Overview

URLbt-106724.weeblysite.com/
IP 199.34.228.97 (United States)
ASN#27647 WEEBLY
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-01 14:06:55 UTC
StatusLoading report..
IDS alerts0
Blocklist alert16
urlquery alerts No alerts detected
Tags None

Domain Summary (16)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
www.weebly.com (1) 21455 2012-05-21 12:40:56 UTC 2022-09-11 16:05:08 UTC 74.115.50.109
r3.o.lencr.org (5) 344 No data No data 23.36.76.226
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-01 04:11:13 UTC 34.117.237.239
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.165
rum.browser-intake-datadoghq.com (2) 11420 No data No data 3.233.155.115
bt-106724.weeblysite.com (8) 0 No data No data 199.34.228.97 Domain (weeblysite.com) ranked at: 133646
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.149.156.115
ocsp.globalsign.com (1) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.20.226
cdn2.editmysite.com (1) 11564 2012-11-02 14:27:29 UTC 2020-04-29 06:59:26 UTC 151.101.129.46
ec.editmysite.com (4) 12806 2018-09-03 10:26:45 UTC 2020-04-22 02:18:25 UTC 34.214.185.169
sentry.io (1) 2743 2016-08-31 05:38:44 UTC 2022-12-01 05:00:34 UTC 35.188.42.15
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-01 04:09:38 UTC 34.102.187.140
cdn3.editmysite.com (7) 32188 No data No data 151.101.129.46
ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-12-01 2 bt-106724.weeblysite.com/ BT Group plc
2022-12-01 2 bt-106724.weeblysite.com/ BT Group plc
2022-12-01 2 bt-106724.weeblysite.com/ BT Group plc
2022-12-01 2 bt-106724.weeblysite.com/ BT Group plc
2022-12-01 2 bt-106724.weeblysite.com/ BT Group plc
2022-12-01 2 bt-106724.weeblysite.com/ BT Group plc
2022-12-01 2 bt-106724.weeblysite.com/ BT Group plc
2022-12-01 2 bt-106724.weeblysite.com/ BT Group plc

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-01 2 bt-106724.weeblysite.com/ Phishing
2022-12-01 2 bt-106724.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::get (...) Phishing
2022-12-01 2 bt-106724.weeblysite.com/app/website/cms/api/v1/users/144042683/customers/c (...) Phishing
2022-12-01 2 bt-106724.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegment (...) Phishing
2022-12-01 2 bt-106724.weeblysite.com/uploads/b/11360a30-7115-11ed-9273-ed60a07bc09a/ico (...) Phishing
2022-12-01 2 bt-106724.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::has (...) Phishing
2022-12-01 2 bt-106724.weeblysite.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::get (...) Phishing
2022-12-01 2 bt-106724.weeblysite.com/uploads/b/c70301eedb2c0a8273d92f032041b1d2d5f658da (...) Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.34.228.97
Date UQ / IDS / BL URL IP
2023-02-01 20:53:27 +0000 0 - 0 - 2 att-104915.weeblysite.com/ 199.34.228.97
2023-02-01 14:08:36 +0000 0 - 0 - 15 att-mail-sign-in-104301.weeblysite.com/ 199.34.228.97
2023-02-01 13:30:32 +0000 0 - 0 - 8 att-65431234.weeblysite.com/ 199.34.228.97
2023-02-01 13:00:02 +0000 0 - 0 - 8 attyahoomailgkgkgfrgkg.weeblysite.com/ 199.34.228.97
2023-02-01 11:53:31 +0000 0 - 0 - 3 att-106204.weeblysite.com/ 199.34.228.97


Last 5 reports on ASN: WEEBLY
Date UQ / IDS / BL URL IP
2023-02-02 01:15:55 +0000 0 - 0 - 5 att-101686.square.site/ 199.34.228.39
2023-02-02 00:52:15 +0000 0 - 0 - 20 bt-1008831235.weeblysite.com/ 199.34.228.96
2023-02-01 23:45:33 +0000 0 - 0 - 2 yahoo-105350.weeblysite.com/ 199.34.228.96
2023-02-01 23:39:01 +0000 0 - 0 - 11 microsoftloginme.weebly.com/ 199.34.228.54
2023-02-01 23:29:57 +0000 0 - 0 - 27 yahoo-108250.weeblysite.com/ 199.34.228.96


Last 5 reports on domain: weeblysite.com
Date UQ / IDS / BL URL IP
2023-02-02 00:52:15 +0000 0 - 0 - 20 bt-1008831235.weeblysite.com/ 199.34.228.96
2023-02-01 23:45:33 +0000 0 - 0 - 2 yahoo-105350.weeblysite.com/ 199.34.228.96
2023-02-01 23:29:57 +0000 0 - 0 - 27 yahoo-108250.weeblysite.com/ 199.34.228.96
2023-02-01 22:44:14 +0000 0 - 0 - 2 login-att-990.weeblysite.com/ 199.34.228.96
2023-02-01 20:53:27 +0000 0 - 0 - 2 att-104915.weeblysite.com/ 199.34.228.97


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-19 07:01:44 +0000 0 - 0 - 11 attrtdxtrdtdtrdtr34567wsdfgvh4567sdfgh.square (...) 199.34.228.39
2022-12-18 17:12:05 +0000 0 - 0 - 11 attrtdxtrdtdtrdtr34567wsdfgvh4567sdfgh.square (...) 199.34.228.39
2022-12-18 14:23:41 +0000 0 - 0 - 11 attrtdxtrdtdtrdtr34567wsdfgvh4567sdfgh.square (...) 199.34.228.39
2022-11-15 15:21:49 +0000 0 - 0 - 22 l10ogindmcreejehd60.square.site/ 199.34.228.39
2022-11-10 15:13:41 +0000 0 - 0 - 20 loginadsuscreen38ad60.square.site/ 199.34.228.40

