Overview

URLaviva-group-emailverification.squarehealth.com/
IP 52.19.31.233 (Ireland)
ASN#16509 AMAZON-02
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-09 13:50:36 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (14)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
www.squarehealth.com (31) 0 2017-01-19 15:01:24 UTC 2022-12-02 14:50:06 UTC 52.19.31.233 Unknown ranking
r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-12-09 04:09:12 UTC 95.101.11.115
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-09 04:11:36 UTC 34.117.237.239
code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-12-09 04:09:30 UTC 69.16.175.10
ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-12-09 04:10:05 UTC 142.250.74.131
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-12-09 04:09:09 UTC 34.120.237.76
aviva-group-emailverification.squarehealth.com (1) 0 2022-12-08 00:16:01 UTC 2022-12-09 11:16:21 UTC 52.19.31.233 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-12-09 04:09:19 UTC 34.160.144.191
ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-12-09 10:54:32 UTC 93.184.220.29
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-12-09 04:11:36 UTC 35.82.221.194
firefox.settings.services.mozilla.com (2) 867 2020-05-25 20:06:39 UTC 2022-12-09 04:09:32 UTC 35.241.9.150
ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-12-09 12:55:51 UTC 104.18.32.68
www.google.com (1) 7 2012-11-08 00:08:21 UTC 2022-12-09 13:28:57 UTC 216.58.211.4
www.gstatic.com (1) 0 2012-05-29 15:36:17 UTC 2022-12-09 04:33:35 UTC 216.58.211.3 Domain (gstatic.com) ranked at: 540

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-12-07 2 aviva-group-emailverification.squarehealth.com/ PayPal Inc.

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 52.19.31.233
Date UQ / IDS / BL URL IP
2022-12-09 13:50:36 +0000 0 - 0 - 1 aviva-group-emailverification.squarehealth.com/ 52.19.31.233


Last 5 reports on ASN: AMAZON-02
Date UQ / IDS / BL URL IP
2023-01-29 15:32:27 +0000 0 - 0 - 1 aerialfile.com/names 13.56.33.8
2023-01-29 15:31:03 +0000 0 - 0 - 2 newsscanner.info/ 75.2.18.233
2023-01-29 15:30:46 +0000 0 - 1 - 6 clickwinner.icu/e3c7b597-71e7-4f7e-b920-2d25d (...) 18.156.16.63
2023-01-29 15:30:46 +0000 0 - 1 - 7 clickwinner.icu/9be5bab8-6a49-47f7-b94e-f1737 (...) 18.156.16.63
2023-01-29 15:30:21 +0000 0 - 0 - 2 52.85.224.36/ 52.85.224.36


Last 4 reports on domain: squarehealth.com
Date UQ / IDS / BL URL IP
2022-12-09 13:50:36 +0000 0 - 0 - 1 aviva-group-emailverification.squarehealth.com/ 52.19.31.233
2022-12-08 00:16:12 +0000 0 - 0 - 4 aviva-group-emailverification.squarehealth.com/ 143.204.55.115
2022-11-27 00:10:42 +0000 0 - 0 - 4 aviva-group-emailverification.squarehealth.co (...) 143.204.55.100
2022-11-23 17:56:22 +0000 0 - 0 - 6 aviva-group-emailverification.squarehealth.com/ 143.204.55.115


No other reports with similar screenshot

JavaScript

Executed Scripts (18)

