7b-b305-4d55-a135-8799995667e6&created=1669654333827&expire=1669655233827; websitespring-xsrf=eyJpdiI6IkFidGRKTFN6cDFycU52RW5aUmNpS0E9PSIsInZhbHVlIjoibVl4N1pMVTV1dzBQaEo0cWRcL2JDN1h4WTBkbHZUMzZOQndNU0lYOFhXcHRCZ0dpT09JeU1YeExQWTRhK1l4YTdlcVdVSUNUdG85M2xzdkJcL081NHZUb09uQ0Vkdkd1QThxeTFqcVkzM1o3ZVBxb21mSWg2SUpWdHJVRHVhbTYzbCIsIm1hYyI6ImFlOTYxYzhhNjMxZDAwZTQ4YWY0MTcwYjI5NWRjMmY4N2U2YzE4OWFkNzU4ZjY3NmRjZmY4ZTc0NGFjNGVhNzQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 16:52:16 GMT
Content-Type: image/webp
Content-Length: 17764
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "5KI7yiqu51qTfGkJcj3M7JSQkRY1HR6Y9wQmogC/dy0"
Fastly-Io-Info: ifsz=343964 idim=5631x1118 ifmt=png ofsz=17764 odim=400x79 ofmt=webp
Fastly-Stats: io=1
Fastly-Transform-Stats: tus=89443 cr=19.36
X-Amz-Request-Id: tx00000000000003c452b3c-0063849cfa-c695612-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: z9669
X-Storage-Object: 96691d6db5728ff8b2b4e5be74017858a019ee39b421c9dc8135d614c2e62a5d
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 3471
X-Served-By: cache-sjc10080-SJC, cache-pao17434-PAO
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
X-Timer: S1669654336.462575,VS0,VE1
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn14.sf2p.intern.weebly.net
rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-aba6918&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=5085980d-0e8b-485e-8452-4b142e10c20e&batch_time=1669654336109
3.233.159.138202 Accepted 53 B URL HTTP/2 rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-aba6918&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=5085980d-0e8b-485e-8452-4b142e10c20e&batch_time=1669654336109
IP 3.233.159.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f92252a4e16b9a46ab5e4fdb101e0dfe
f9e4af20401c40ed0871da8496045bb130bfba21
a3698387c717330efb549daaf0a747c8dd7bc54796e4a90c573b373fcf611d51
POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-aba6918&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=5085980d-0e8b-485e-8452-4b142e10c20e&batch_time=1669654336109 HTTP/1.1
Host: rum.browser-intake-datadoghq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15958
Origin: https://currently-merge.square.site
Connection: keep-alive
Referer: https://currently-merge.square.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Mon, 28 Nov 2022 16:52:16 GMT
content-type: application/json
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2
currently-merge.square.site/uploads/b/6ce16b7bfbe85c22f5e61c998c901b8cc06f38a4e5098a5b8409f196f8ff2b4c/2022-11-25_18-06-21_1669378660.png?width=1600&height=430&fit=cover&dpr=1