JavaScript

Executed Scripts (33)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (48)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7349
Expires: Thu, 01 Dec 2022 16:09:12 GMT
Date: Thu, 01 Dec 2022 14:06:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17086
Expires: Thu, 01 Dec 2022 18:51:30 GMT
Date: Thu, 01 Dec 2022 14:06:44 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2690
Cache-Control: max-age=162558
Date: Thu, 01 Dec 2022 14:06:44 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:16:02 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: K4yiIM6IxjTv1S4+OSX7/J8HdTssPPX6Wp5MX2RJQFJn+PxSRj5WlBtqP1BawSlSiEg5tpf18ms=
x-amz-request-id: G53KMX00HNMHGN79
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 13:45:41 GMT
age: 1263
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 13:19:46 GMT
cache-control: public,max-age=3600
age: 2818
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3987
Cache-Control: max-age=141893
Date: Thu, 01 Dec 2022 14:06:44 GMT
Etag: "63882ca6-1d7"
Expires: Sat, 03 Dec 2022 05:31:37 GMT
Last-Modified: Thu, 01 Dec 2022 04:25:10 GMT
Server: ECS (amb/6B72)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 01 Dec 2022 14:06:44 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 13:08:56 GMT
cache-control: public,max-age=3600
age: 3468
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2686
Cache-Control: max-age=157491
Date: Thu, 01 Dec 2022 14:06:44 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:51:35 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: bt-106724.weeblysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         199.34.228.97
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Thu, 01 Dec 2022 14:06:44 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6InUrZ0tIRHJqK0xmSzFEalZkTmIrQVE9PSIsInZhbHVlIjoiVlFnRmJYdnpwMXJiVWszVFh1U3hlVDZSMlYxdWpRdCtnY3hUQ3Z0d0lPVzJySStsR29mcDRvRXpEcjBQR1Bya1FDUGp6NEsxeFRteWtPTzVKQjNDaTZDWVpYWUpMVERjMUg5VjgrdmV2V1czM0RsVDB5RTRZVEZSNlRuYmU3eFAiLCJtYWMiOiI0MjY4ODgzODg2OGZjOTJhZjZiNTIwYmEyNmQ5NjQyMmI5ODM4YjhiMDEzNGJjOTllZDE4ZWJkMzZiNzYyZTFmIn0%3D; expires=Thu, 15-Dec-2022 14:06:44 GMT; Max-Age=1209600; path=/ XSRF-TOKEN=eyJpdiI6ImZWV1B2XC90XC9acjQxSE5XY2RONnhqQT09IiwidmFsdWUiOiJaNU9uOHVoaSthSElWRnlRVmdZVGtGNE5jZk5wRCtCUmpSa2UyVnNUelk5XC96WDFpTVZJaEIxd01kXC9PaGNZQVRzUlM4Z09SNkhSMlJxZDlrZnJsaEpxc1NhSzNpczRwN2EwUG9Qdzl4XC9pajE2SEJlOWpWY3RxRHJnOE9XajVBWiIsIm1hYyI6ImJhOTdjYjYxNzY5N2E5NmYxNDg3YTBkZGZhMzc3ZGU5YTU2Njg2ZjAxOTJjYjkwYmZhNmIwYjYwYmVlM2M1ZDUifQ%3D%3D; expires=Thu, 15-Dec-2022 14:06:44 GMT; Max-Age=1209600; path=/ PublishedSiteSession=eyJpdiI6Iks2SG81ZTBsTHp5OFVmdm5zYlJ6bVE9PSIsInZhbHVlIjoidzVEQjU5RzdPd2hER2czQ3BOdVwvYjZ3ZGxNUFcwaDVjVVkwV0FBWGg0UGYrdmpJcHpZRTNiRVwvMld2M1hlSWJycHBqblFXWWtCNjE0MzErcThHZ29CMGwzNVIxUGNidWFBVFJIZVd6TUl3OWZ0VWZ2NDV5N2JuMVplM0NZM0F2RCIsIm1hYyI6ImJiZTJjNGZmYzk5NzY4N2ZmZjhkODYzZDU2ODY5YmE4ZGM1NDY5ODg0OWY2NzY2OGVlOGFhYzJhMGYxNDQyMjEifQ%3D%3D; expires=Thu, 15-Dec-2022 14:06:44 GMT; Max-Age=1209600; path=/; httponly
X-Host: grn136.sf2p.intern.weebly.net
X-Revision: 816ece5f6932666fedb5f058fa3c5c7398fbad59
X-Request-ID: e86f1a4dd543daac53359e70ec75a5ae
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (18246)
Size:   8533
Md5:    a95313a38de1c43e4192fa8915967782
Sha1:   ce3339e6d82d73a63fb882f5d53f864611b23678
Sha256: a4cadf8ee2e2bf673b312ec406c4d65f61d027d1a6051ac0cd1a0bbac2a49005

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - fortinet: Phishing
                                        
                                            GET /app/checkout/assets/checkout/css/wcko.e109c60fad1548bf0512.css HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bt-106724.weeblysite.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.129.46
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: nginx
last-modified: Wed, 30 Nov 2022 18:46:00 GMT
x-rgw-object-type: Normal
etag: W/"a01b81c528efe77869fe834f89101c4b"
x-amz-request-id: tx00000000000003d163238-006387a768-c67eadd-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:06:44 GMT
via: 1.1 varnish
age: 68957
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 3
x-timer: S1669903605.905025,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (64270), with no line terminators
Size:   23000
Md5:    3041f445073c4b70b39d57313e42b8ae
Sha1:   d6b9205c7f407c08a3ebafd03ad6ac3e244c62fe
Sha256: dd6007839ebfa91501671af44e481678a1f26daecd85ee44ecfd4f54093f67e3
                                        
                                            GET /js/wsnbn/snowday262.js HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bt-106724.weeblysite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.129.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Wed, 23 Nov 2022 18:03:15 GMT
etag: "637e6063-124fe"
expires: Thu, 08 Dec 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: grn145.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:06:44 GMT
age: 624483
x-served-by: cache-sjc10061-SJC, cache-bma1667-BMA
x-cache: HIT, HIT
x-cache-hits: 36, 7081
x-timer: S1669903605.911159,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25752
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2512)
Size:   25752
Md5:    234327230add9a5a5d61a48829ea4565
Sha1:   7966cc0e4bd76f88ff193c8a99a067de804b7129
Sha256: bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
                                        
                                            GET /app/website/css/site.273c42e34939130f9c67.css HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bt-106724.weeblysite.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.129.46
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: nginx
last-modified: Tue, 29 Nov 2022 21:38:48 GMT
x-rgw-object-type: Normal
etag: W/"9d081df7a69ba3304484f0f0d8c91ec2"
x-amz-request-id: tx00000000000003c430e19-0063867c4b-c6aed46-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 4d369cb9c41c252f23e2aa636267be82d5b77eb6
x-request-id: 740a7cabb050e44bf81efc63d8fa073e
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:06:44 GMT
via: 1.1 varnish
age: 145546
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669903605.904922,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24060
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (64948), with no line terminators
Size:   24060
Md5:    9b86225740c299dd9638c6317ff93246
Sha1:   a1a9564ee389abebe6852a3f70fc34d3452d8be9
Sha256: cf708c6a8e95c77aa3e5c0f7f5383dbd60fd827366365577434b2f64d2eda2ab
                                        
                                            GET /app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bt-106724.weeblysite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.129.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Tue, 29 Mar 2022 18:09:33 GMT
x-rgw-object-type: Normal
etag: W/"40372ca3b0cfa19f4e5d664243108364"
x-amz-request-id: tx00000000000005ce1aaac-0062434bb9-a9f1ce7-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:06:44 GMT
via: 1.1 varnish
age: 1428344
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669903605.906384,VS0,VE2
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4998
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11882), with no line terminators
Size:   4998
Md5:    20a4e66f534b80396d40bbc4291b2172
Sha1:   d7c962996f2715d94483be2bf9b644c7185d7ec7
Sha256: 0f19e8ad1c9bd5ae2ae5141f31b4e491bb460558da0ac51cd402964e716880ac
                                        
                                            GET /app/website/js/runtime.f0a9dbde4c118f994851.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bt-106724.weeblysite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.129.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Wed, 30 Nov 2022 22:08:09 GMT
x-rgw-object-type: Normal
etag: W/"24b4f4475dd5798f3fba003ac2a80327"
x-amz-request-id: tx00000000000003d0deaf5-006387d52a-c6aed46-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/runtime.f0a9dbde4c118f994851.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 816ece5f6932666fedb5f058fa3c5c7398fbad59
x-request-id: 3dae7342c54b5d8ee1fddb18a3e34352
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:06:44 GMT
via: 1.1 varnish
age: 57072
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 3
x-timer: S1669903605.908723,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24982
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (51152)
Size:   24982
Md5:    60017a3c245cabedfa052a0c75f3c098
Sha1:   c8ce6535b605218f8c4f6554832de957a54f8194
Sha256: e3057d0f7d970e516152ed1186ed7b2d29bb807bc21299454951a78867db5e57
                                        
                                            GET /app/website/js/languages/en.4adbd9207512e3f658f1.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bt-106724.weeblysite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.129.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Wed, 30 Nov 2022 00:27:54 GMT
x-rgw-object-type: Normal
etag: W/"1ae2d3558226b425a2ceb38130ffb652"
x-amz-request-id: tx00000000000003c87b576-006386a3f1-c67eadd-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/languages/en.4adbd9207512e3f658f1.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: c44581c509cfdc3a59d66173b99fdedf4b73a44c
x-request-id: c2d6aa29110d021398c61b2cab82daf4
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:06:44 GMT
via: 1.1 varnish
age: 135308
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669903605.909414,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 152604
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   152604
Md5:    77a940d5a120c92d733a896c124f1e79
Sha1:   2557f75f95b299efd572e08de1dcc3e21541791d
Sha256: 5c7d2f62be5d845cce30eca0f91b2e3d6cf217936d0017b484b8cbd5f17a33bc
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fXdeHnpwoOeJn//40eDsfg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.149.156.115
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wmoBEi+SJtYX3FRSRfCRvW18Bq0=