Executed Evals (5)
#1 JavaScript::Eval (size: 15588) - SHA256: 0d4559ba47020dfb3d3229a79fae241152a0337f86a9c8a01bd5add41c1753b7
/* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var y = this || self,
        e = function(R) {
            return R
        },
        q = function(R, n) {
            if ((n = (R = y.trustedTypes, null), !R) || !R.createPolicy) return n;
            try {
                n = R.createPolicy("bg", {
                    createHTML: e,
                    createScript: e,
                    createScriptURL: e
                })
            } catch (k) {
                y.console && y.console.error(k.message)
            }
            return n
        };
    (0, eval)(function(R, n) {
        return (n = q()) && 1 === R.eval(n.createScript("1")) ? function(k) {
            return n.createScript(k)
        } : function(k) {
            return "" + k
        }
    }(y)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var p=function(R,n,k){k[V(R,n,k),Rl]=2796},nX=function(R,n){return R(function(k){k(n)}),[function(){return n}]},kz=function(R,n,k,q,c){for(n=(q=(c=n[3]|0,0),n[2])|0;14>q;q++)c=c>>>8|c<<24,k=k>>>8|k<<24,k+=R|0,c+=n|0,k^=n+2298,R=R<<3|R>>>29,c^=q+2298,R^=k,n=n<<3|n>>>29,n^=c;return[R>>>24&255,R>>>16&255,R>>>8&255,R>>>0&255,k>>>24&255,k>>>16&255,k>>>8&255,k>>>0&255]},E,L=function(R,n,k,q,c,y,e,K,N,Q,Z,w,U,h){if(y=v(n,278),y>=n.B)throw[x,31];for(c=(K=0,q=R,Q=y,n.c0.length);0<q;)Z=Q%8,N=8-(Z|0),N=N<q?N:q,U=Q>>3,w=n.i[U],k&&(e=n,e.A!=Q>>6&&(e.A=Q>>6,h=v(e,358),e.l=kz(e.O,[0,0,h[1],h[2]],e.A)),w^=n.l[U&c]),K|=(w>>8-(Z|0)-(N|0)&(1<<N)-1)<<(q|0)-(N|0),Q+=N,q-=N;return V(278,n,(k=K,(y|0)+(R|0))),k},yB=function(R,n,k,q){try{q=R[((n|0)+2)%3],R[n]=(R[n]|0)-(R[((n|0)+1)%3]|0)-(q|0)^(1==n?q<<k:q>>>k)}catch(c){throw c;}},eM=function(R,n){return n=P(R),n&128&&(n=n&127|P(R)<<7),n},qX=function(R,n,k){if((n=typeof R,"object")==n)if(R){if(R instanceof Array)return"array";if(R instanceof Object)return n;if("[object Window]"==(k=Object.prototype.toString.call(R),k))return"object";if("[object Array]"==k||"number"==typeof R.length&&"undefined"!=typeof R.splice&&"undefined"!=typeof R.propertyIsEnumerable&&!R.propertyIsEnumerable("splice"))return"array";if("[object Function]"==k||"undefined"!=typeof R.call&&"undefined"!=typeof R.propertyIsEnumerable&&!R.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==n&&"undefined"==typeof R.call)return"object";return n},C=function(R,n){R.P.splice(0,0,n)},G=function(R,n,k,q,c,y){if(n.C==n)for(c=v(n,R),421==R?(R=function(e,K,N,Q){if(c.mm!=(Q=((K=c.length,K)|0)-4>>3,Q)){Q=(c.mm=(N=[0,0,y[1],y[2]],Q),(Q<<3)-4);try{c.nk=kz(KX(c,Q),N,KX(c,(Q|0)+4))}catch(Z){throw Z;}}c.push(c.nk[K&7]^e)},y=v(n,408)):R=function(e){c.push(e)},q&&R(q&255),n=k.length,q=0;q<n;q++)R(k[q])},NX=function(R,n,k,q){for(;R.P.length;){k=(R.F=null,R).P.pop();try{q=ca(R,k)}catch(c){r(R,c)}if(n&&R.F){n=R.F,n(function(){B(true,R,true)});break}}return q},QB=function(R,n,k,q){return(q=I[R.substring(0,3)+"_"])?q(R.substring(3),n,k):nX(n,R)},sk=function(R,n,k,q,c){G(((c=(k=u((c=u((q=n&4,n&=3,R)),R)),v(R,c)),q)&&(c=pX(""+c)),n&&G(k,R,D(2,c.length)),k),R,c)},l=function(R,n,k,q,c,y,e,K,N){if((R.C=(((K=(y=(N=(c=(e=0<(k||R.X++,R).U&&R.S&&R.xh&&1>=R.J&&!R.L&&!R.F&&(!k||1<R.Z-n)&&0==document.hidden,4==R.X))||e?R.s():R.T,N-R.T),y)>>14,R).O&&(R.O^=K*(y<<2)),R).Y+=K,K||R.C),c)||e)R.X=0,R.T=N;if(!e||N-R.H<R.U-(q?255:k?5:2))return false;return!((V(278,(q=v(R,(R.Z=n,k?426:278)),R),R.B),R.P).push([jM,q,k?n+1:n]),R.F=z,0)},Ek=function(R,n,k){if(3==R.length){for(k=0;3>k;k++)n[k]+=R[k];for(k=[(R=0,13),8,13,12,16,5,3,10,15];9>R;R++)n[3](n,R%3,k[R])}},u=function(R,n){if(R.L)return Zn(R,R.N);return n=L(8,R,true),n&128&&(n^=128,R=L(2,R,true),n=(n<<2)+(R|0)),n},KX=function(R,n){return R[n]<<24|R[(n|0)+1]<<16|R[(n|0)+2]<<8|R[(n|0)+3]},we=function(R,n,k,q,c,y,e,K){return(c=d[n.I]((k=[-2,42,-72,-(y=va,46),-26,-71,k,61,(K=q&7,9),2],n.MJ)),c)[n.I]=function(N){e=N,K+=6+7*q,K&=7},c.concat=function(N){return(N=(e=(N=+(N=R%16+1,k)[K+59&7]*R*N-N*e- -2440*e+(y()|0)*N+1*R*R*N-2562*R*e-61*R*R*e+K+61*e*e,void 0),k[N]),k[(K+69&7)+(q&2)]=N,k)[K+(q&2)]=42,N},c},V=function(R,n,k){if(278==R||426==R)n.u[R]?n.u[R].concat(k):n.u[R]=h8(n,k);else{if(n.D&&358!=R)return;305==R||421==R||352==R||236==R||408==R?n.u[R]||(n.u[R]=we(R,n,k,54)):n.u[R]=we(R,n,k,113)}358==R&&(n.O=L(32,n,false),n.A=void 0)},P=function(R){return R.L?Zn(R,R.N):L(8,R,true)},B=function(R,n,k,q,c,y){if(n.P.length){(n.S=!(n.S&&0(),0),n).xh=k;try{q=n.s(),n.H=q,n.T=q,n.X=0,c=NX(n,k),y=n.s()-n.H,n.G+=y,y<(R?0:10)||0>=n.g--||(y=Math.floor(y),n.K.push(254>=y?y:254))}finally{n.S=false}return c}},xz=function(R,n,k,q){for(k=(q=u(n),0);0<R;R--)k=k<<8|P(n);V(q,n,k)},I,Pa=function(R,n,k,q){return v(R,(LX((q=v(R,278),R.i&&q<R.B?(V(278,R,R.B),Uk(k,R)):V(278,R,k),n),R),V(278,R,q),15))},Tu=function(R,n,k,q,c){for(c=(q=(k.In=(k.MJ=J8(k.I,(k.v0=(k.NJ=be,CX),k.c0=k[F],{get:function(){return this.concat()}})),d)[k.I](k.MJ,{value:{value:{}}}),[]),0);128>c;c++)q[c]=String.fromCharCode(c);B((C((C(k,(C(k,(p(340,(V((V(305,k,[160,((V(307,(V(327,(V(236,k,(p(59,k,(p(127,k,(p(119,(V(421,k,(V(270,k,(p(87,(p(158,(p(396,k,(p(448,k,(k.on=(p(362,(k.E9=(p((p(250,k,(p(371,(V(15,(p(354,k,(V(352,k,((p(442,k,(p(227,k,(p(103,k,(p(11,k,(p(121,(V(289,(p(173,(V(409,k,(p(275,k,(p(317,(p(375,k,(p(432,((p((p(295,(V(278,k,(k.B0=(k.wE=(k.P0=function(y){this.C=y},k.u=(k.R=void 0,[]),k.F=((k.O=(k.N=void 0,void 0),k.Y=1,k.U=0,(k.Rn=[],k).C=k,c=window.performance||{},k.j=[],(k.J=0,k).T=0,k.B=0,k.S=((k.A=void 0,k.X=void 0,k).i=[],k.H=(k.P=(k.xh=false,[]),k.g=(k.G=0,25),0),k.L=(k.l=void 0,void 0),k.D=false,k.Z=8001,false),k).K=[],null),0),c).timeOrigin||(c.timing||{}).navigationStart||0,0)),V(426,k,0),k),function(y,e,K,N){V((e=v(y,(N=(K=(N=(e=u(y),u(y)),u(y)),v(y,N)),e)),K),y,e in N|0)}),163),k,function(y,e,K,N){!l(y,e,true,false)&&(e=re(y),N=e.Ck,K=e.h,y.C==y||K==y.P0&&N==y)&&(V(e.un,y,K.apply(N,e.o)),y.T=y.s())}),p)(341,k,function(y,e,K,N){if(N=y.Rn.pop()){for(K=P(y);0<K;K--)e=u(y),N[e]=y.u[e];y.u=(N[236]=y.u[236],N[307]=y.u[307],N)}else V(278,y,y.B)}),k),function(y,e){(e=v(y,u(y)),Uk)(e,y.C)}),function(y,e,K,N){(e=v(y,(N=v((K=(N=u((e=u(y),y)),u(y)),y),N),e))==N,V)(K,y,+e)})),k),function(y){xz(4,y)}),function(y,e,K,N,Q,Z){if(!l(y,e,true,true)){if("object"==(y=v((N=(Q=v((e=v((N=(e=(Q=(Z=u(y),u)(y),u(y)),u)(y),y),e),y),Q),v(y,N)),y),Z),qX)(y)){for(K in Z=[],y)Z.push(K);y=Z}for(Z=(e=0<e?e:1,K=y.length,0);Z<K;Z+=e)Q(y.slice(Z,(Z|0)+(e|0)),N)}})),p(193,k,function(y,e,K,N,Q){0!==(Q=v(y,(K=(e=v((N=v(y,(N=(Q=u((K=u(y),y)),e=u(y),u(y)),N)),y),e),v(y.C,K)),Q)),K)&&(N=Ba(e,N,y,1,K,Q),K.addEventListener(Q,N,W),V(270,y,[K,Q,N]))}),687)),k),function(y){sk(y,4)}),k),0),k),function(){}),function(y,e,K,N,Q,Z,w){for(w=(e=(K=(N=u(y),Z=eM(y),Q="",v(y,115)),K.length),0);Z--;)w=((w|0)+(eM(y)|0))%e,Q+=q[K[w]];V(N,y,Q)})),function(y,e,K){K=v((e=(K=(e=u(y),u(y)),0!=v(y,e)),y),K),e&&V(278,y,K)})),function(y,e,K,N,Q){for(K=(e=(N=u(y),eM)(y),0),Q=[];K<e;K++)Q.push(P(y));V(N,y,Q)})),function(y,e,K){(e=u((K=u(y),y)),V)(e,y,""+v(y,K))})),V)(408,k,[0,0,0]),[])),function(y,e,K,N,Q,Z,w,U,h,T,Y,J){function f(b,a){for(;e<b;)T|=P(y)<<e,e+=8;return T>>=(a=T&(e-=b,(1<<b)-1),b),a}for(K=(h=(U=(Y=(e=T=(Z=u(y),0),f(3)|0)+1,f(5)),0),[]),Q=0;Q<U;Q++)J=f(1),K.push(J),h+=J?0:1;for(Q=(N=(h=((h|0)-1).toString(2).length,[]),0);Q<U;Q++)K[Q]||(N[Q]=f(h));for(h=0;h<U;h++)K[h]&&(N[h]=u(y));for(w=[];Y--;)w.push(v(y,u(y)));p(Z,y,function(b,a,O,VB,X){for(O=(VB=(X=[],[]),0);O<U;O++){if(a=N[O],!K[O]){for(;a>=X.length;)X.push(u(b));a=X[a]}VB.push(a)}b.L=h8(b,w.slice()),b.N=h8(b,VB)})})),k),{}),k),function(y){al(y,1)}),function(y,e,K){l(y,e,true,false)||(e=u(y),K=u(y),V(K,y,function(N){return eval(N)}(Gu(v(y.C,e)))))})),499),k,function(y){sk(y,3)}),0),k),function(y,e,K,N){K=(N=P((e=u(y),y)),u(y)),V(K,y,v(y,e)>>>N)}),0),function(y,e,K,N){V((e=v(y,(N=v(y,(K=u((N=u(y),y)),N)),K)),K),y,e+N)})),function(y,e){y=(e=u(y),v)(y.C,e),y[0].removeEventListener(y[1],y[2],W)})),k),function(y,e,K,N,Q){V((K=v(y,(N=(Q=v(y,(Q=(N=(K=(e=u(y),u(y)),u(y)),u)(y),Q)),v(y,N)),K)),e),y,Ba(K,N,y,Q))}),k),function(y,e,K){V((K=v(y,(e=(K=u(y),u(y)),K)),K=qX(K),e),y,K)}),0)),S(4))),k),function(y,e,K,N,Q,Z){l(y,e,true,false)||(N=re(y.C),e=N.o,Z=N.Ck,Q=N.h,K=e.length,N=N.un,e=0==K?new Z[Q]:1==K?new Z[Q](e[0]):2==K?new Z[Q](e[0],e[1]):3==K?new Z[Q](e[0],e[1],e[2]):4==K?new Z[Q](e[0],e[1],e[2],e[3]):2(),V(N,y,e))}),function(y,e,K,N){N=u((e=u(y),y)),K=u(y),y.C==y&&(N=v(y,N),K=v(y,K),v(y,e)[N]=K,358==e&&(y.A=void 0,2==N&&(y.O=L(32,y,false),y.A=void 0)))})),function(y){al(y,4)})),[])),k),H),k),2048),k).an=0,0),0]),120),k,k),k),function(y,e,K,N){V((K=v((e=v(y,(N=u((K=u((e=u(y),y)),y)),e)),y),K),N),y,e[K])}),p(472,k,function(y,e,K,N){N=(e=u(y),u)(y),K=u(y),V(K,y,v(y,e)||v(y,N))}),[Rl])),[A,n])),k),[Il,R]),true),k,true)},J8=function(R,n){return d[R](d.prototype,{pop:n,replace:n,length:n,document:n,splice:n,parent:n,stack:n,floor:n,prototype:n,console:n,call:n,propertyIsEnumerable:n})},pX=function(R,n,k,q,c){for(q=(R=R.replace(/\\r\\n/g,"\\n"),n=0,[]),k=0;n<R.length;n++)c=R.charCodeAt(n),128>c?q[k++]=c:(2048>c?q[k++]=c>>6|192:(55296==(c&64512)&&n+1<R.length&&56320==(R.charCodeAt(n+1)&64512)?(c=65536+((c&1023)<<10)+(R.charCodeAt(++n)&1023),q[k++]=c>>18|240,q[k++]=c>>12&63|128):q[k++]=c>>12|224,q[k++]=c>>6&63|128),q[k++]=c&63|128);return q},LX=function(R,n,k,q,c,y){if(!n.R){n.J++;try{for(k=(q=(y=void 0,n).B,0);--R;)try{if((c=void 0,n).L)y=Zn(n,n.L);else{if(k=v(n,278),k>=q)break;y=(c=(V(426,n,k),u(n)),v)(n,c)}(y&&y[ue]&2048?y(n,R):M(n,0,[x,21,c]),l)(n,R,false,false)}catch(e){v(n,409)?M(n,22,e):V(409,n,e)}if(!R){if(n.Lk){n.J--,LX(338687074593,n);return}M(n,0,[x,33])}}catch(e){try{M(n,22,e)}catch(K){r(n,K)}}n.J--}},Zn=function(R,n){return(n=n.create().shift(),R.L.create()).length||R.N.create().length||(R.L=void 0,R.N=void 0),n},Dn=function(R,n,k,q){function c(){}return{invoke:(k=QB((q=void 0,R),function(y){c&&(n&&z(n),q=y,c(),c=void 0)},!!n)[0],function(y,e,K,N){function Q(){q(function(Z){z(function(){y(Z)})},K)}if(!e)return e=k(K),y&&y(e),e;q?Q():(N=c,c=function(){N(),z(Q)})})}},v=function(R,n){if(void 0===(R=R.u[n],R))throw[x,30,n];if(R.value)return R.create();return R.create(1*n*n+42*n+-40),R.prototype},D=function(R,n,k,q){for(k=(q=(R|0)-1,[]);0<=q;q--)k[(R|0)-1-(q|0)]=n>>8*q&255;return k},Uk=function(R,n){V(278,((n.Rn.push(n.u.slice()),n.u)[278]=void 0,n),R)},r=function(R,n){R.R=((R.R?R.R+"~":"E:")+n.message+":"+n.stack).slice(0,2048)},fX=function(R,n,k){return n.W(function(q){k=q},false,R),k},Ba=function(R,n,k,q,c,y){function e(){if(k.C==k){if(k.u){var K=[m,R,n,void 0,c,y,arguments];if(2==q)var N=B(false,(C(k,K),k),false);else if(1==q){var Q=!k.P.length;C(k,K),Q&&B(false,k,false)}else N=ca(k,K);return N}c&&y&&c.removeEventListener(y,e,W)}}return e},S=function(R,n){for(n=[];R--;)n.push(255*Math.random()|0);return n},ca=function(R,n,k,q,c){if(c=n[0],c==g)R.g=25,R.v(n);else if(c==F){q=n[1];try{k=R.R||R.v(n)}catch(y){r(R,y),k=R.R}q(k)}else if(c==jM)R.v(n);else if(c==A)R.v(n);else if(c==Il){try{for(k=0;k<R.j.length;k++)try{q=R.j[k],q[0][q[1]](q[2])}catch(y){}}catch(y){}(0,n[R.j=[],1])(function(y,e){R.W(y,true,e)},function(y){(C((y=!R.P.length,R),[ue]),y)&&B(false,R,true)})}else{if(c==m)return k=n[2],V(126,R,n[6]),V(15,R,k),R.v(n);c==ue?