199.34.228.40200 OK 268 kB URL HTTP/1.1 currently-merge.square.site/uploads/b/6ce16b7bfbe85c22f5e61c998c901b8cc06f38a4e5098a5b8409f196f8ff2b4c/2022-11-25_18-06-21_1669378660.png?width=1600&height=430&fit=cover&dpr=1
IP 199.34.228.40:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 268 kB (267938 bytes)
Hash f4b2f992244046134db73afdc1c1352c
80b5bc041bdbd15fbadcd5b7b47307226854f2be
6126ea74af00645418d53438d070589bbe6ca757f951279842132fc56c9aa512
GET /uploads/b/6ce16b7bfbe85c22f5e61c998c901b8cc06f38a4e5098a5b8409f196f8ff2b4c/2022-11-25_18-06-21_1669378660.png?width=1600&height=430&fit=cover&dpr=1 HTTP/1.1
Host: currently-merge.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3.editmysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6InJ3MzcweTN1TFdjZVNhNFhtbTRwc0E9PSIsInZhbHVlIjoiRGJxTGM4Y0REaUpiY2NiR2FhVmkwbDNadTRZWGhieVZuUU9ub1FcLzJNSFhmTTNjWk43elRYNGNsSHM1VGhjV1wvcUVUQkVreFFWSHdyQWViREhYc0ErZkI0T25Nc0xjeG94NE5SdW1KUWxXNXFcL1FnMHNweThQblBwUUpaUUo1XC9YIiwibWFjIjoiZDkxMDEyNWQ5NmI3YmYwZTIwZTlkN2MyNjljNDM2OTMyMWMzODFjNDIxODkyZGM0Yzg0ZTBjZDdhMmIwYmNlOSJ9; XSRF-TOKEN=eyJpdiI6IlVrakx3S2orVFlaZUdWd1o5RHpvZHc9PSIsInZhbHVlIjoiRjhVc2VWQ2pqSmRDN2ZQNDZNT0pMbGp6NlBoSVhpaDBzaDJRTnVZT0VzSFlzV0N6MnZ1M3U3VTF4Q2liamczTGFCOFl6cnRQdlJ3RHJDTm05a1JPK3c2SkdmR2QwMXZBT3lBMDhkWEhJUkdYUVVzeGJlWVBRXC9jNEpNK05SQmt5IiwibWFjIjoiYjkzMjY5NzQ2NzkwZTJjOTg0ZDYwYWU4NDhlYmRjYzJjYjhjZDI4NDgyNWIxZWE4ZTI0MjM3NTRjNTAxYmQ0MSJ9; PublishedSiteSession=eyJpdiI6IjhzRlRTNDk1QWdaYkk1cjJpdDVwZ1E9PSIsInZhbHVlIjoiVlk4cFZUTE9Sa05IXC96U1VEMWs5ZUhjVlhhM0xoUkRRME5PN21qZjZcL3B3TUhUVmVGUVFZQ3FPOWxaQjM0WG5CNWZOQ2NGUGZyR3g2bWFDU2JpMHQwVndcLzVveXRSa3BiYVV4XC9oXC9ZdEVkcXBQNXZOdHc4VURQajJ6ZVBrUzNRYSIsIm1hYyI6IjQwYzUxMDQ3MGJiMjcwNGExMjFhMzljZDFmYzE2MjliNTdhNzMyZGIzNzZmMDVmMGFiODU3Yjc5ZDBlNjdjYjMifQ%3D%3D; _snow_ses.df7f=*; _snow_id.df7f=8f793126-1c6a-4a15-a3d3-54e0afc0d4ac.1669654333.1.1669654335.1669654333.9bdcd527-94ca-476c-8662-6802390e0274; _dd_s=rum=1&id=653d5b7b-b305-4d55-a135-8799995667e6&created=1669654333827&expire=1669655233827; websitespring-xsrf=eyJpdiI6IkFidGRKTFN6cDFycU52RW5aUmNpS0E9PSIsInZhbHVlIjoibVl4N1pMVTV1dzBQaEo0cWRcL2JDN1h4WTBkbHZUMzZOQndNU0lYOFhXcHRCZ0dpT09JeU1YeExQWTRhK1l4YTdlcVdVSUNUdG85M2xzdkJcL081NHZUb09uQ0Vkdkd1QThxeTFqcVkzM1o3ZVBxb21mSWg2SUpWdHJVRHVhbTYzbCIsIm1hYyI6ImFlOTYxYzhhNjMxZDAwZTQ4YWY0MTcwYjI5NWRjMmY4N2U2YzE4OWFkNzU4ZjY3NmRjZmY4ZTc0NGFjNGVhNzQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 16:52:16 GMT
Content-Type: image/webp
Content-Length: 267938
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "yaJqFXBR6cwapKHSugnF9I68WBiXD0wMOIt8U3i9k+8"
Fastly-Io-Info: ifsz=450794 idim=822x414 ifmt=png ofsz=267938 odim=822x414 ofmt=webp
Fastly-Stats: io=1
Fastly-Transform-Stats: tus=253693 cr=1.68