                                        
                                            GET /app/website/js/site.e4a639b4e6cbc5fa0b62.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bt-106724.weeblysite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.129.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Wed, 30 Nov 2022 00:27:54 GMT
x-rgw-object-type: Normal
etag: W/"92b7a95dd1db394fb0cfc49f415aec73"
x-amz-request-id: tx00000000000003c5d74e3-006386a3f6-c6aed46-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/site.e4a639b4e6cbc5fa0b62.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: c44581c509cfdc3a59d66173b99fdedf4b73a44c
x-request-id: 3f7e053b5acbb3a42139528cfbc8a669
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:06:44 GMT
via: 1.1 varnish
age: 135308
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669903605.912353,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 665920
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (50409)
Size:   665920
Md5:    23cd053bc319af19b42bf6fbb2759f3c
Sha1:   2f2cdcdc141a3201c7f692d6ee018832f6f4afbb
Sha256: 929fb0f308a3da317c6eaeab4170386b56cf627ce0946675742cf8e6d898c22f
                                        
                                            GET /app/website/js/vue-modules.9bc3531c7b14b533b653.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bt-106724.weeblysite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.129.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Mon, 24 Oct 2022 20:40:22 GMT
x-rgw-object-type: Normal
etag: W/"be42f69ec175a01b6e195526f58dae71"
x-amz-request-id: tx00000000000002109ab7c-006356f891-c695612-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/vue-modules.9bc3531c7b14b533b653.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 1d15aad34e0d20a973977ec67b3bf5090814a6cf
x-request-id: f2d07942d6e3e48efaf38632576a5abf
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:06:44 GMT
via: 1.1 varnish
age: 2460475
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669903605.906754,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 72192
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    806660ae117dd2ec424d4c5805ef143c
Sha1:   5c930f9613a4c014d49739c62be7888a2b7aadba
Sha256: 58ca27c7e7adb098ae5b61225d126678c24db75ec5766a63f5a4cca2f6529795
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 14:06:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "EE978EBA9108D163B111EB7645AA895408E33DDF"
Expires: Fri, 02 Dec 2022 01:00:00 GMT
Last-Modified: Thu, 01 Dec 2022 13:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2689
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772c629b3ba00af6-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    806660ae117dd2ec424d4c5805ef143c
Sha1:   5c930f9613a4c014d49739c62be7888a2b7aadba
Sha256: 58ca27c7e7adb098ae5b61225d126678c24db75ec5766a63f5a4cca2f6529795
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=99726
Date: Thu, 01 Dec 2022 14:06:45 GMT
Etag: "63879623-1d7"
Expires: Fri, 02 Dec 2022 17:48:51 GMT
Last-Modified: Wed, 30 Nov 2022 17:42:59 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: p70yr7w-AqkSa3MXvxP8p4l2glpfuD4SqjEWWIvRQUrt_0vqSEr67Q==
Age: 352

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100903
Date: Thu, 01 Dec 2022 14:06:45 GMT
Etag: "63879623-1d7"
Expires: Fri, 02 Dec 2022 18:08:28 GMT
Last-Modified: Wed, 30 Nov 2022 17:42:59 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XnzeS3NKikTLQfWjJIxTR5HCqcFllyUCMw3AzZpITFAaV40ypKDoXQ==
Age: 1529

                                        
                                            OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://bt-106724.weeblysite.com/
Origin: https://bt-106724.weeblysite.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.214.185.169
HTTP/2 200 OK
                                        
date: Thu, 01 Dec 2022 14:06:45 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://bt-106724.weeblysite.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2

                                        
                                            POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig] HTTP/1.1 
Host: bt-106724.weeblysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6ImZWV1B2XC90XC9acjQxSE5XY2RONnhqQT09IiwidmFsdWUiOiJaNU9uOHVoaSthSElWRnlRVmdZVGtGNE5jZk5wRCtCUmpSa2UyVnNUelk5XC96WDFpTVZJaEIxd01kXC9PaGNZQVRzUlM4Z09SNkhSMlJxZDlrZnJsaEpxc1NhSzNpczRwN2EwUG9Qdzl4XC9pajE2SEJlOWpWY3RxRHJnOE9XajVBWiIsIm1hYyI6ImJhOTdjYjYxNzY5N2E5NmYxNDg3YTBkZGZhMzc3ZGU5YTU2Njg2ZjAxOTJjYjkwYmZhNmIwYjYwYmVlM2M1ZDUifQ==
Content-Length: 78
Origin: https://bt-106724.weeblysite.com
Connection: keep-alive
Referer: https://bt-106724.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6InUrZ0tIRHJqK0xmSzFEalZkTmIrQVE9PSIsInZhbHVlIjoiVlFnRmJYdnpwMXJiVWszVFh1U3hlVDZSMlYxdWpRdCtnY3hUQ3Z0d0lPVzJySStsR29mcDRvRXpEcjBQR1Bya1FDUGp6NEsxeFRteWtPTzVKQjNDaTZDWVpYWUpMVERjMUg5VjgrdmV2V1czM0RsVDB5RTRZVEZSNlRuYmU3eFAiLCJtYWMiOiI0MjY4ODgzODg2OGZjOTJhZjZiNTIwYmEyNmQ5NjQyMmI5ODM4YjhiMDEzNGJjOTllZDE4ZWJkMzZiNzYyZTFmIn0%3D; XSRF-TOKEN=eyJpdiI6ImZWV1B2XC90XC9acjQxSE5XY2RONnhqQT09IiwidmFsdWUiOiJaNU9uOHVoaSthSElWRnlRVmdZVGtGNE5jZk5wRCtCUmpSa2UyVnNUelk5XC96WDFpTVZJaEIxd01kXC9PaGNZQVRzUlM4Z09SNkhSMlJxZDlrZnJsaEpxc1NhSzNpczRwN2EwUG9Qdzl4XC9pajE2SEJlOWpWY3RxRHJnOE9XajVBWiIsIm1hYyI6ImJhOTdjYjYxNzY5N2E5NmYxNDg3YTBkZGZhMzc3ZGU5YTU2Njg2ZjAxOTJjYjkwYmZhNmIwYjYwYmVlM2M1ZDUifQ%3D%3D; PublishedSiteSession=eyJpdiI6Iks2SG81ZTBsTHp5OFVmdm5zYlJ6bVE9PSIsInZhbHVlIjoidzVEQjU5RzdPd2hER2czQ3BOdVwvYjZ3ZGxNUFcwaDVjVVkwV0FBWGg0UGYrdmpJcHpZRTNiRVwvMld2M1hlSWJycHBqblFXWWtCNjE0MzErcThHZ29CMGwzNVIxUGNidWFBVFJIZVd6TUl3OWZ0VWZ2NDV5N2JuMVplM0NZM0F2RCIsIm1hYyI6ImJiZTJjNGZmYzk5NzY4N2ZmZjhkODYzZDU2ODY5YmE4ZGM1NDY5ODg0OWY2NzY2OGVlOGFhYzJhMGYxNDQyMjEifQ%3D%3D; _snow_ses.a289=*; _snow_id.a289=6576b4e7-930a-4694-a6dd-662dba889566.1669903604.1.1669903604.1669903604.353a3232-5783-4af5-9eab-78f2d5b9fe60; _dd_s=rum=1&id=7871d3d6-0ca2-4a76-bad6-ab525c5e2b48&created=1669903604050&expire=1669904504050
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.97
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Thu, 01 Dec 2022 14:06:45 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu135.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 224
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   224
Md5:    13593f6286d97ef957f443963fe931b8
Sha1:   fd8712c00baba802817d2189ca3ad204ca0cdd7a
Sha256: 4e8bba6a89604ac9c26316b3fc9ad4429053bf28e96ea657f198f8255e564f28