(R.K=[],R.i=[],R.u=null):c==Rl&&"loading"===H.document.readyState&&(R.F=function(y,e){function K(){e||(e=true,y())}H.document.addEventListener("DOMContentLoaded",(e=false,K),W),H.addEventListener("load",K,W)})}},al=function(R,n,k,q){G((k=u(R),q=u(R),q),R,D(n,v(R,k)))},$z=function(R,n){if((R=null,n=H.trustedTypes,!n)||!n.createPolicy)return R;try{R=n.createPolicy("bg",{createHTML:zu,createScript:zu,createScriptURL:zu})}catch(k){H.console&&H.console.error(k.message)}return R},zu=function(R){return R},M=function(R,n,k,q,c,y){if(!R.D){if((k=v(R,(n=(0==(q=((c=void 0,k&&k[0]===x)&&(c=k[2],n=k[1],k=void 0),v)(R,236),q).length&&(y=v(R,426)>>3,q.push(n,y>>8&255,y&255),void 0!=c&&q.push(c&255)),""),k&&(k.message&&(n+=k.message),k.stack&&(n+=":"+k.stack)),307)),3)<k){R.C=(c=(n=pX((k-=((n=n.slice(0,(k|0)-3),n.length)|0)+3,n)),R.C),R);try{G(421,R,D(2,n.length).concat(n),9)}finally{R.C=c}}V(307,R,k)}},H=this||self,t=function(R,n,k){k=this;try{Tu(n,R,this)}catch(q){r(this,q),n(function(c){c(k.R)})}},h8=function(R,n,k){return k=d[R.I](R.In),k[R.I]=function(){return n},k.concat=function(q){n=q},k},W={passive:true,capture:true},re=function(R,n,k,q,c,y){for(q=(c=(n=(k=u((y=R[le]||{},R)),y.un=u(R),y.o=[],R.C==R?(P(R)|0)-1:1),u(R)),0);q<n;q++)y.o.push(u(R));for(y.Ck=v(R,c);n--;)y.o[n]=v(R,y.o[n]);return y.h=v(R,k),y},z=H.requestIdleCallback?function(R){requestIdleCallback(function(){R()},{timeout:4})}:H.setImmediate?function(R){setImmediate(R)}:function(R){setTimeout(R,0)},de=function(R,n){n.push(R[0]<<24|R[1]<<16|R[2]<<8|R[3]),n.push(R[4]<<24|R[5]<<16|R[6]<<8|R[7]),n.push(R[8]<<24|R[9]<<16|R[10]<<8|R[11])},le=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),x=((t.prototype.V="toString",t.prototype.Lk=false,t).prototype.Qy=void 0,{}),g=[],Il=[],jM=[],A=[],m=[],ue=(t.prototype.kh=void 0,[]),F=[],Rl=[],d=(E=((de,function(){})(S),yB,Ek,t.prototype),E.zc=function(){return Math.floor(this.G+(this.s()-this.H))},x.constructor),va=(E.s=(t.prototype.I="create",(E.dE=(E.W=function(R,n,k,q,c){if((k="array"===qX(k)?k:[k],this).R)R(this.R);else try{q=!this.P.length,c=[],C(this,[g,c,k]),C(this,[F,R,c]),n&&!q||B(true,this,n)}catch(y){r(this,y),R(this.R)}},function(R,n,k,q,c,y){for(c=q=0,y=[];q<R.length;q++)for(c+=n,k=k<<n|R[q];7<c;)c-=8,y.push(k>>c&255);return y}),(E.eN=(E.s9=function(R,n,k){return((n=(n^=n<<13,n^=n>>17,(n^n<<5)&k))||(n=1),R)^n},function(R,n,k,q,c){for(q=c=0;c<R.length;c++)q+=R.charCodeAt(c),q+=q<<10,q^=q>>6;return c=new Number((q+=q<<3,q^=q>>11,R=q+(q<<15)>>>0,R&(1<<n)-1)),c[0]=(R>>>n)%k,c}),E.FH=function(){return Math.floor(this.s())},window.performance||{}).now)?function(){return this.B0+window.performance.now()}:function(){return+new Date}),void 0),CX=((t.prototype.v=function(R,n){return n={},va=(R={},function(){return n==R?-40:9}),function(k,q,c,y,e,K,N,Q,Z,w,U,h,T,Y,J){n=(Y=n,R);try{if(h=k[0],h==A){T=k[1];try{for(Q=(y=atob(T),e=[],K=0);Q<y.length;Q++)J=y.charCodeAt(Q),255<J&&(e[K++]=J&255,J>>=8),e[K++]=J;V(358,this,(this.B=(this.i=e,this.i).length<<3,[0,0,0]))}catch(f){M(this,17,f);return}LX(8001,this)}else if(h==g)k[1].push(v(this,307),v(this,421).length,v(this,352).length,v(this,305).length),V(15,this,k[2]),this.u[349]&&Pa(this,8001,v(this,349));else{if(h==F){this.C=(Z=(U=D(2,(v(this,(K=k[2],305)).length|0)+2),this.C),this);try{w=v(this,236),0<w.length&&G(305,this,D(2,w.length).concat(w),10),G(305,this,D(1,this.Y),109),G(305,this,D(1,this[F].length)),y=0,y-=(v(this,305).length|0)+5,y+=v(this,289)&2047,q=v(this,421),4<q.length&&(y-=(q.length|0)+3),0<y&&G(305,this,D(2,y).concat(S(y)),15),4<q.length&&G(305,this,D(2,q.length).concat(q),156)}finally{this.C=Z}if(c=((Q=S(2).concat(v(this,305)),Q[1]=Q[0]^6,Q[3]=Q[1]^U[0],Q)[4]=Q[1]^U[1],this.rE(Q)))c="!"+c;else for(c="",y=0;y<Q.length;y++)N=Q[y][this.V](16),1==N.length&&(N="0"+N),c+=N;return v(this,(v((v((V(307,this,(e=c,K.shift())),this),421).length=K.shift(),this),352).length=K.shift(),305)).length=K.shift(),e}if(h==jM)Pa(this,k[2],k[1]);else if(h==m)return Pa(this,8001,k[1])}}finally{n=Y}}}(),t.prototype).rE=function(R,n,k,q){if(n=window.btoa){for(q=(k=0,"");k<R.length;k+=8192)q+=String.fromCharCode.apply(null,R.slice(k,k+8192));R=n(q).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else R=void 0;return R},/./);(t.prototype.Ax=0,t.prototype).yy=0;var be,Fn=A.pop.bind((t.prototype[Il]=[0,0,1,1,0,1,1],t).prototype[g]),Gu=function(R,n){return(n=$z())&&1===R.eval(n.createScript("1"))?function(k){return n.createScript(k)}:function(k){return""+k}}(((be=J8(t.prototype.I,{get:(CX[t.prototype.V]=Fn,Fn)}),t.prototype).O9=void 0,H));40<(I=H.botguard||(H.botguard={}),I.m)||(I.m=41,I.bg=Dn,I.a=QB),I.bDL_=function(R,n,k){return k=new t(R,n),[function(q){return fX(q,k)}]};}).call(this);'));
}).call(this);
#2 JavaScript::Eval (size: 22) - SHA256: 2ed176c7f9d5b3c8ca6ccdb0e994b6ddc34944c41fc4db7451fd7a3d27fed6f1
0,
function(y) {
    xz(2, y)
}
#3 JavaScript::Eval (size: 22522) - SHA256: eefb4a992740c581a14d21765abe17506ffcd8e0edfdee880ab4d9d130cf82a8
(function() {
    var p = function(R, n, k) {
            k[V(R, n, k), Rl] = 2796
        },
        nX = function(R, n) {
            return R(function(k) {
                k(n)
            }), [function() {
                return n
            }]
        },
        kz = function(R, n, k, q, c) {
            for (n = (q = (c = n[3] | 0, 0), n[2]) | 0; 14 > q; q++) c = c >>> 8 | c << 24, k = k >>> 8 | k << 24, k += R | 0, c += n | 0, k ^= n + 2298, R = R << 3 | R >>> 29, c ^= q + 2298, R ^= k, n = n << 3 | n >>> 29, n ^= c;
            return [R >>> 24 & 255, R >>> 16 & 255, R >>> 8 & 255, R >>> 0 & 255, k >>> 24 & 255, k >>> 16 & 255, k >>> 8 & 255, k >>> 0 & 255]
        },
        E, L = function(R, n, k, q, c, y, e, K, N, Q, Z, w, U, h) {
            if (y = v(n, 278), y >= n.B) throw [x, 31];
            for (c = (K = 0, q = R, Q = y, n.c0.length); 0 < q;) Z = Q % 8, N = 8 - (Z | 0), N = N < q ? N : q, U = Q >> 3, w = n.i[U], k && (e = n, e.A != Q >> 6 && (e.A = Q >> 6, h = v(e, 358), e.l = kz(e.O, [0, 0, h[1], h[2]], e.A)), w ^= n.l[U & c]), K |= (w >> 8 - (Z | 0) - (N | 0) & (1 << N) - 1) << (q | 0) - (N | 0), Q += N, q -= N;
            return V(278, n, (k = K, (y | 0) + (R | 0))), k
        },
        yB = function(R, n, k, q) {
            try {
                q = R[((n | 0) + 2) % 3], R[n] = (R[n] | 0) - (R[((n | 0) + 1) % 3] | 0) - (q | 0) ^ (1 == n ? q << k : q >>> k)
            } catch (c) {
                throw c;
            }
        },
        eM = function(R, n) {
            return n = P(R), n & 128 && (n = n & 127 | P(R) << 7), n
        },
        qX = function(R, n, k) {
            if ((n = typeof R, "object") == n)
                if (R) {
                    if (R instanceof Array) return "array";
                    if (R instanceof Object) return n;
                    if ("[object Window]" == (k = Object.prototype.toString.call(R), k)) return "object";
                    if ("[object Array]" == k || "number" == typeof R.length && "undefined" != typeof R.splice && "undefined" != typeof R.propertyIsEnumerable && !R.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == k || "undefined" != typeof R.call && "undefined" != typeof R.propertyIsEnumerable && !R.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == n && "undefined" == typeof R.call) return "object";
            return n
        },
        C = function(R, n) {
            R.P.splice(0, 0, n)
        },
        G = function(R, n, k, q, c, y) {
            if (n.C == n)
                for (c = v(n, R), 421 == R ? (R = function(e, K, N, Q) {
                        if (c.mm != (Q = ((K = c.length, K) | 0) - 4 >> 3, Q)) {
                            Q = (c.mm = (N = [0, 0, y[1], y[2]], Q), (Q << 3) - 4);
                            try {
                                c.nk = kz(KX(c, Q), N, KX(c, (Q | 0) + 4))
                            } catch (Z) {
                                throw Z;
                            }
                        }
                        c.push(c.nk[K & 7] ^ e)
                    }, y = v(n, 408)) : R = function(e) {
                        c.push(e)
                    }, q && R(q & 255), n = k.length, q = 0; q < n; q++) R(k[q])
        },
        NX = function(R, n, k, q) {
            for (; R.P.length;) {
                k = (R.F = null, R).P.pop();
                try {
                    q = ca(R, k)
                } catch (c) {
                    r(R, c)
                }
                if (n && R.F) {
                    n = R.F, n(function() {
                        B(true, R, true)
                    });
                    break
                }
            }
            return q
        },
        QB = function(R, n, k, q) {
            return (q = I[R.substring(0, 3) + "_"]) ? q(R.substring(3), n, k) : nX(n, R)
        },
        sk = function(R, n, k, q, c) {
            G(((c = (k = u((c = u((q = n & 4, n &= 3, R)), R)), v(R, c)), q) && (c = pX("" + c)), n && G(k, R, D(2, c.length)), k), R, c)
        },
        l = function(R, n, k, q, c, y, e, K, N) {
            if ((R.C = (((K = (y = (N = (c = (e = 0 < (k || R.X++, R).U && R.S && R.xh && 1 >= R.J && !R.L && !R.F && (!k || 1 < R.Z - n) && 0 == document.hidden, 4 == R.X)) || e ? R.s() : R.T, N - R.T), y) >> 14, R).O && (R.O ^= K * (y << 2)), R).Y += K, K || R.C), c) || e) R.X = 0, R.T = N;
            if (!e || N - R.H < R.U - (q ? 255 : k ? 5 : 2)) return false;
            return !((V(278, (q = v(R, (R.Z = n, k ? 426 : 278)), R), R.B), R.P).push([jM, q, k ? n + 1 : n]), R.F = z, 0)
        },
        Ek = function(R, n, k) {
            if (3 == R.length) {
                for (k = 0; 3 > k; k++) n[k] += R[k];
                for (k = [(R = 0, 13), 8, 13, 12, 16, 5, 3, 10, 15]; 9 > R; R++) n[3](n, R % 3, k[R])
            }
        },
        u = function(R, n) {
            if (R.L) return Zn(R, R.N);
            return n = L(8, R, true), n & 128 && (n ^= 128, R = L(2, R, true), n = (n << 2) + (R | 0)), n
        },
        KX = function(R, n) {
            return R[n] << 24 | R[(n | 0) + 1] << 16 | R[(n | 0) + 2] << 8 | R[(n | 0) + 3]
        },
        we = function(R, n, k, q, c, y, e, K) {
            return (c = d[n.I]((k = [-2, 42, -72, -(y = va, 46), -26, -71, k, 61, (K = q & 7, 9), 2], n.MJ)), c)[n.I] = function(N) {
                e = N, K += 6 + 7 * q, K &= 7
            }, c.concat = function(N) {
                return (N = (e = (N = +(N = R % 16 + 1, k)[K + 59 & 7] * R * N - N * e - -2440 * e + (y() | 0) * N + 1 * R * R * N - 2562 * R * e - 61 * R * R * e + K + 61 * e * e, void 0), k[N]), k[(K + 69 & 7) + (q & 2)] = N, k)[K + (q & 2)] = 42, N
            }, c
        },
        V = function(R, n, k) {
            if (278 == R || 426 == R) n.u[R] ? n.u[R].concat(k) : n.u[R] = h8(n, k);
            else {
                if (n.D && 358 != R) return;