X-Amz-Request-Id: tx00000000000003901eb1c-0063810fe9-c6aed46-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: zbeb1
X-Storage-Object: beb134b0c3110915f5a954580499a6285009bedf4a2b5aacc273ba32bfc2e843
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 3472
X-Served-By: cache-sjc10030-SJC, cache-pao17450-PAO
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
X-Timer: S1669654337.661165,VS0,VE1
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu47.sf2p.intern.weebly.net
currently-merge.square.site/uploads/b/6ce16b7bfbe85c22f5e61c998c901b8cc06f38a4e5098a5b8409f196f8ff2b4c/2022-11-25_18-11-19_1669378956.png?width=1600&height=430&fit=cover&dpr=1
199.34.228.40200 OK 267 kB URL HTTP/1.1 currently-merge.square.site/uploads/b/6ce16b7bfbe85c22f5e61c998c901b8cc06f38a4e5098a5b8409f196f8ff2b4c/2022-11-25_18-11-19_1669378956.png?width=1600&height=430&fit=cover&dpr=1
IP 199.34.228.40:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 267 kB (267310 bytes)
Hash ec966f8d0d93e85784a957f41d97a7d1
8724dd70de64c8e87a9dd65647848602cd1b2e5a
9fd64edd8a2df16b978f8a6ac749153cc8ac251d13d074e86aa6c1bd26a3b5d2
GET /uploads/b/6ce16b7bfbe85c22f5e61c998c901b8cc06f38a4e5098a5b8409f196f8ff2b4c/2022-11-25_18-11-19_1669378956.png?width=1600&height=430&fit=cover&dpr=1 HTTP/1.1
Host: currently-merge.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3.editmysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6InJ3MzcweTN1TFdjZVNhNFhtbTRwc0E9PSIsInZhbHVlIjoiRGJxTGM4Y0REaUpiY2NiR2FhVmkwbDNadTRZWGhieVZuUU9ub1FcLzJNSFhmTTNjWk43elRYNGNsSHM1VGhjV1wvcUVUQkVreFFWSHdyQWViREhYc0ErZkI0T25Nc0xjeG94NE5SdW1KUWxXNXFcL1FnMHNweThQblBwUUpaUUo1XC9YIiwibWFjIjoiZDkxMDEyNWQ5NmI3YmYwZTIwZTlkN2MyNjljNDM2OTMyMWMzODFjNDIxODkyZGM0Yzg0ZTBjZDdhMmIwYmNlOSJ9; XSRF-TOKEN=eyJpdiI6IlVrakx3S2orVFlaZUdWd1o5RHpvZHc9PSIsInZhbHVlIjoiRjhVc2VWQ2pqSmRDN2ZQNDZNT0pMbGp6NlBoSVhpaDBzaDJRTnVZT0VzSFlzV0N6MnZ1M3U3VTF4Q2liamczTGFCOFl6cnRQdlJ3RHJDTm05a1JPK3c2SkdmR2QwMXZBT3lBMDhkWEhJUkdYUVVzeGJlWVBRXC9jNEpNK05SQmt5IiwibWFjIjoiYjkzMjY5NzQ2NzkwZTJjOTg0ZDYwYWU4NDhlYmRjYzJjYjhjZDI4NDgyNWIxZWE4ZTI0MjM3NTRjNTAxYmQ0MSJ9; PublishedSiteSession=eyJpdiI6IjhzRlRTNDk1QWdaYkk1cjJpdDVwZ1E9PSIsInZhbHVlIjoiVlk4cFZUTE9Sa05IXC96U1VEMWs5ZUhjVlhhM0xoUkRRME5PN21qZjZcL3B3TUhUVmVGUVFZQ3FPOWxaQjM0WG5CNWZOQ2NGUGZyR3g2bWFDU2JpMHQwVndcLzVveXRSa3BiYVV4XC9oXC9ZdEVkcXBQNXZOdHc4VURQajJ6ZVBrUzNRYSIsIm1hYyI6IjQwYzUxMDQ3MGJiMjcwNGExMjFhMzljZDFmYzE2MjliNTdhNzMyZGIzNzZmMDVmMGFiODU3Yjc5ZDBlNjdjYjMifQ%3D%3D; _snow_ses.df7f=*; _snow_id.df7f=8f793126-1c6a-4a15-a3d3-54e0afc0d4ac.1669654333.1.1669654335.1669654333.9bdcd527-94ca-476c-8662-6802390e0274; _dd_s=rum=1&id=653d5b7b-b305-4d55-a135-8799995667e6&created=1669654333827&expire=1669655233827; websitespring-xsrf=eyJpdiI6IkFidGRKTFN6cDFycU52RW5aUmNpS0E9PSIsInZhbHVlIjoibVl4N1pMVTV1dzBQaEo0cWRcL2JDN1h4WTBkbHZUMzZOQndNU0lYOFhXcHRCZ0dpT09JeU1YeExQWTRhK1l4YTdlcVdVSUNUdG85M2xzdkJcL081NHZUb09uQ0Vkdkd1QThxeTFqcVkzM1o3ZVBxb21mSWg2SUpWdHJVRHVhbTYzbCIsIm1hYyI6ImFlOTYxYzhhNjMxZDAwZTQ4YWY0MTcwYjI5NWRjMmY4N2U2YzE4OWFkNzU4ZjY3NmRjZmY4ZTc0NGFjNGVhNzQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 16:52:16 GMT