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - fortinet: Phishing
                                        
                                            POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1943
Origin: https://bt-106724.weeblysite.com
Connection: keep-alive
Referer: https://bt-106724.weeblysite.com/
Cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.214.185.169
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
date: Thu, 01 Dec 2022 14:06:45 GMT
content-length: 2
server: nginx
set-cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece; Expires=Fri, 01 Dec 2023 14:06:45 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://bt-106724.weeblysite.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            POST /api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7 HTTP/1.1 
Host: sentry.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bt-106724.weeblysite.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://bt-106724.weeblysite.com
Content-Length: 429
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.188.42.15
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Thu, 01 Dec 2022 14:06:45 GMT
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://bt-106724.weeblysite.com
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            GET /app/website/cms/api/v1/users/144042683/customers/coordinates HTTP/1.1 
Host: bt-106724.weeblysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6ImZWV1B2XC90XC9acjQxSE5XY2RONnhqQT09IiwidmFsdWUiOiJaNU9uOHVoaSthSElWRnlRVmdZVGtGNE5jZk5wRCtCUmpSa2UyVnNUelk5XC96WDFpTVZJaEIxd01kXC9PaGNZQVRzUlM4Z09SNkhSMlJxZDlrZnJsaEpxc1NhSzNpczRwN2EwUG9Qdzl4XC9pajE2SEJlOWpWY3RxRHJnOE9XajVBWiIsIm1hYyI6ImJhOTdjYjYxNzY5N2E5NmYxNDg3YTBkZGZhMzc3ZGU5YTU2Njg2ZjAxOTJjYjkwYmZhNmIwYjYwYmVlM2M1ZDUifQ==
Connection: keep-alive
Referer: https://bt-106724.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6InUrZ0tIRHJqK0xmSzFEalZkTmIrQVE9PSIsInZhbHVlIjoiVlFnRmJYdnpwMXJiVWszVFh1U3hlVDZSMlYxdWpRdCtnY3hUQ3Z0d0lPVzJySStsR29mcDRvRXpEcjBQR1Bya1FDUGp6NEsxeFRteWtPTzVKQjNDaTZDWVpYWUpMVERjMUg5VjgrdmV2V1czM0RsVDB5RTRZVEZSNlRuYmU3eFAiLCJtYWMiOiI0MjY4ODgzODg2OGZjOTJhZjZiNTIwYmEyNmQ5NjQyMmI5ODM4YjhiMDEzNGJjOTllZDE4ZWJkMzZiNzYyZTFmIn0%3D; XSRF-TOKEN=eyJpdiI6ImZWV1B2XC90XC9acjQxSE5XY2RONnhqQT09IiwidmFsdWUiOiJaNU9uOHVoaSthSElWRnlRVmdZVGtGNE5jZk5wRCtCUmpSa2UyVnNUelk5XC96WDFpTVZJaEIxd01kXC9PaGNZQVRzUlM4Z09SNkhSMlJxZDlrZnJsaEpxc1NhSzNpczRwN2EwUG9Qdzl4XC9pajE2SEJlOWpWY3RxRHJnOE9XajVBWiIsIm1hYyI6ImJhOTdjYjYxNzY5N2E5NmYxNDg3YTBkZGZhMzc3ZGU5YTU2Njg2ZjAxOTJjYjkwYmZhNmIwYjYwYmVlM2M1ZDUifQ%3D%3D; PublishedSiteSession=eyJpdiI6Iks2SG81ZTBsTHp5OFVmdm5zYlJ6bVE9PSIsInZhbHVlIjoidzVEQjU5RzdPd2hER2czQ3BOdVwvYjZ3ZGxNUFcwaDVjVVkwV0FBWGg0UGYrdmpJcHpZRTNiRVwvMld2M1hlSWJycHBqblFXWWtCNjE0MzErcThHZ29CMGwzNVIxUGNidWFBVFJIZVd6TUl3OWZ0VWZ2NDV5N2JuMVplM0NZM0F2RCIsIm1hYyI6ImJiZTJjNGZmYzk5NzY4N2ZmZjhkODYzZDU2ODY5YmE4ZGM1NDY5ODg0OWY2NzY2OGVlOGFhYzJhMGYxNDQyMjEifQ%3D%3D; _snow_ses.a289=*; _snow_id.a289=6576b4e7-930a-4694-a6dd-662dba889566.1669903604.1.1669903604.1669903604.353a3232-5783-4af5-9eab-78f2d5b9fe60; _dd_s=rum=1&id=7871d3d6-0ca2-4a76-bad6-ab525c5e2b48&created=1669903604050&expire=1669904504050
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.97
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Thu, 01 Dec 2022 14:06:45 GMT
Set-Cookie: websitespring-xsrf=eyJpdiI6ImhMWTV6TE9FXC9CZWlwc1wvSERaanJSUT09IiwidmFsdWUiOiJuWTlcL0pDd1FicUl5MzdBZEllWG85V1Q4WDlraUtBMWFvalAxU3Y3MHE3cm03NCs4elNJRjZtakJUVTU1RkxZXC9lcStNTnRWZ2h0YzJnd0xmcjRTUjRFNThQYlR6bHQ1NEpYSjNaeFRTWU1ZQUhndmZmbzJGbGxuVVprTlV1TmN3IiwibWFjIjoiOTc0YTc5OWI4NWFjNDIzODJhYjA2NmUwNGQ4M2ZkNmNmNDcyYzNjOTI2ZWVhNjg4NzY2MDM1YWI3YzQ4MThhMyJ9; expires=Thu, 15-Dec-2022 14:06:45 GMT; Max-Age=1209600; path=/ XSRF-TOKEN=eyJpdiI6IlVtb05ONzVcLzdrUzNnRlwvTHpNSTZWZz09IiwidmFsdWUiOiJaT044U1hvUHh6anp6Z2JtUEk3NWRMRmZvbmRBcEtWR2c2Qlc0MzA2THhoUVBPaFFnelpNVm1VM2VHMzZDNlh3cjU5eGkwT1dCUUl4T0VaN3NFUnc2RXdWUTNadmJrK1c5U0FQVEo3NjY2eVZaZGlGTkkwSHBMc3lXV1F5OVEyYiIsIm1hYyI6IjY5MGQ5ZjcyNjMxMGFiYjdkZjc2NmJmMTUwZTNlMmQ5ZGQ4NzMyMGRkY2I1YmM0ZjNlZjBmOWJlNDYyYWFlZDUifQ%3D%3D; expires=Thu, 15-Dec-2022 14:06:45 GMT; Max-Age=1209600; path=/
X-Host: blu152.sf2p.intern.weebly.net
X-Revision: 816ece5f6932666fedb5f058fa3c5c7398fbad59
X-Request-ID: 0523b78c13105da0bd26bf426972b033
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   70
Md5:    640255543bd97f97641649a886e80ffe
Sha1:   b5786c46052a4125675cb5209fa6baf279127dd4
Sha256: d6fcbe1ed6458625603c26b4102a02cead79a3472428fee8ca58440f60d85664