                305 == R || 421 == R || 352 == R || 236 == R || 408 == R ? n.u[R] || (n.u[R] = we(R, n, k, 54)) : n.u[R] = we(R, n, k, 113)
            }
            358 == R && (n.O = L(32, n, false), n.A = void 0)
        },
        P = function(R) {
            return R.L ? Zn(R, R.N) : L(8, R, true)
        },
        B = function(R, n, k, q, c, y) {
            if (n.P.length) {
                (n.S = !(n.S && 0(), 0), n).xh = k;
                try {
                    q = n.s(), n.H = q, n.T = q, n.X = 0, c = NX(n, k), y = n.s() - n.H, n.G += y, y < (R ? 0 : 10) || 0 >= n.g-- || (y = Math.floor(y), n.K.push(254 >= y ? y : 254))
                } finally {
                    n.S = false
                }
                return c
            }
        },
        xz = function(R, n, k, q) {
            for (k = (q = u(n), 0); 0 < R; R--) k = k << 8 | P(n);
            V(q, n, k)
        },
        I, Pa = function(R, n, k, q) {
            return v(R, (LX((q = v(R, 278), R.i && q < R.B ? (V(278, R, R.B), Uk(k, R)) : V(278, R, k), n), R), V(278, R, q), 15))
        },
        Tu = function(R, n, k, q, c) {
            for (c = (q = (k.In = (k.MJ = J8(k.I, (k.v0 = (k.NJ = be, CX), k.c0 = k[F], {get: function() {
                        return this.concat()
                    }
                })), d)[k.I](k.MJ, {
                    value: {
                        value: {}
                    }
                }), []), 0); 128 > c; c++) q[c] = String.fromCharCode(c);
            B((C((C(k, (C(k, (p(340, (V((V(305, k, [160, ((V(307, (V(327, (V(236, k, (p(59, k, (p(127, k, (p(119, (V(421, k, (V(270, k, (p(87, (p(158, (p(396, k, (p(448, k, (k.on = (p(362, (k.E9 = (p((p(250, k, (p(371, (V(15, (p(354, k, (V(352, k, ((p(442, k, (p(227, k, (p(103, k, (p(11, k, (p(121, (V(289, (p(173, (V(409, k, (p(275, k, (p(317, (p(375, k, (p(432, ((p((p(295, (V(278, k, (k.B0 = (k.wE = (k.P0 = function(y) {
                this.C = y
            }, k.u = (k.R = void 0, []), k.F = ((k.O = (k.N = void 0, void 0), k.Y = 1, k.U = 0, (k.Rn = [], k).C = k, c = window.performance || {}, k.j = [], (k.J = 0, k).T = 0, k.B = 0, k.S = ((k.A = void 0, k.X = void 0, k).i = [], k.H = (k.P = (k.xh = false, []), k.g = (k.G = 0, 25), 0), k.L = (k.l = void 0, void 0), k.D = false, k.Z = 8001, false), k).K = [], null), 0), c).timeOrigin || (c.timing || {}).navigationStart || 0, 0)), V(426, k, 0), k), function(y, e, K, N) {
                V((e = v(y, (N = (K = (N = (e = u(y), u(y)), u(y)), v(y, N)), e)), K), y, e in N | 0)
            }), 163), k, function(y, e, K, N) {
                !l(y, e, true, false) && (e = re(y), N = e.Ck, K = e.h, y.C == y || K == y.P0 && N == y) && (V(e.un, y, K.apply(N, e.o)), y.T = y.s())
            }), p)(341, k, function(y, e, K, N) {
                if (N = y.Rn.pop()) {
                    for (K = P(y); 0 < K; K--) e = u(y), N[e] = y.u[e];
                    y.u = (N[236] = y.u[236], N[307] = y.u[307], N)
                } else V(278, y, y.B)
            }), k), function(y, e) {
                (e = v(y, u(y)), Uk)(e, y.C)
            }), function(y, e, K, N) {
                (e = v(y, (N = v((K = (N = u((e = u(y), y)), u(y)), y), N), e)) == N, V)(K, y, +e)
            })), k), function(y) {
                xz(4, y)
            }), function(y, e, K, N, Q, Z) {
                if (!l(y, e, true, true)) {
                    if ("object" == (y = v((N = (Q = v((e = v((N = (e = (Q = (Z = u(y), u)(y), u(y)), u)(y), y), e), y), Q), v(y, N)), y), Z), qX)(y)) {
                        for (K in Z = [], y) Z.push(K);
                        y = Z
                    }
                    for (Z = (e = 0 < e ? e : 1, K = y.length, 0); Z < K; Z += e) Q(y.slice(Z, (Z | 0) + (e | 0)), N)
                }
            })), p(193, k, function(y, e, K, N, Q) {
                0 !== (Q = v(y, (K = (e = v((N = v(y, (N = (Q = u((K = u(y), y)), e = u(y), u(y)), N)), y), e), v(y.C, K)), Q)), K) && (N = Ba(e, N, y, 1, K, Q), K.addEventListener(Q, N, W), V(270, y, [K, Q, N]))
            }), 687)), k), function(y) {
                sk(y, 4)
            }), k), 0), k), function() {}), function(y, e, K, N, Q, Z, w) {
                for (w = (e = (K = (N = u(y), Z = eM(y), Q = "", v(y, 115)), K.length), 0); Z--;) w = ((w | 0) + (eM(y) | 0)) % e, Q += q[K[w]];
                V(N, y, Q)
            })), function(y, e, K) {
                K = v((e = (K = (e = u(y), u(y)), 0 != v(y, e)), y), K), e && V(278, y, K)
            })), function(y, e, K, N, Q) {
                for (K = (e = (N = u(y), eM)(y), 0), Q = []; K < e; K++) Q.push(P(y));
                V(N, y, Q)
            })), function(y, e, K) {
                (e = u((K = u(y), y)), V)(e, y, "" + v(y, K))
            })), V)(408, k, [0, 0, 0]), [])), function(y, e, K, N, Q, Z, w, U, h, T, Y, J) {
                function f(b, a) {
                    for (; e < b;) T |= P(y) << e, e += 8;
                    return T >>= (a = T & (e -= b, (1 << b) - 1), b), a
                }
                for (K = (h = (U = (Y = (e = T = (Z = u(y), 0), f(3) | 0) + 1, f(5)), 0), []), Q = 0; Q < U; Q++) J = f(1), K.push(J), h += J ? 0 : 1;
                for (Q = (N = (h = ((h | 0) - 1).toString(2).length, []), 0); Q < U; Q++) K[Q] || (N[Q] = f(h));
                for (h = 0; h < U; h++) K[h] && (N[h] = u(y));
                for (w = []; Y--;) w.push(v(y, u(y)));
                p(Z, y, function(b, a, O, VB, X) {
                    for (O = (VB = (X = [], []), 0); O < U; O++) {
                        if (a = N[O], !K[O]) {
                            for (; a >= X.length;) X.push(u(b));
                            a = X[a]
                        }
                        VB.push(a)
                    }
                    b.L = h8(b, w.slice()), b.N = h8(b, VB)
                })
            })), k), {}), k), function(y) {
                al(y, 1)
            }), function(y, e, K) {
                l(y, e, true, false) || (e = u(y), K = u(y), V(K, y, function(N) {
                    return eval(N)
                }(Gu(v(y.C, e)))))
            })), 499), k, function(y) {
                sk(y, 3)
            }), 0), k), function(y, e, K, N) {
                K = (N = P((e = u(y), y)), u(y)), V(K, y, v(y, e) >>> N)
            }), 0), function(y, e, K, N) {
                V((e = v(y, (N = v(y, (K = u((N = u(y), y)), N)), K)), K), y, e + N)
            })), function(y, e) {
                y = (e = u(y), v)(y.C, e), y[0].removeEventListener(y[1], y[2], W)
            })), k), function(y, e, K, N, Q) {
                V((K = v(y, (N = (Q = v(y, (Q = (N = (K = (e = u(y), u(y)), u(y)), u)(y), Q)), v(y, N)), K)), e), y, Ba(K, N, y, Q))
            }), k), function(y, e, K) {
                V((K = v(y, (e = (K = u(y), u(y)), K)), K = qX(K), e), y, K)
            }), 0)), S(4))), k), function(y, e, K, N, Q, Z) {
                l(y, e, true, false) || (N = re(y.C), e = N.o, Z = N.Ck, Q = N.h, K = e.length, N = N.un, e = 0 == K ? new Z[Q] : 1 == K ? new Z[Q](e[0]) : 2 == K ? new Z[Q](e[0], e[1]) : 3 == K ? new Z[Q](e[0], e[1], e[2]) : 4 == K ? new Z[Q](e[0], e[1], e[2], e[3]) : 2(), V(N, y, e))
            }), function(y, e, K, N) {
                N = u((e = u(y), y)), K = u(y), y.C == y && (N = v(y, N), K = v(y, K), v(y, e)[N] = K, 358 == e && (y.A = void 0, 2 == N && (y.O = L(32, y, false), y.A = void 0)))
            })), function(y) {
                al(y, 4)
            })), [])), k), H), k), 2048), k).an = 0, 0), 0]), 120), k, k), k), function(y, e, K, N) {
                V((K = v((e = v(y, (N = u((K = u((e = u(y), y)), y)), e)), y), K), N), y, e[K])
            }), p(472, k, function(y, e, K, N) {
                N = (e = u(y), u)(y), K = u(y), V(K, y, v(y, e) || v(y, N))
            }), [Rl])), [A, n])), k), [Il, R]), true), k, true)
        },
        J8 = function(R, n) {
            return d[R](d.prototype, {
                pop: n,
                replace: n,
                length: n,
                document: n,
                splice: n,
                parent: n,
                stack: n,
                floor: n,
                prototype: n,
                console: n,
                call: n,
                propertyIsEnumerable: n
            })
        },
        pX = function(R, n, k, q, c) {
            for (q = (R = R.replace(/\r\n/g, "\n"), n = 0, []), k = 0; n < R.length; n++) c = R.charCodeAt(n), 128 > c ? q[k++] = c : (2048 > c ? q[k++] = c >> 6 | 192 : (55296 == (c & 64512) && n + 1 < R.length && 56320 == (R.charCodeAt(n + 1) & 64512) ? (c = 65536 + ((c & 1023) << 10) + (R.charCodeAt(++n) & 1023), q[k++] = c >> 18 | 240, q[k++] = c >> 12 & 63 | 128) : q[k++] = c >> 12 | 224, q[k++] = c >> 6 & 63 | 128), q[k++] = c & 63 | 128);
            return q
        },
        LX = function(R, n, k, q, c, y) {
            if (!n.R) {
                n.J++;
                try {
                    for (k = (q = (y = void 0, n).B, 0); --R;) try {
                        if ((c = void 0, n).L) y = Zn(n, n.L);
                        else {
                            if (k = v(n, 278), k >= q) break;
                            y = (c = (V(426, n, k), u(n)), v)(n, c)
                        }(y && y[ue] & 2048 ? y(n, R) : M(n, 0, [x, 21, c]), l)(n, R, false, false)
                    } catch (e) {
                        v(n, 409) ? M(n, 22, e) : V(409, n, e)
                    }
                    if (!R) {
                        if (n.Lk) {
                            n.J--, LX(338687074593, n);
                            return
                        }
                        M(n, 0, [x, 33])
                    }
                } catch (e) {
                    try {
                        M(n, 22, e)
                    } catch (K) {
                        r(n, K)
                    }
                }
                n.J--
            }
        },
        Zn = function(R, n) {
            return (n = n.create().shift(), R.L.create()).length || R.N.create().length || (R.L = void 0, R.N = void 0), n
        },
        Dn = function(R, n, k, q) {
            function c() {}
            return {
                invoke: (k = QB((q = void 0, R), function(y) {
                    c && (n && z(n), q = y, c(), c = void 0)
                }, !!n)[0], function(y, e, K, N) {
                    function Q() {
                        q(function(Z) {
                            z(function() {
                                y(Z)
                            })
                        }, K)
                    }
                    if (!e) return e = k(K), y && y(e), e;
                    q ? Q() : (N = c, c = function() {
                        N(), z(Q)
                    })
                })
            }
        },
        v = function(R, n) {
            if (void 0 === (R = R.u[n], R)) throw [x, 30, n];
            if (R.value) return R.create();
            return R.create(1 * n * n + 42 * n + -40), R.prototype
        },
        D = function(R, n, k, q) {
            for (k = (q = (R | 0) - 1, []); 0 <= q; q--) k[(R | 0) - 1 - (q | 0)] = n >> 8 * q & 255;