Content-Type: image/webp
Content-Length: 267310
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "+9Lg+ipkSzlIvppVKo3KrLy6H3EoPG6IJGrbjbywUxo"
Fastly-Io-Info: ifsz=473949 idim=813x384 ifmt=png ofsz=267310 odim=813x384 ofmt=webp
Fastly-Stats: io=1
Fastly-Transform-Stats: tus=228453 cr=1.77
X-Amz-Request-Id: tx00000000000003a9ce372-00638233ce-c669cc6-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: z407d
X-Storage-Object: 407dbd36cd6be2ce26451f4221cf120f3aad341e18ecdc390b5ef3f7169e233b
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 3473
X-Served-By: cache-sjc10050-SJC, cache-pao17420-PAO
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
X-Timer: S1669654337.540095,VS0,VE3
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn14.sf2p.intern.weebly.net
currently-merge.square.site/app/website/square.ico
199.34.228.40200 OK 6.5 kB URL HTTP/1.1 currently-merge.square.site/app/website/square.ico
IP 199.34.228.40:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash d810985ef4dc1c0bd5811e36d13c8ca3
2b45bb77c68c937af6a2d9854dc82301526473aa
770e0889aefd823056c7cdbb066a445be0f0754c1b4d4cba877e120fdbcb63e6
Analyzer Verdict Alert openphish AT&T Inc.
fortinet Phishing
GET /app/website/square.ico HTTP/1.1
Host: currently-merge.square.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://currently-merge.square.site/
Cookie: publishedsite-xsrf=eyJpdiI6InJ3MzcweTN1TFdjZVNhNFhtbTRwc0E9PSIsInZhbHVlIjoiRGJxTGM4Y0REaUpiY2NiR2FhVmkwbDNadTRZWGhieVZuUU9ub1FcLzJNSFhmTTNjWk43elRYNGNsSHM1VGhjV1wvcUVUQkVreFFWSHdyQWViREhYc0ErZkI0T25Nc0xjeG94NE5SdW1KUWxXNXFcL1FnMHNweThQblBwUUpaUUo1XC9YIiwibWFjIjoiZDkxMDEyNWQ5NmI3YmYwZTIwZTlkN2MyNjljNDM2OTMyMWMzODFjNDIxODkyZGM0Yzg0ZTBjZDdhMmIwYmNlOSJ9; XSRF-TOKEN=eyJpdiI6IlVrakx3S2orVFlaZUdWd1o5RHpvZHc9PSIsInZhbHVlIjoiRjhVc2VWQ2pqSmRDN2ZQNDZNT0pMbGp6NlBoSVhpaDBzaDJRTnVZT0VzSFlzV0N6MnZ1M3U3VTF4Q2liamczTGFCOFl6cnRQdlJ3RHJDTm05a1JPK3c2SkdmR2QwMXZBT3lBMDhkWEhJUkdYUVVzeGJlWVBRXC9jNEpNK05SQmt5IiwibWFjIjoiYjkzMjY5NzQ2NzkwZTJjOTg0ZDYwYWU4NDhlYmRjYzJjYjhjZDI4NDgyNWIxZWE4ZTI0MjM3NTRjNTAxYmQ0MSJ9; PublishedSiteSession=eyJpdiI6IjhzRlRTNDk1QWdaYkk1cjJpdDVwZ1E9PSIsInZhbHVlIjoiVlk4cFZUTE9Sa05IXC96U1VEMWs5ZUhjVlhhM0xoUkRRME5PN21qZjZcL3B3TUhUVmVGUVFZQ3FPOWxaQjM0WG5CNWZOQ2NGUGZyR3g2bWFDU2JpMHQwVndcLzVveXRSa3BiYVV4XC9oXC9ZdEVkcXBQNXZOdHc4VURQajJ6ZVBrUzNRYSIsIm1hYyI6IjQwYzUxMDQ3MGJiMjcwNGExMjFhMzljZDFmYzE2MjliNTdhNzMyZGIzNzZmMDVmMGFiODU3Yjc5ZDBlNjdjYjMifQ%3D%3D; _snow_ses.df7f=*; _snow_id.df7f=8f793126-1c6a-4a15-a3d3-54e0afc0d4ac.1669654333.1.1669654335.1669654333.9bdcd527-94ca-476c-8662-6802390e0274; _dd_s=rum=1&id=653d5b7b-b305-4d55-a135-8799995667e6&created=1669654333827&expire=1669655233827; websitespring-xsrf=eyJpdiI6IkFidGRKTFN6cDFycU52RW5aUmNpS0E9PSIsInZhbHVlIjoibVl4N1pMVTV1dzBQaEo0cWRcL2JDN1h4WTBkbHZUMzZOQndNU0lYOFhXcHRCZ0dpT09JeU1YeExQWTRhK1l4YTdlcVdVSUNUdG85M2xzdkJcL081NHZUb09uQ0Vkdkd1QThxeTFqcVkzM1o3ZVBxb21mSWg2SUpWdHJVRHVhbTYzbCIsIm1hYyI6ImFlOTYxYzhhNjMxZDAwZTQ4YWY0MTcwYjI5NWRjMmY4N2U2YzE4OWFkNzU4ZjY3NmRjZmY4ZTc0NGFjNGVhNzQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 16:52:17 GMT
Content-Type: image/x-icon
Content-Length: 6518
Connection: keep-alive
Last-Modified: Tue, 02 Apr 2019 14:51:59 GMT
x-rgw-object-type: Normal
ETag: "d810985ef4dc1c0bd5811e36d13c8ca3"
x-amz-request-id: tx000000000000001a88764-00628473fc-b9fbc20-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn72.sf2p.intern.weebly.net
X-Revision: aba69181966a1a9229b2f5527bc29ef4864d9bed
X-Request-ID: 68b05ff2366f193aeb0539c3b39fb97d
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0bd385532089b45a14e461abbecc1af
3da359b1ba09138a425094715b9f3a2f8d0257fe
803001528f2aefc1ea90e585d48de435975862861a1cbe8d898e5cd7ebd297dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8771
x-amzn-requestid: 995d3904-9be1-4b40-9813-ff47e60639ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MEAPoAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-3fdb7958064e0c4b1aed2136;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vrBB4JkuL3nbZnDWitQ4dvTruO9M6hSt8mw9NuJliCmcNOw8xvfWhw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:20:34 GMT
age: 66707
etag: "3da359b1ba09138a425094715b9f3a2f8d0257fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
7uslfuwg63.gocdnani.com/user1342/6a728abcd359372d93a74380610b3a96/EP.1.v0.720p.mp4?token=SRavECmJY2KqLSa_7x-t2w&expires=1669663840&id=176179
94.130.141.85200 OK 0 B URL HTTP/1.1 7uslfuwg63.gocdnani.com/user1342/6a728abcd359372d93a74380610b3a96/EP.1.v0.720p.mp4?token=SRavECmJY2KqLSa_7x-t2w&expires=1669663840&id=176179
IP 94.130.141.85:0
ASN #24940 Hetzner Online GmbH
GET /user1342/6a728abcd359372d93a74380610b3a96/EP.1.v0.720p.mp4?token=SRavECmJY2KqLSa_7x-t2w&expires=1669663840&id=176179 HTTP/1.1
Host: 7uslfuwg63.gocdnani.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 16:52:13 GMT
Content-Type: video/mp4
Content-Length: 108905847
Last-Modified: Sun, 12 Dec 2021 15:08:59 GMT
Connection: keep-alive
ETag: "61b6108b-67dc577"
Content-Disposition: attachment; filename=
Accept-Ranges: bytes