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2385
Expires: Thu, 01 Dec 2022 14:46:31 GMT
Date: Thu, 01 Dec 2022 14:06:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2385
Expires: Thu, 01 Dec 2022 14:46:31 GMT
Date: Thu, 01 Dec 2022 14:06:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2385
Expires: Thu, 01 Dec 2022 14:46:31 GMT
Date: Thu, 01 Dec 2022 14:06:46 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8740
x-amzn-requestid: c6c3e3dc-c9a2-4fda-a83b-cdd6ae81166b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uyE9CoAMF6Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc4-2c8940405044071a082ee678;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qykE_oaoqqPTgqGnfUo74mH29IOS97b5sZb_3VmB9yW7KUiJ1a7dnA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 18:58:06 GMT
age: 68920
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8740
Md5:    26d6dffbf400da4803a2e76e2a8ef2f8
Sha1:   2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
Sha256: 04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kZfRQsF_Fo2UtTqK0ByOPeQK-IzTQO9JtTmxIMlapmsd93SJk_4VYw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:47:30 GMT
age: 58756
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12898
Md5:    820cf89fcab8380adff42982c9fb11ed
Sha1:   84241ddddbbfd7de30118307fb1a62800d0a4cb3
Sha256: 0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:57 GMT
age: 58429
etag: "53650399f9a986ba54addd668b4557109d12003b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9674
Md5:    5508d05a290b663fd89ead9b58f2efd8
Sha1:   53650399f9a986ba54addd668b4557109d12003b
Sha256: 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9459
x-amzn-requestid: 9e243a73-18ff-4abf-9b9c-442719960125
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpppFXjoAMFehg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bca3-47620f39181264772d2fb52d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:13:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _v5hatZyEWVRB4Tebygbb-QfE02oaFxE8CRfQsUY7I_ektxE3YeIpw==
via: 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 17:08:01 GMT
age: 75525
etag: "2f9532d698b4c28df23e18bbb66399ec776d5b9f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9459
Md5:    e1e6b6ba4f82221b41c3d9129008c76d
Sha1:   2f9532d698b4c28df23e18bbb66399ec776d5b9f
Sha256: 218c6f41a16e6087c611d4db5784a7cc1d027084d0bf2bd6dc3843ee5dfd560f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16038
x-amzn-requestid: 925134ee-dd35-45ed-8da7-d60c9c484993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80EHboAMFtmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-48de287757e82632291365ee;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I8qQQUMSVzFmXqjWM1n_F1XEE-ZQcpEF81OwJgf9i3Q5M8XiFAa8Zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:00 GMT
age: 58486
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16038
Md5:    ffd12f9c423ffc627d9e3b3145944fe4
Sha1:   5cf9a7a784952e1bb0cbe499104f1774b1269d08
Sha256: a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4762
x-amzn-requestid: 52b09ca3-705b-4c86-9f56-172637553f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7TVG58oAMFQTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c15-4577a47243ad190672f8ac89;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Y0-NAp2LMMG5TjQQ9ENHwDyKXLObKTYqzPPOWvZhs7Y9WJIC6LoblQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 05:45:16 GMT
age: 30090
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4762
Md5:    d2dd5a4bcfd47db8f38544bf39ce3031
Sha1:   fa2217bae05b7beca2e12597eaad835298276b82
Sha256: 3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
                                        
                                            POST /ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments] HTTP/1.1 
Host: bt-106724.weeblysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6ImZWV1B2XC90XC9acjQxSE5XY2RONnhqQT09IiwidmFsdWUiOiJaNU9uOHVoaSthSElWRnlRVmdZVGtGNE5jZk5wRCtCUmpSa2UyVnNUelk5XC96WDFpTVZJaEIxd01kXC9PaGNZQVRzUlM4Z09SNkhSMlJxZDlrZnJsaEpxc1NhSzNpczRwN2EwUG9Qdzl4XC9pajE2SEJlOWpWY3RxRHJnOE9XajVBWiIsIm1hYyI6ImJhOTdjYjYxNzY5N2E5NmYxNDg3YTBkZGZhMzc3ZGU5YTU2Njg2ZjAxOTJjYjkwYmZhNmIwYjYwYmVlM2M1ZDUifQ==
Content-Length: 83
Origin: https://bt-106724.weeblysite.com
Connection: keep-alive
Referer: https://bt-106724.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6InUrZ0tIRHJqK0xmSzFEalZkTmIrQVE9PSIsInZhbHVlIjoiVlFnRmJYdnpwMXJiVWszVFh1U3hlVDZSMlYxdWpRdCtnY3hUQ3Z0d0lPVzJySStsR29mcDRvRXpEcjBQR1Bya1FDUGp6NEsxeFRteWtPTzVKQjNDaTZDWVpYWUpMVERjMUg5VjgrdmV2V1czM0RsVDB5RTRZVEZSNlRuYmU3eFAiLCJtYWMiOiI0MjY4ODgzODg2OGZjOTJhZjZiNTIwYmEyNmQ5NjQyMmI5ODM4YjhiMDEzNGJjOTllZDE4ZWJkMzZiNzYyZTFmIn0%3D; XSRF-TOKEN=eyJpdiI6ImZWV1B2XC90XC9acjQxSE5XY2RONnhqQT09IiwidmFsdWUiOiJaNU9uOHVoaSthSElWRnlRVmdZVGtGNE5jZk5wRCtCUmpSa2UyVnNUelk5XC96WDFpTVZJaEIxd01kXC9PaGNZQVRzUlM4Z09SNkhSMlJxZDlrZnJsaEpxc1NhSzNpczRwN2EwUG9Qdzl4XC9pajE2SEJlOWpWY3RxRHJnOE9XajVBWiIsIm1hYyI6ImJhOTdjYjYxNzY5N2E5NmYxNDg3YTBkZGZhMzc3ZGU5YTU2Njg2ZjAxOTJjYjkwYmZhNmIwYjYwYmVlM2M1ZDUifQ%3D%3D; PublishedSiteSession=eyJpdiI6Iks2SG81ZTBsTHp5OFVmdm5zYlJ6bVE9PSIsInZhbHVlIjoidzVEQjU5RzdPd2hER2czQ3BOdVwvYjZ3ZGxNUFcwaDVjVVkwV0FBWGg0UGYrdmpJcHpZRTNiRVwvMld2M1hlSWJycHBqblFXWWtCNjE0MzErcThHZ29CMGwzNVIxUGNidWFBVFJIZVd6TUl3OWZ0VWZ2NDV5N2JuMVplM0NZM0F2RCIsIm1hYyI6ImJiZTJjNGZmYzk5NzY4N2ZmZjhkODYzZDU2ODY5YmE4ZGM1NDY5ODg0OWY2NzY2OGVlOGFhYzJhMGYxNDQyMjEifQ%3D%3D; _snow_ses.a289=*; _snow_id.a289=6576b4e7-930a-4694-a6dd-662dba889566.1669903604.1.1669903604.1669903604.353a3232-5783-4af5-9eab-78f2d5b9fe60; _dd_s=rum=1&id=7871d3d6-0ca2-4a76-bad6-ab525c5e2b48&created=1669903604050&expire=1669904504050
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.97
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Thu, 01 Dec 2022 14:06:46 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu64.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 201
Keep-Alive: timeout=10, max=73
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   201
Md5:    bbf985fd86ef8add09a38860a98def2f
Sha1:   2804fa968da1e1b8be4b6f150438e45f4150d3c0
Sha256: 236153652c6f09415db4ee8f8b9a98827da5987a001a136d94d87f401ef6f160