            return k
        },
        Uk = function(R, n) {
            V(278, ((n.Rn.push(n.u.slice()), n.u)[278] = void 0, n), R)
        },
        r = function(R, n) {
            R.R = ((R.R ? R.R + "~" : "E:") + n.message + ":" + n.stack).slice(0, 2048)
        },
        fX = function(R, n, k) {
            return n.W(function(q) {
                k = q
            }, false, R), k
        },
        Ba = function(R, n, k, q, c, y) {
            function e() {
                if (k.C == k) {
                    if (k.u) {
                        var K = [m, R, n, void 0, c, y, arguments];
                        if (2 == q) var N = B(false, (C(k, K), k), false);
                        else if (1 == q) {
                            var Q = !k.P.length;
                            C(k, K), Q && B(false, k, false)
                        } else N = ca(k, K);
                        return N
                    }
                    c && y && c.removeEventListener(y, e, W)
                }
            }
            return e
        },
        S = function(R, n) {
            for (n = []; R--;) n.push(255 * Math.random() | 0);
            return n
        },
        ca = function(R, n, k, q, c) {
            if (c = n[0], c == g) R.g = 25, R.v(n);
            else if (c == F) {
                q = n[1];
                try {
                    k = R.R || R.v(n)
                } catch (y) {
                    r(R, y), k = R.R
                }
                q(k)
            } else if (c == jM) R.v(n);
            else if (c == A) R.v(n);
            else if (c == Il) {
                try {
                    for (k = 0; k < R.j.length; k++) try {
                        q = R.j[k], q[0][q[1]](q[2])
                    } catch (y) {}
                } catch (y) {}(0, n[R.j = [], 1])(function(y, e) {
                    R.W(y, true, e)
                }, function(y) {
                    (C((y = !R.P.length, R), [ue]), y) && B(false, R, true)
                })
            } else {
                if (c == m) return k = n[2], V(126, R, n[6]), V(15, R, k), R.v(n);
                c == ue ? (R.K = [], R.i = [], R.u = null) : c == Rl && "loading" === H.document.readyState && (R.F = function(y, e) {
                    function K() {
                        e || (e = true, y())
                    }
                    H.document.addEventListener("DOMContentLoaded", (e = false, K), W), H.addEventListener("load", K, W)
                })
            }
        },
        al = function(R, n, k, q) {
            G((k = u(R), q = u(R), q), R, D(n, v(R, k)))
        },
        $z = function(R, n) {
            if ((R = null, n = H.trustedTypes, !n) || !n.createPolicy) return R;
            try {
                R = n.createPolicy("bg", {
                    createHTML: zu,
                    createScript: zu,
                    createScriptURL: zu
                })
            } catch (k) {
                H.console && H.console.error(k.message)
            }
            return R
        },
        zu = function(R) {
            return R
        },
        M = function(R, n, k, q, c, y) {
            if (!R.D) {
                if ((k = v(R, (n = (0 == (q = ((c = void 0, k && k[0] === x) && (c = k[2], n = k[1], k = void 0), v)(R, 236), q).length && (y = v(R, 426) >> 3, q.push(n, y >> 8 & 255, y & 255), void 0 != c && q.push(c & 255)), ""), k && (k.message && (n += k.message), k.stack && (n += ":" + k.stack)), 307)), 3) < k) {
                    R.C = (c = (n = pX((k -= ((n = n.slice(0, (k | 0) - 3), n.length) | 0) + 3, n)), R.C), R);
                    try {
                        G(421, R, D(2, n.length).concat(n), 9)
                    } finally {
                        R.C = c
                    }
                }
                V(307, R, k)
            }
        },
        H = this || self,
        t = function(R, n, k) {
            k = this;
            try {
                Tu(n, R, this)
            } catch (q) {
                r(this, q), n(function(c) {
                    c(k.R)
                })
            }
        },
        h8 = function(R, n, k) {
            return k = d[R.I](R.In), k[R.I] = function() {
                return n
            }, k.concat = function(q) {
                n = q
            }, k
        },
        W = {
            passive: true,
            capture: true
        },
        re = function(R, n, k, q, c, y) {
            for (q = (c = (n = (k = u((y = R[le] || {}, R)), y.un = u(R), y.o = [], R.C == R ? (P(R) | 0) - 1 : 1), u(R)), 0); q < n; q++) y.o.push(u(R));
            for (y.Ck = v(R, c); n--;) y.o[n] = v(R, y.o[n]);
            return y.h = v(R, k), y
        },
        z = H.requestIdleCallback ? function(R) {
            requestIdleCallback(function() {
                R()
            }, {
                timeout: 4
            })
        } : H.setImmediate ? function(R) {
            setImmediate(R)
        } : function(R) {
            setTimeout(R, 0)
        },
        de = function(R, n) {
            n.push(R[0] << 24 | R[1] << 16 | R[2] << 8 | R[3]), n.push(R[4] << 24 | R[5] << 16 | R[6] << 8 | R[7]), n.push(R[8] << 24 | R[9] << 16 | R[10] << 8 | R[11])
        },
        le = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        x = ((t.prototype.V = "toString", t.prototype.Lk = false, t).prototype.Qy = void 0, {}),
        g = [],
        Il = [],
        jM = [],
        A = [],
        m = [],
        ue = (t.prototype.kh = void 0, []),
        F = [],
        Rl = [],
        d = (E = ((de, function() {})(S), yB, Ek, t.prototype), E.zc = function() {
            return Math.floor(this.G + (this.s() - this.H))
        }, x.constructor),
        va = (E.s = (t.prototype.I = "create", (E.dE = (E.W = function(R, n, k, q, c) {
            if ((k = "array" === qX(k) ? k : [k], this).R) R(this.R);
            else try {
                q = !this.P.length, c = [], C(this, [g, c, k]), C(this, [F, R, c]), n && !q || B(true, this, n)
            } catch (y) {
                r(this, y), R(this.R)
            }
        }, function(R, n, k, q, c, y) {
            for (c = q = 0, y = []; q < R.length; q++)
                for (c += n, k = k << n | R[q]; 7 < c;) c -= 8, y.push(k >> c & 255);
            return y
        }), (E.eN = (E.s9 = function(R, n, k) {
            return ((n = (n ^= n << 13, n ^= n >> 17, (n ^ n << 5) & k)) || (n = 1), R) ^ n
        }, function(R, n, k, q, c) {
            for (q = c = 0; c < R.length; c++) q += R.charCodeAt(c), q += q << 10, q ^= q >> 6;
            return c = new Number((q += q << 3, q ^= q >> 11, R = q + (q << 15) >>> 0, R & (1 << n) - 1)), c[0] = (R >>> n) % k, c
        }), E.FH = function() {
            return Math.floor(this.s())
        }, window.performance || {}).now) ? function() {
            return this.B0 + window.performance.now()
        } : function() {
            return +new Date
        }), void 0),
        CX = ((t.prototype.v = function(R, n) {
            return n = {}, va = (R = {}, function() {
                    return n == R ? -40 : 9
                }),
                function(k, q, c, y, e, K, N, Q, Z, w, U, h, T, Y, J) {
                    n = (Y = n, R);
                    try {
                        if (h = k[0], h == A) {
                            T = k[1];
                            try {
                                for (Q = (y = atob(T), e = [], K = 0); Q < y.length; Q++) J = y.charCodeAt(Q), 255 < J && (e[K++] = J & 255, J >>= 8), e[K++] = J;
                                V(358, this, (this.B = (this.i = e, this.i).length << 3, [0, 0, 0]))
                            } catch (f) {
                                M(this, 17, f);
                                return
                            }
                            LX(8001, this)
                        } else if (h == g) k[1].push(v(this, 307), v(this, 421).length, v(this, 352).length, v(this, 305).length), V(15, this, k[2]), this.u[349] && Pa(this, 8001, v(this, 349));
                        else {
                            if (h == F) {
                                this.C = (Z = (U = D(2, (v(this, (K = k[2], 305)).length | 0) + 2), this.C), this);
                                try {
                                    w = v(this, 236), 0 < w.length && G(305, this, D(2, w.length).concat(w), 10), G(305, this, D(1, this.Y), 109), G(305, this, D(1, this[F].length)), y = 0, y -= (v(this, 305).length | 0) + 5, y += v(this, 289) & 2047, q = v(this, 421), 4 < q.length && (y -= (q.length | 0) + 3), 0 < y && G(305, this, D(2, y).concat(S(y)), 15), 4 < q.length && G(305, this, D(2, q.length).concat(q), 156)
                                } finally {
                                    this.C = Z
                                }
                                if (c = ((Q = S(2).concat(v(this, 305)), Q[1] = Q[0] ^ 6, Q[3] = Q[1] ^ U[0], Q)[4] = Q[1] ^ U[1], this.rE(Q))) c = "!" + c;
                                else
                                    for (c = "", y = 0; y < Q.length; y++) N = Q[y][this.V](16), 1 == N.length && (N = "0" + N), c += N;
                                return v(this, (v((v((V(307, this, (e = c, K.shift())), this), 421).length = K.shift(), this), 352).length = K.shift(), 305)).length = K.shift(), e
                            }
                            if (h == jM) Pa(this, k[2], k[1]);
                            else if (h == m) return Pa(this, 8001, k[1])
                        }
                    } finally {
                        n = Y
                    }
                }
        }(), t.prototype).rE = function(R, n, k, q) {
            if (n = window.btoa) {
                for (q = (k = 0, ""); k < R.length; k += 8192) q += String.fromCharCode.apply(null, R.slice(k, k + 8192));
                R = n(q).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else R = void 0;
            return R
        }, /./);
    (t.prototype.Ax = 0, t.prototype).yy = 0;
    var be, Fn = A.pop.bind((t.prototype[Il] = [0, 0, 1, 1, 0, 1, 1], t).prototype[g]),
        Gu = function(R, n) {
            return (n = $z()) && 1 === R.eval(n.createScript("1")) ? function(k) {
                return n.createScript(k)
            } : function(k) {
                return "" + k
            }
        }(((be = J8(t.prototype.I, {get: (CX[t.prototype.V] = Fn, Fn)
        }), t.prototype).O9 = void 0, H));
    40 < (I = H.botguard || (H.botguard = {}), I.m) || (I.m = 41, I.bg = Dn, I.a = QB), I.bDL_ = function(R, n, k) {
        return k = new t(R, n), [function(q) {
            return fX(q, k)
        }]
    };
}).call(this);
#4 JavaScript::Eval (size: 22) - SHA256: 9bb0c662c12831d4a6a9d504b2534e28f08b91591da1303a05ad2b3e12a6e49e
0,
function(y) {
    xz(1, y)
}
#5 JavaScript::Eval (size: 64) - SHA256: cc158dc49db31ac40a09769c14f1e96ce12d8ee44ddb54a5321c32cd0536ef78
0,
function(y, e, K) {
    (e = (K = u((e = u(y), y)), y.u[e] && v(y, e)), V)(K, y, e)
}