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - fortinet: Phishing
                                        
                                            GET /uploads/b/11360a30-7115-11ed-9273-ed60a07bc09a/icon_180x180_ios_MzAxMz.png?width=180 HTTP/1.1 
Host: bt-106724.weeblysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bt-106724.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6InUrZ0tIRHJqK0xmSzFEalZkTmIrQVE9PSIsInZhbHVlIjoiVlFnRmJYdnpwMXJiVWszVFh1U3hlVDZSMlYxdWpRdCtnY3hUQ3Z0d0lPVzJySStsR29mcDRvRXpEcjBQR1Bya1FDUGp6NEsxeFRteWtPTzVKQjNDaTZDWVpYWUpMVERjMUg5VjgrdmV2V1czM0RsVDB5RTRZVEZSNlRuYmU3eFAiLCJtYWMiOiI0MjY4ODgzODg2OGZjOTJhZjZiNTIwYmEyNmQ5NjQyMmI5ODM4YjhiMDEzNGJjOTllZDE4ZWJkMzZiNzYyZTFmIn0%3D; XSRF-TOKEN=eyJpdiI6IlVtb05ONzVcLzdrUzNnRlwvTHpNSTZWZz09IiwidmFsdWUiOiJaT044U1hvUHh6anp6Z2JtUEk3NWRMRmZvbmRBcEtWR2c2Qlc0MzA2THhoUVBPaFFnelpNVm1VM2VHMzZDNlh3cjU5eGkwT1dCUUl4T0VaN3NFUnc2RXdWUTNadmJrK1c5U0FQVEo3NjY2eVZaZGlGTkkwSHBMc3lXV1F5OVEyYiIsIm1hYyI6IjY5MGQ5ZjcyNjMxMGFiYjdkZjc2NmJmMTUwZTNlMmQ5ZGQ4NzMyMGRkY2I1YmM0ZjNlZjBmOWJlNDYyYWFlZDUifQ%3D%3D; PublishedSiteSession=eyJpdiI6Iks2SG81ZTBsTHp5OFVmdm5zYlJ6bVE9PSIsInZhbHVlIjoidzVEQjU5RzdPd2hER2czQ3BOdVwvYjZ3ZGxNUFcwaDVjVVkwV0FBWGg0UGYrdmpJcHpZRTNiRVwvMld2M1hlSWJycHBqblFXWWtCNjE0MzErcThHZ29CMGwzNVIxUGNidWFBVFJIZVd6TUl3OWZ0VWZ2NDV5N2JuMVplM0NZM0F2RCIsIm1hYyI6ImJiZTJjNGZmYzk5NzY4N2ZmZjhkODYzZDU2ODY5YmE4ZGM1NDY5ODg0OWY2NzY2OGVlOGFhYzJhMGYxNDQyMjEifQ%3D%3D; _snow_ses.a289=*; _snow_id.a289=6576b4e7-930a-4694-a6dd-662dba889566.1669903604.1.1669903604.1669903604.353a3232-5783-4af5-9eab-78f2d5b9fe60; _dd_s=rum=1&id=7871d3d6-0ca2-4a76-bad6-ab525c5e2b48&created=1669903604050&expire=1669904504050; websitespring-xsrf=eyJpdiI6ImhMWTV6TE9FXC9CZWlwc1wvSERaanJSUT09IiwidmFsdWUiOiJuWTlcL0pDd1FicUl5MzdBZEllWG85V1Q4WDlraUtBMWFvalAxU3Y3MHE3cm03NCs4elNJRjZtakJUVTU1RkxZXC9lcStNTnRWZ2h0YzJnd0xmcjRTUjRFNThQYlR6bHQ1NEpYSjNaeFRTWU1ZQUhndmZmbzJGbGxuVVprTlV1TmN3IiwibWFjIjoiOTc0YTc5OWI4NWFjNDIzODJhYjA2NmUwNGQ4M2ZkNmNmNDcyYzNjOTI2ZWVhNjg4NzY2MDM1YWI3YzQ4MThhMyJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.97
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Server: nginx
Date: Thu, 01 Dec 2022 14:06:46 GMT
Content-Length: 308
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "7IHuqLqmGdP6axeVZ87Bk3nWIjUXa1b7FQcTcbgemvQ"
Fastly-Io-Info: ifsz=609 idim=180x180 ifmt=png ofsz=308 odim=180x180 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx00000000000003e6dbf5c-00638874c5-c669cc6-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: zaa2c
X-Storage-Object: aa2c00fa71aab20174e24b65c4653377f51879ea68dfdc2f2a953a4ae2a6b8ea
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-sjc10044-SJC, cache-pao17466-PAO
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1669903606.371146,VS0,VE24
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn135.sf2p.intern.weebly.net


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   308
Md5:    8338ee843208da4830b95ac66b9e6990
Sha1:   f480abfd01fdf8222250b557bc13c5c5a063cd27
Sha256: e4c6b2ff7a0897a52539b3bda1250eb5980d06f2dfbaf448465355445730677d

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - fortinet: Phishing
                                        
                                            POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 2383
Origin: https://bt-106724.weeblysite.com
Connection: keep-alive
Referer: https://bt-106724.weeblysite.com/
Cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.214.185.169
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
date: Thu, 01 Dec 2022 14:06:46 GMT
content-length: 2
server: nginx
set-cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece; Expires=Fri, 01 Dec 2023 14:06:46 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://bt-106724.weeblysite.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3403
Cache-Control: max-age=170098
Date: Thu, 01 Dec 2022 14:06:46 GMT
Etag: "63889d1d-1d7"
Expires: Sat, 03 Dec 2022 13:21:44 GMT
Last-Modified: Thu, 01 Dec 2022 12:25:01 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4613
Cache-Control: max-age=154015
Date: Thu, 01 Dec 2022 14:06:46 GMT
Etag: "63885990-1d7"
Expires: Sat, 03 Dec 2022 08:53:41 GMT
Last-Modified: Thu, 01 Dec 2022 07:36:48 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.weebly.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bt-106724.weeblysite.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         74.115.50.109
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Date: Thu, 01 Dec 2022 14:06:46 GMT
Server: Apache
Last-Modified: Tue, 29 Nov 2022 20:11:58 GMT
ETag: "10be-5eea1999e7f80"
Accept-Ranges: bytes
Content-Length: 4286
X-Host: grn95.sf2p.intern.weebly.net
Vary: User-Agent
Keep-Alive: timeout=10, max=39
Connection: Keep-Alive
X-W-DC: SFO
Set-Cookie: sto-id-editor=HMFABMAK; Domain=weebly.com; Path=/


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size:   4286
Md5:    4d27526198ac873ccec96935198e0fb9
Sha1:   b98d8b73ad6a0f7477c3397561b4aab37bf262aa
Sha256: 40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
                                        