Executed Writes (0)


HTTP Transactions (58)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: aviva-group-emailverification.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         52.19.31.233
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN
Location: https://www.squarehealth.com/
Content-Length: 213
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   213
Md5:    6d61088bbc1a05a48cd1b609554eead5
Sha1:   22be2aace2a56978628d0232d306191eedff74cf
Sha256: c317bf84564b3f21d822dd24f30dd8281fc9de1b01b0760cbdf78d6b9eb8f7df

Alerts:
  Blocklists:
    - openphish: PayPal Inc.
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6778
Expires: Fri, 09 Dec 2022 15:43:23 GMT
Date: Fri, 09 Dec 2022 13:50:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11918
Expires: Fri, 09 Dec 2022 17:09:03 GMT
Date: Fri, 09 Dec 2022 13:50:25 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 13:08:18 GMT
age: 2527
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8017
Expires: Fri, 09 Dec 2022 16:04:02 GMT
Date: Fri, 09 Dec 2022 13:50:25 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: ++4p1M0nVBLIqlerhoDzvcJEJLu7ii5Broizf2fTBqLidayKLG91GNSbI8shJf1L1xz4yRIcraU=
x-amz-request-id: 7WRMKPBZFF03FT75
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 13:50:16 GMT
age: 9
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 09 Dec 2022 13:50:25 GMT
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 13:50:25 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Dec 2022 06:29:57 GMT
Expires: Thu, 15 Dec 2022 06:29:56 GMT
Etag: "407aa021bff0569ca546d4ae6a9e1d05e542d625"
Cache-Control: max-age=491370,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776e35afcd85b529-OSL