                                            POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1842
Origin: https://bt-106724.weeblysite.com
Connection: keep-alive
Referer: https://bt-106724.weeblysite.com/
Cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.214.185.169
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
date: Thu, 01 Dec 2022 14:06:46 GMT
content-length: 2
server: nginx
set-cookie: sp=d2bba086-0aa6-46f5-ab66-2876bea79ece; Expires=Fri, 01 Dec 2023 14:06:46 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://bt-106724.weeblysite.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable] HTTP/1.1 
Host: bt-106724.weeblysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6IlVtb05ONzVcLzdrUzNnRlwvTHpNSTZWZz09IiwidmFsdWUiOiJaT044U1hvUHh6anp6Z2JtUEk3NWRMRmZvbmRBcEtWR2c2Qlc0MzA2THhoUVBPaFFnelpNVm1VM2VHMzZDNlh3cjU5eGkwT1dCUUl4T0VaN3NFUnc2RXdWUTNadmJrK1c5U0FQVEo3NjY2eVZaZGlGTkkwSHBMc3lXV1F5OVEyYiIsIm1hYyI6IjY5MGQ5ZjcyNjMxMGFiYjdkZjc2NmJmMTUwZTNlMmQ5ZGQ4NzMyMGRkY2I1YmM0ZjNlZjBmOWJlNDYyYWFlZDUifQ==
Content-Length: 77
Origin: https://bt-106724.weeblysite.com
Connection: keep-alive
Referer: https://bt-106724.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6InUrZ0tIRHJqK0xmSzFEalZkTmIrQVE9PSIsInZhbHVlIjoiVlFnRmJYdnpwMXJiVWszVFh1U3hlVDZSMlYxdWpRdCtnY3hUQ3Z0d0lPVzJySStsR29mcDRvRXpEcjBQR1Bya1FDUGp6NEsxeFRteWtPTzVKQjNDaTZDWVpYWUpMVERjMUg5VjgrdmV2V1czM0RsVDB5RTRZVEZSNlRuYmU3eFAiLCJtYWMiOiI0MjY4ODgzODg2OGZjOTJhZjZiNTIwYmEyNmQ5NjQyMmI5ODM4YjhiMDEzNGJjOTllZDE4ZWJkMzZiNzYyZTFmIn0%3D; XSRF-TOKEN=eyJpdiI6IlVtb05ONzVcLzdrUzNnRlwvTHpNSTZWZz09IiwidmFsdWUiOiJaT044U1hvUHh6anp6Z2JtUEk3NWRMRmZvbmRBcEtWR2c2Qlc0MzA2THhoUVBPaFFnelpNVm1VM2VHMzZDNlh3cjU5eGkwT1dCUUl4T0VaN3NFUnc2RXdWUTNadmJrK1c5U0FQVEo3NjY2eVZaZGlGTkkwSHBMc3lXV1F5OVEyYiIsIm1hYyI6IjY5MGQ5ZjcyNjMxMGFiYjdkZjc2NmJmMTUwZTNlMmQ5ZGQ4NzMyMGRkY2I1YmM0ZjNlZjBmOWJlNDYyYWFlZDUifQ%3D%3D; PublishedSiteSession=eyJpdiI6Iks2SG81ZTBsTHp5OFVmdm5zYlJ6bVE9PSIsInZhbHVlIjoidzVEQjU5RzdPd2hER2czQ3BOdVwvYjZ3ZGxNUFcwaDVjVVkwV0FBWGg0UGYrdmpJcHpZRTNiRVwvMld2M1hlSWJycHBqblFXWWtCNjE0MzErcThHZ29CMGwzNVIxUGNidWFBVFJIZVd6TUl3OWZ0VWZ2NDV5N2JuMVplM0NZM0F2RCIsIm1hYyI6ImJiZTJjNGZmYzk5NzY4N2ZmZjhkODYzZDU2ODY5YmE4ZGM1NDY5ODg0OWY2NzY2OGVlOGFhYzJhMGYxNDQyMjEifQ%3D%3D; _snow_ses.a289=*; _snow_id.a289=6576b4e7-930a-4694-a6dd-662dba889566.1669903604.1.1669903605.1669903604.353a3232-5783-4af5-9eab-78f2d5b9fe60; _dd_s=rum=1&id=7871d3d6-0ca2-4a76-bad6-ab525c5e2b48&created=1669903604050&expire=1669904504050; websitespring-xsrf=eyJpdiI6ImhMWTV6TE9FXC9CZWlwc1wvSERaanJSUT09IiwidmFsdWUiOiJuWTlcL0pDd1FicUl5MzdBZEllWG85V1Q4WDlraUtBMWFvalAxU3Y3MHE3cm03NCs4elNJRjZtakJUVTU1RkxZXC9lcStNTnRWZ2h0YzJnd0xmcjRTUjRFNThQYlR6bHQ1NEpYSjNaeFRTWU1ZQUhndmZmbzJGbGxuVVprTlV1TmN3IiwibWFjIjoiOTc0YTc5OWI4NWFjNDIzODJhYjA2NmUwNGQ4M2ZkNmNmNDcyYzNjOTI2ZWVhNjg4NzY2MDM1YWI3YzQ4MThhMyJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.97
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Thu, 01 Dec 2022 14:06:46 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn9.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 80
Keep-Alive: timeout=10, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   80
Md5:    49ccb1672036652093e2af110970392c
Sha1:   0a448340d7898a7cc714db06964c46d6db44ae74
Sha256: 3714771a4773e635f63ae32d648364782f11e72a0a60918baf978ebb6ec1c22d

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - fortinet: Phishing
                                        
                                            POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder] HTTP/1.1 
Host: bt-106724.weeblysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6IlVtb05ONzVcLzdrUzNnRlwvTHpNSTZWZz09IiwidmFsdWUiOiJaT044U1hvUHh6anp6Z2JtUEk3NWRMRmZvbmRBcEtWR2c2Qlc0MzA2THhoUVBPaFFnelpNVm1VM2VHMzZDNlh3cjU5eGkwT1dCUUl4T0VaN3NFUnc2RXdWUTNadmJrK1c5U0FQVEo3NjY2eVZaZGlGTkkwSHBMc3lXV1F5OVEyYiIsIm1hYyI6IjY5MGQ5ZjcyNjMxMGFiYjdkZjc2NmJmMTUwZTNlMmQ5ZGQ4NzMyMGRkY2I1YmM0ZjNlZjBmOWJlNDYyYWFlZDUifQ==
Content-Length: 89
Origin: https://bt-106724.weeblysite.com
Connection: keep-alive
Referer: https://bt-106724.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6InUrZ0tIRHJqK0xmSzFEalZkTmIrQVE9PSIsInZhbHVlIjoiVlFnRmJYdnpwMXJiVWszVFh1U3hlVDZSMlYxdWpRdCtnY3hUQ3Z0d0lPVzJySStsR29mcDRvRXpEcjBQR1Bya1FDUGp6NEsxeFRteWtPTzVKQjNDaTZDWVpYWUpMVERjMUg5VjgrdmV2V1czM0RsVDB5RTRZVEZSNlRuYmU3eFAiLCJtYWMiOiI0MjY4ODgzODg2OGZjOTJhZjZiNTIwYmEyNmQ5NjQyMmI5ODM4YjhiMDEzNGJjOTllZDE4ZWJkMzZiNzYyZTFmIn0%3D; XSRF-TOKEN=eyJpdiI6IlVtb05ONzVcLzdrUzNnRlwvTHpNSTZWZz09IiwidmFsdWUiOiJaT044U1hvUHh6anp6Z2JtUEk3NWRMRmZvbmRBcEtWR2c2Qlc0MzA2THhoUVBPaFFnelpNVm1VM2VHMzZDNlh3cjU5eGkwT1dCUUl4T0VaN3NFUnc2RXdWUTNadmJrK1c5U0FQVEo3NjY2eVZaZGlGTkkwSHBMc3lXV1F5OVEyYiIsIm1hYyI6IjY5MGQ5ZjcyNjMxMGFiYjdkZjc2NmJmMTUwZTNlMmQ5ZGQ4NzMyMGRkY2I1YmM0ZjNlZjBmOWJlNDYyYWFlZDUifQ%3D%3D; PublishedSiteSession=eyJpdiI6Iks2SG81ZTBsTHp5OFVmdm5zYlJ6bVE9PSIsInZhbHVlIjoidzVEQjU5RzdPd2hER2czQ3BOdVwvYjZ3ZGxNUFcwaDVjVVkwV0FBWGg0UGYrdmpJcHpZRTNiRVwvMld2M1hlSWJycHBqblFXWWtCNjE0MzErcThHZ29CMGwzNVIxUGNidWFBVFJIZVd6TUl3OWZ0VWZ2NDV5N2JuMVplM0NZM0F2RCIsIm1hYyI6ImJiZTJjNGZmYzk5NzY4N2ZmZjhkODYzZDU2ODY5YmE4ZGM1NDY5ODg0OWY2NzY2OGVlOGFhYzJhMGYxNDQyMjEifQ%3D%3D; _snow_ses.a289=*; _snow_id.a289=6576b4e7-930a-4694-a6dd-662dba889566.1669903604.1.1669903605.1669903604.353a3232-5783-4af5-9eab-78f2d5b9fe60; _dd_s=rum=1&id=7871d3d6-0ca2-4a76-bad6-ab525c5e2b48&created=1669903604050&expire=1669904504050; websitespring-xsrf=eyJpdiI6ImhMWTV6TE9FXC9CZWlwc1wvSERaanJSUT09IiwidmFsdWUiOiJuWTlcL0pDd1FicUl5MzdBZEllWG85V1Q4WDlraUtBMWFvalAxU3Y3MHE3cm03NCs4elNJRjZtakJUVTU1RkxZXC9lcStNTnRWZ2h0YzJnd0xmcjRTUjRFNThQYlR6bHQ1NEpYSjNaeFRTWU1ZQUhndmZmbzJGbGxuVVprTlV1TmN3IiwibWFjIjoiOTc0YTc5OWI4NWFjNDIzODJhYjA2NmUwNGQ4M2ZkNmNmNDcyYzNjOTI2ZWVhNjg4NzY2MDM1YWI3YzQ4MThhMyJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.97
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Thu, 01 Dec 2022 14:06:46 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn23.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 182
Keep-Alive: timeout=10, max=69
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   182
Md5:    6f6b6b81dd3714cd388808342e960a10
Sha1:   f34bc92a2c7a4dfe56bd6f069ad601e6a61e3b61
Sha256: 2eb22bb7b96aaee11236fcf99e822ede29d3a2ddf2d6f019bb70005b5a1540ef

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - fortinet: Phishing
                                        
                                            POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-816ece5&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=10e326a7-e72e-4b71-9895-fe6281d76223&batch_time=1669903605230 HTTP/1.1 
Host: rum.browser-intake-datadoghq.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 16156
Origin: https://bt-106724.weeblysite.com
Connection: keep-alive
Referer: https://bt-106724.weeblysite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         3.233.155.115
HTTP/2 202 Accepted
content-type: application/json
                                        
date: Thu, 01 Dec 2022 14:06:47 GMT
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   53
Md5:    6116fd38c6bcb1bdb60b0eee41dad1a2
Sha1:   fc5908948d56bbdc80a6b321ff8cbacadc7c3130
Sha256: e79e84f24ba809e7ed3143d6e676af4b7b79f8c65c5fd06918b57243da637dc3
                                        
                                            GET /uploads/b/c70301eedb2c0a8273d92f032041b1d2d5f658da4001b1e867323b64328cec8d/Captureee_1669857414.PNG?width=400 HTTP/1.1 
Host: bt-106724.weeblysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bt-106724.weeblysite.com/
Cookie: publishedsite-xsrf=eyJpdiI6InUrZ0tIRHJqK0xmSzFEalZkTmIrQVE9PSIsInZhbHVlIjoiVlFnRmJYdnpwMXJiVWszVFh1U3hlVDZSMlYxdWpRdCtnY3hUQ3Z0d0lPVzJySStsR29mcDRvRXpEcjBQR1Bya1FDUGp6NEsxeFRteWtPTzVKQjNDaTZDWVpYWUpMVERjMUg5VjgrdmV2V1czM0RsVDB5RTRZVEZSNlRuYmU3eFAiLCJtYWMiOiI0MjY4ODgzODg2OGZjOTJhZjZiNTIwYmEyNmQ5NjQyMmI5ODM4YjhiMDEzNGJjOTllZDE4ZWJkMzZiNzYyZTFmIn0%3D; XSRF-TOKEN=eyJpdiI6IlVtb05ONzVcLzdrUzNnRlwvTHpNSTZWZz09IiwidmFsdWUiOiJaT044U1hvUHh6anp6Z2JtUEk3NWRMRmZvbmRBcEtWR2c2Qlc0MzA2THhoUVBPaFFnelpNVm1VM2VHMzZDNlh3cjU5eGkwT1dCUUl4T0VaN3NFUnc2RXdWUTNadmJrK1c5U0FQVEo3NjY2eVZaZGlGTkkwSHBMc3lXV1F5OVEyYiIsIm1hYyI6IjY5MGQ5ZjcyNjMxMGFiYjdkZjc2NmJmMTUwZTNlMmQ5ZGQ4NzMyMGRkY2I1YmM0ZjNlZjBmOWJlNDYyYWFlZDUifQ%3D%3D; PublishedSiteSession=eyJpdiI6Iks2SG81ZTBsTHp5OFVmdm5zYlJ6bVE9PSIsInZhbHVlIjoidzVEQjU5RzdPd2hER2czQ3BOdVwvYjZ3ZGxNUFcwaDVjVVkwV0FBWGg0UGYrdmpJcHpZRTNiRVwvMld2M1hlSWJycHBqblFXWWtCNjE0MzErcThHZ29CMGwzNVIxUGNidWFBVFJIZVd6TUl3OWZ0VWZ2NDV5N2JuMVplM0NZM0F2RCIsIm1hYyI6ImJiZTJjNGZmYzk5NzY4N2ZmZjhkODYzZDU2ODY5YmE4ZGM1NDY5ODg0OWY2NzY2OGVlOGFhYzJhMGYxNDQyMjEifQ%3D%3D; _snow_ses.a289=*; _snow_id.a289=6576b4e7-930a-4694-a6dd-662dba889566.1669903604.1.1669903605.1669903604.353a3232-5783-4af5-9eab-78f2d5b9fe60; _dd_s=rum=1&id=7871d3d6-0ca2-4a76-bad6-ab525c5e2b48&created=1669903604050&expire=1669904504050; websitespring-xsrf=eyJpdiI6ImhMWTV6TE9FXC9CZWlwc1wvSERaanJSUT09IiwidmFsdWUiOiJuWTlcL0pDd1FicUl5MzdBZEllWG85V1Q4WDlraUtBMWFvalAxU3Y3MHE3cm03NCs4elNJRjZtakJUVTU1RkxZXC9lcStNTnRWZ2h0YzJnd0xmcjRTUjRFNThQYlR6bHQ1NEpYSjNaeFRTWU1ZQUhndmZmbzJGbGxuVVprTlV1TmN3IiwibWFjIjoiOTc0YTc5OWI4NWFjNDIzODJhYjA2NmUwNGQ4M2ZkNmNmNDcyYzNjOTI2ZWVhNjg4NzY2MDM1YWI3YzQ4MThhMyJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.97
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Server: nginx
Date: Thu, 01 Dec 2022 14:06:47 GMT
Content-Length: 2478
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "+Z5goQvcNfZqwi3/n9h/suX89jUUKFo7B3xB89qmnTU"
Fastly-Io-Info: ifsz=3623 idim=88x79 ifmt=png ofsz=2478 odim=88x79 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx00000000000003d2a8264-0063880088-c6aed46-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: zbc1d
X-Storage-Object: bc1dec5fed4def6035ebf29eac90c882161afbc102d79d4ec1ec179ca532c417
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 2075
X-Served-By: cache-sjc10057-SJC, cache-pao17429-PAO
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
X-Timer: S1669903607.124200,VS0,VE6
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu33.sf2p.intern.weebly.net


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2478
Md5:    9d8b37e3c618a72a4d4e0a3e92020c56
Sha1:   a159f83af1ca6e4fc7827172176d603d68151b07
Sha256: 3b1d0723c2d2472ee8a33a7494042723d3fd862cca7a6756f3326e9f8e6cce86

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - fortinet: Phishing
                                        
                                            POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-816ece5&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=b219aca3-5e42-4fc8-bb41-b7bce0be3db2&batch_time=1669903605159 HTTP/1.1 
Host: rum.browser-intake-datadoghq.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15917
Origin: https://bt-106724.weeblysite.com
Connection: keep-alive
Referer: https://bt-106724.weeblysite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         3.233.155.115
HTTP/2 202 Accepted
content-type: application/json
                                        
date: Thu, 01 Dec 2022 14:06:47 GMT
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   53
Md5:    f7c5800f83535f270dd56b768e18758f
Sha1:   7950a563590afb45805d611f25cac71a956ec8bd
Sha256: 33714ee34144747675172d4b4f3da7b2401f23c0503c30236ea6450cb33fd839