                                        
                                            GET / HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=631138519; includeSubDomains
Link: <https://www.squarehealth.com/wp-json/>; rel="https://api.w.org/", <https://www.squarehealth.com/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://www.squarehealth.com/>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Content-Length: 13480
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047)
Size:   13480
Md5:    1e80ef11d9720c5538715f9c2f7247bf
Sha1:   82a6eaf3888361f38889b5081da6fc9b914c1aa9
Sha256: 40e94d5ec01f1e416eb182968dee81431e8682399622d4452ef30cc0a359ae02
                                        
                                            GET /wp-content/themes/sqhc/style.css?1665135116 HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Fri, 07 Oct 2022 09:31:56 GMT
ETag: "114d9-5ea6e7b238d2c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Content-Length: 11689
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65485)
Size:   11689
Md5:    a9736b87f8f787fc802e6f6f1cb3ad63
Sha1:   532f8c9aa5d6ad07975d3b3a4850511dd0041ba3
Sha256: c9567bafb55c316971dcac11f910c032b1d17afc75b8443d05d24a3cb2cfd582
                                        
                                            GET /jquery-3.6.0.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.squarehealth.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 09 Dec 2022 13:50:25 GMT
content-encoding: gzip
content-length: 30875
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670593825.dop021.sk1.t,1670593825.cds214.sk1.hn,1670593825.cds210.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30875
Md5:    899f0189aaf034bbba5340f724d91dfa
Sha1:   210ea9de03968edb9d839ba4a0ce2d48666a8ab8
Sha256: 949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
                                        
                                            GET /wp-content/plugins/uk-cookie-consent/assets/js/uk-cookie-consent-js.js?ver=5.9.1 HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 17 Feb 2022 08:02:15 GMT
ETag: "6f1-5d8322f344ecc-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Content-Length: 711
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   711
Md5:    545c02f04e5a81d5bca8d76d9fb0c975
Sha1:   da73e6c70cd43bebd168f02742ff810b4ef549e6
Sha256: fbc0430b06aa945e5b5c8dab92ef0cf83defcf40663fd8f778dc0f2f17eb7306
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 13:50:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 13:07:55 GMT
age: 2550
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /wp-content/plugins/uk-cookie-consent/assets/css/style.css?ver=5.9.1 HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 17 Feb 2022 08:02:15 GMT
ETag: "1230-5d8322f345e6c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Content-Length: 1085
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1085
Md5:    70bfd015aacf0f89698e53e73322a4d2
Sha1:   27528d8beb369f74e25a584862566d94d438f0b3
Sha256: d742ed582c9aa664f8841ec9cade44c45624ada242f3e13d47150fddb4b9e88a
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6 HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 07 Mar 2022 06:26:53 GMT
ETag: "aab-5d99af344c60c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Content-Length: 972
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   972
Md5:    8bf268dfcca7cb20719b7ea14373ef4a
Sha1:   58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
Sha256: eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6 HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 07 Mar 2022 06:26:53 GMT
ETag: "25f8-5d99af344c60c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Content-Length: 3286
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (9720), with no line terminators
Size:   3286
Md5:    4ac0d5ab8d83806d59c4e1f7bf0a855a
Sha1:   81153a2f5e3a21febe9ede53c9f0073da3e14829
Sha256: 605fd4e7f4d3fbb5505bb81e3f72c685b6ef411c27cde2f7bab2787c3d870b10
                                        
                                            GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 07 Mar 2022 06:24:25 GMT
ETag: "4b3d-5d99aea745d6c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Content-Length: 7013
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (19111)
Size:   7013
Md5:    3d97cdcc7f05c2b5782d39b135850bc3
Sha1:   d4427472e22221d71413745415a7b1e959da28f3
Sha256: 3b9a4010e3156a9143b38a24e91a5b34d898b1eeab165f49cda8c16212a968f7
                                        
                                            GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 07 Mar 2022 06:24:25 GMT
ETag: "195e-5d99aea745d6c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Content-Length: 2422
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (6494), with no line terminators
Size:   2422
Md5:    c16f2821df385b57b616cb7c867e1253
Sha1:   6327ed04bc2d7c294db8358cdf8b06ff62c3eb13
Sha256: ff1c71b966df6e007b9175772a52be12d7dd9b65aafcb78a55046f60e792ae42
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9.1 HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 07 Mar 2022 06:24:25 GMT
ETag: "145a9-5d99aea7670ac-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Content-Length: 11191
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (39759)
Size:   11191
Md5:    bfa398b8f599a6feadb0929ecbb1b5c9
Sha1:   c9d4356c293014f82e31f2a1b68d16c3496779ac
Sha256: a35cdc3026b5098c1bfc7c9ab02e4489e3634a7b1477828e7e70e34b16dbf465
                                        
                                            GET /wp-content/plugins/uk-cookie-consent/assets/js/uk-cookie-consent-js.js?ver=2.3.0 HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 17 Feb 2022 08:02:15 GMT
ETag: "6f1-5d8322f344ecc-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Content-Length: 711
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   711
Md5:    545c02f04e5a81d5bca8d76d9fb0c975
Sha1:   da73e6c70cd43bebd168f02742ff810b4ef549e6
Sha256: fbc0430b06aa945e5b5c8dab92ef0cf83defcf40663fd8f778dc0f2f17eb7306
                                        
                                            GET /recaptcha/api.js?render=6LdEoj4iAAAAAJmUNyiXfkxDre3Kfd0ysyaX1gC8&ver=3.0 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.211.4
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Fri, 09 Dec 2022 13:50:25 GMT
date: Fri, 09 Dec 2022 13:50:25 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   582
Md5:    a998483cd6d0ddbfa0f49305a2d81853
Sha1:   939a7875965d21f0da92d417cb969e4708528d43
Sha256: a766eb7dc78a284411ee765dcc36113b293dde30a1217b73bebb181e6cb644e2
                                        
                                            GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.6 HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 07 Mar 2022 06:26:53 GMT
ETag: "3e7-5d99af344a6cc-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Content-Length: 507
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (999), with no line terminators
Size:   507
Md5:    22f32f77e17fa7640cda0a401c2b0844
Sha1:   019765feeed7ea2a9e9e506ce000978ea3ecd171
Sha256: 269c0f075ceb9464731b25afc21ae41536b76ef76bf0cf856c42e3e6311ec6ce
                                        
                                            GET /wp-content/themes/sqhc/js/all.js HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 17 Feb 2022 08:02:10 GMT
ETag: "4863-5d8322eee4cec-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Content-Length: 5219
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (560)
Size:   5219
Md5:    b28e43fe071511cdd9ff49e85eb4eace
Sha1:   3afcea82ed18ef9a1bc60b1d502c3a85425a4993
Sha256: 93eeb0231e13a6a3dd1cb0f06384f0606d779b0e8027b921e93ddec75aba55a9
                                        
                                            GET /wp-content/themes/sqhc/images/pink-down-icon.svg HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 17 Feb 2022 08:02:10 GMT
ETag: "1e2-5d8322eefc3ec-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Content-Length: 351
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   351
Md5:    a19b752a78ecb73f5e79a7e6a1148ee5
Sha1:   865dbd63d9d8171ebff87987f8f09e2c857339b1
Sha256: 2f82a15fd28fb8c834b017f2e07250fbfb8c776a0f7c3108b3be46360312613f
                                        
                                            GET /wp-content/themes/sqhc/images/logo.svg HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 17 Feb 2022 08:02:10 GMT
ETag: "171e-5d8322eefb44c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Content-Length: 2389
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5383)
Size:   2389
Md5:    8f6fe487a55fa8f5f214565fb855ea4c
Sha1:   a7cd763031719aad0617c69666b5d4ec4a7e7791
Sha256: 90aa245b6a0aaa60685be94a74cf693005babafff95f47eaeba2cfbf7736bfa0
                                        
                                            GET /wp-content/themes/sqhc/images/white-down-arrow.svg HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 17 Feb 2022 08:02:10 GMT
ETag: "1f0-5d8322eef75cc-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Content-Length: 356
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   356
Md5:    ca4ea4ae2f3efd138712b2dbfa05ed8a
Sha1:   26439f991df9fa963e39326184bf2bdd159ac672
Sha256: 011b97b15ea9c80e7c7dbb40b7c7a4b78302a976123006bdc4a89b5a78ea0aa9
                                        
                                            GET /wp-content/themes/sqhc/images/boxes-purple-reverse.svg HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 17 Feb 2022 08:02:10 GMT
ETag: "39d0-5d8322eef662c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Content-Length: 4076
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Size:   4076
Md5:    808c71bdcabcde00d90418aaffd06752
Sha1:   b2b1e64368db7c6f4879602630b49e65ee9bdbac
Sha256: a0ba291861c5665a124c4d51a8c60950821cfec0fcd203b4ff1e134f66076f1e
                                        
                                            GET /wp-content/themes/sqhc/images/boxes-purple.svg HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 17 Feb 2022 08:02:10 GMT
ETag: "39f5-5d8322eef856c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Content-Length: 4018
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text
Size:   4018
Md5:    37484a7a7d8e422af32cf982c1e6cbb4
Sha1:   87631df6c67eb7ae8a82be0f04d9d33479869487
Sha256: c8237aa6baf811674af26c8f74133f1bf6f1928dbe9485478a8e1daaa2889713
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 13:50:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6483
Cache-Control: max-age=162273
Date: Fri, 09 Dec 2022 13:50:25 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 10:54:58 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-content/themes/sqhc/fonts/Aileron-UltraLight.woff2 HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.squarehealth.com/wp-content/themes/sqhc/style.css?1665135116
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 17 Feb 2022 08:02:10 GMT
ETag: "32a4-5d8322eee7bcc"
Accept-Ranges: bytes
Content-Length: 12964
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12964, version 1.0\012- data
Size:   12964
Md5:    db322523d873eb3a9c58652dfde935d5
Sha1:   830aae68f375592446a50c8d82a5a6aff6e51b41
Sha256: 9ad4f877b6c4192163b0ae15ea4fd30ef9b59471a95ea99ecac5a0182e244e25
                                        
                                            GET /wp-content/themes/sqhc/fonts/Aileron-Thin.woff2 HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.squarehealth.com/wp-content/themes/sqhc/style.css?1665135116
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Fri, 09 Dec 2022 13:29:03 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 17 Feb 2022 08:02:10 GMT
ETag: "3458-5d8322eee7bcc"
Accept-Ranges: bytes
Content-Length: 13400
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13400, version 1.0\012- data
Size:   13400
Md5:    2096027089ea79143f3a2f68a726d748
Sha1:   9d44a7287300fd4e1b72907cebf4aadadda1915c
Sha256: b119edb631500b23b21bc063e780b860813b711200d643e4f6381638b56c047b
                                        
                                            GET /wp-content/themes/sqhc/fonts/Aileron-Light.woff2 HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.squarehealth.com/wp-content/themes/sqhc/style.css?1665135116
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 17 Feb 2022 08:02:10 GMT
ETag: "33e8-5d8322eeeaaac"
Accept-Ranges: bytes
Content-Length: 13288
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13288, version 1.0\012- data
Size:   13288
Md5:    80da7ef095a8267d886c4ca73b192b78
Sha1:   786cf43ff99b08f02b95446bda56b0083969d77a
Sha256: 9e0bf2b6a962f12dbdec9a5dd664c6a6bc53075a5f6b1ad0623e757ad7633423
                                        
                                            GET /wp-content/themes/sqhc/fonts/Aileron-SemiBold.woff2 HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.squarehealth.com/wp-content/themes/sqhc/style.css?1665135116
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Fri, 09 Dec 2022 13:29:03 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 17 Feb 2022 08:02:10 GMT
ETag: "3440-5d8322eee8b6c"
Accept-Ranges: bytes
Content-Length: 13376
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13376, version 1.0\012- data
Size:   13376
Md5:    1896b3a8e2eabd7b516b8d4466381c75
Sha1:   04c5fa8346c7793c14a1610ce718dc71b3331cb4
Sha256: 3930067995e74cc8062e4574ef931891a4cc25466f33e4e9f2c2e10b9b68f74c
                                        
                                            GET /wp-content/uploads/2017/07/clinical-excellence.png HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 17 Feb 2022 08:02:13 GMT
ETag: "99c60-5d8322f19c1ec"
Accept-Ranges: bytes
Content-Length: 629856
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Cache-Control: max-age=2678400, public
X-Robots-Tag: noindex
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 1920 x 1080, 8-bit colormap, non-interlaced\012- data
Size:   629856
Md5:    2a8ad485510930c8398e109c4fc50a48
Sha1:   31fe3c50dc9831a92b74e4c144625bd947b23731
Sha256: c4dcb6aa03b043a72251a81d09d21644d2a00ad8aa38e567afe9d687ff1300e4
                                        
                                            GET /wp-content/uploads/2018/01/screening-banner-alt.png HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 17 Feb 2022 08:02:11 GMT
ETag: "7fc15-5d8322ef91a8c"
Accept-Ranges: bytes
Content-Length: 523285
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Cache-Control: max-age=2678400, public
X-Robots-Tag: noindex
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 1920 x 1080, 8-bit colormap, non-interlaced\012- data
Size:   523285
Md5:    d3a9cee716b26d7d408f216d0d97352a
Sha1:   79e325880c7ff6be88139e828237f17adb8021c9
Sha256: 3d4a487af8632e912953920f3cbff42ab13d7edec35f30073af72f5712c8e610
                                        
                                            GET /wp-content/uploads/2017/07/health-tech-banner.png HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 17 Feb 2022 08:02:13 GMT
ETag: "6a075-5d8322f15e98c"
Accept-Ranges: bytes
Content-Length: 434293
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Cache-Control: max-age=2678400, public
X-Robots-Tag: noindex
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 1920 x 1080, 8-bit colormap, non-interlaced\012- data
Size:   434293
Md5:    eb3aa6a647a3ca76ea4311a74603bbda
Sha1:   5145ccc9092391652b99191bf0dbc85fc0dddd49
Sha256: d011a65f53ca7e6656e8da718cf04f681cd5c1712dd4d5ed30b7ad2ca48bbdb6
                                        
                                            GET /wp-content/uploads/2017/07/advanced-healthcare.png HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 09 Dec 2022 13:29:02 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 17 Feb 2022 08:02:13 GMT
ETag: "a2c89-5d8322f1ba64c"
Accept-Ranges: bytes
Content-Length: 666761
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Cache-Control: max-age=2678400, public
X-Robots-Tag: noindex
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 1920 x 1080, 8-bit colormap, non-interlaced\012- data
Size:   666761
Md5:    6b50544b050c81f5d936a35d210d8b0a
Sha1:   c5c7b3421c05802d1a6705ca9058c95fadb4a31a
Sha256: da0295d4623b2253970dc016bff2f23c37229d8190e9f91b86ecddfb62183f2c
                                        
                                            GET /wp-content/uploads/2018/01/healthcare-banner-alt.png HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 09 Dec 2022 13:29:03 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 17 Feb 2022 08:02:11 GMT
ETag: "6e0bf-5d8322ef8dc0c"
Accept-Ranges: bytes
Content-Length: 450751
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Cache-Control: max-age=2678400, public
X-Robots-Tag: noindex
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 1920 x 1080, 8-bit colormap, non-interlaced\012- data
Size:   450751
Md5:    9c66a1640c91f9c87ff62e74d204159b
Sha1:   98cf13e56e4f2be2b6a59e3754c953b03a21696c
Sha256: 9375e09506ae4bccd0ae208b3542f61d30f91eb6209bbab7dd6f14d97dafa8cf
                                        
                                            GET /?wordfence_lh=1&hid=C5EA8FEE91BFFAD8F66BD5F244B56F71&r=0.993960596390398 HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Fri, 09 Dec 2022 13:29:03 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=631138519; includeSubDomains
Link: <https://www.squarehealth.com/wp-json/>; rel="https://api.w.org/", <https://www.squarehealth.com/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://www.squarehealth.com/>; rel=shortlink
Connection: close
X-Robots-Tag: noindex
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Transfer-Encoding: chunked

                                        
                                            GET /wp-content/uploads/2017/07/corporates-banner.png HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 09 Dec 2022 13:29:03 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 17 Feb 2022 08:02:13 GMT
ETag: "71c29-5d8322f1397cc"
Accept-Ranges: bytes
Content-Length: 465961
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Cache-Control: max-age=2678400, public
X-Robots-Tag: noindex
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 1920 x 1080, 8-bit colormap, non-interlaced\012- data
Size:   465961
Md5:    99971e195a9b2fdd9007988992956ce0
Sha1:   587e56928ef82832db52861421987a4219eb99cd
Sha256: 78ee2cee28b561bafa77ef7b4c84f53fcefe9a7c579e1b269fd1664dc5dc8fa9
                                        
                                            POST /wp-admin/admin-ajax.php HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 29
Origin: https://www.squarehealth.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 09 Dec 2022 13:29:03 GMT
Server:
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Frame-Options: SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
Referrer-Policy: same-origin, strict-origin-when-cross-origin
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Content-Length: 0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive

                                        
                                            GET /wp-content/themes/sqhc/favicon.ico HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Fri, 09 Dec 2022 13:29:03 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 17 Feb 2022 08:02:11 GMT
ETag: "d1-5d8322ef021ac-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Cache-Control: max-age=2678400, public
Content-Length: 204
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   204
Md5:    746d40c53c6415f0d5905d60e1df2afc
Sha1:   e60ba8deea40ab5038db99b5ec960b7d586e1af7
Sha256: b054bb1a03f78f90108df744da0c8ac0031b23ebc9a376742157eb3f2eddce34
                                        
                                            GET /wp-content/themes/sqhc/images/meta/apple-touch-icon-iphone4.png HTTP/1.1 
Host: www.squarehealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.squarehealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         52.19.31.233
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 09 Dec 2022 13:29:03 GMT
Server:
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 17 Feb 2022 08:02:10 GMT
ETag: "169-5d8322eef180c"
Accept-Ranges: bytes
Content-Length: 361
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=631138519; includeSubDomains
Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' https://maps.googleapis.com https://code.jquery.com https://www.google.com https://www.gstatic.com https://www.cqc.org.uk; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.cqc.org.uk; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://maps.googleapis.com https://www.cqc.org.uk http://2.gravatar.com https://maps.gstatic.com data:; frame-src 'self' https://www.youtube.com https://www.google.com;
Cache-Control: max-age=2678400, public
X-Robots-Tag: noindex
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data
Size:   361
Md5:    adb1c95d9c9857b74575f655981985b2
Sha1:   4f2cb62f1894351ec99486f1a10c045ac051d35a
Sha256: cc3f2b9bc8d65d112c09421c8c8f196286b70b5de2fa6fc1acd6adc82686c620
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 13:50:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.squarehealth.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.211.3
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 13:40:02 GMT
expires: Thu, 07 Dec 2023 13:40:02 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
age: 173424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (730)
Size:   162976
Md5:    79d18cf4265108d7cecca1bf4ada6109
Sha1:   e51d0285a545381d4c39e9e0292a650ffeeecbb9
Sha256: 59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lBnVyWqVHfpmkBfwVUwdKQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.82.221.194
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jMM+WLxt0anQwm2ac9weNGyxTsk=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 13:50:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11129
Expires: Fri, 09 Dec 2022 16:55:56 GMT
Date: Fri, 09 Dec 2022 13:50:27 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11129
Expires: Fri, 09 Dec 2022 16:55:56 GMT
Date: Fri, 09 Dec 2022 13:50:27 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11129
Expires: Fri, 09 Dec 2022 16:55:56 GMT
Date: Fri, 09 Dec 2022 13:50:27 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nXaZ1pazAGWMI9GFYZjGlvVVIb8wX6feD0O8VpzjsL8F8l3mFmydAw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:59 GMT
age: 23788
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6578
Md5:    8546542f00ea29ef4df6ab8d3c7c2164
Sha1:   5c8ffe91490006a9890188b53f875568c2b6bd8f
Sha256: 7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:15 GMT
age: 23832
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7557
Md5:    5de5d319f43d9c9c641419d96655541f
Sha1:   cde4c7fa0145d3645af17e34c83c63c08f76a076
Sha256: fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:38:26 GMT
age: 36721
etag: "7558222788f06623ddae6e883413e38e1146281e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7897
Md5:    8c3214044657f3b876d1f1848bca5684
Sha1:   7558222788f06623ddae6e883413e38e1146281e
Sha256: e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: swNGUcNy2i0w9UGe-EJhwslE01TzTC3rrDhLhVVxHyhWMGSC1uq0mA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:46:15 GMT
age: 32652
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5169
Md5:    06514ce96ae21cb01f526a5febdcbeb4
Sha1:   ebb97e5b97f394e8c67098f55581d5329ce819a2
Sha256: 4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dGxzuQ6zj6wXQbkBuKBnOKxwKJDHUyGoi7PgcugcpdX4QYruNiFxsQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:24 GMT
age: 57543
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5188
Md5:    fba9a3854df65740512f96efe7442e58
Sha1:   8fbff7725c842d70e047c635a725723a9dc9c55a
Sha256: 6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5245
x-amzn-requestid: 9770ebcd-fb1e-4b81-bb87-1e98ef024741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy-E8HugoAMFsKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911085-54eb7a48323113d52329abf5;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:15:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d2DHUS5fGT4uoPPdjDXmHUOQVF93ULtO4zSHRmrx7KMu3lO0y0K9ag==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 01:23:35 GMT
age: 44812
etag: "27f558d5cdc150a50f080c054423500666b63d74"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5245
Md5:    43fdc85bfd574fa803f0bcdc216ef622
Sha1:   27f558d5cdc150a50f080c054423500666b63d74
Sha256: fafd2a81cddacdb4e5fd7c9963a784e6e56d06ac98f0bd4124fd74fa3ba015e0