Overview

URLmail-102366.square.site/
IP 199.34.228.40 (United States)
ASN#27647 WEEBLY
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-01 14:05:19 UTC
StatusLoading report..
IDS alerts0
Blocklist alert11
urlquery alerts No alerts detected
Tags None

Domain Summary (16)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
cdn2.editmysite.com (1) 11564 2012-11-02 14:27:29 UTC 2020-04-29 06:59:26 UTC 151.101.1.46
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.89.114.252
ec.editmysite.com (4) 12806 2018-09-03 10:26:45 UTC 2020-04-22 02:18:25 UTC 44.232.247.128
sentry.io (1) 2743 2016-08-31 05:38:44 UTC 2022-12-01 05:00:34 UTC 35.188.42.15
rum.browser-intake-datadoghq.com (2) 11420 No data No data 3.233.155.111
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-01 04:09:38 UTC 34.102.187.140
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-01 04:11:13 UTC 34.117.237.239
ocsp.globalsign.com (3) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.21.226
img-getpocket.cdn.mozilla.net (5) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
r3.o.lencr.org (6) 344 No data No data 23.36.76.226
cdn3.editmysite.com (37) 32188 No data No data 151.101.193.46
ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.158
ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
mail-102366.square.site (10) 0 No data No data 199.34.228.40 Domain (square.site) ranked at: 22579
ocsp.entrust.net (1) 1208 2014-01-10 02:18:45 UTC 2020-04-24 21:44:37 UTC 104.110.10.32

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-12-01 2 mail-102366.square.site/ BT Group plc
2022-12-01 2 mail-102366.square.site/ BT Group plc
2022-12-01 2 mail-102366.square.site/ BT Group plc
2022-12-01 2 mail-102366.square.site/ BT Group plc
2022-12-01 2 mail-102366.square.site/ BT Group plc

PhishTank
Scan Date Severity Indicator Comment
2022-12-01 2 mail-102366.square.site/ Other

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-01 2 mail-102366.square.site/ Phishing
2022-12-01 2 mail-102366.square.site/app/website/cms/api/v1/users/144043552/customers/co (...) Phishing
2022-12-01 2 mail-102366.square.site/square.ico Phishing
2022-12-01 2 mail-102366.square.site/uploads/b/d4de93a52a17c20a281a4bcef038c28af07819b43 (...) Phishing
2022-12-01 2 mail-102366.square.site/app/website/square.ico Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.34.228.40
Date UQ / IDS / BL URL IP
2023-02-03 12:54:37 +0000 0 - 0 - 33 att-104443.square.site/ 199.34.228.40
2023-02-01 09:05:21 +0000 0 - 0 - 14 att-109649-105907.square.site/ 199.34.228.40
2023-02-01 02:35:22 +0000 0 - 0 - 14 att-109649-105907.square.site/ 199.34.228.40
2023-01-31 16:01:30 +0000 0 - 0 - 12 loginscreeninc.square.site/ 199.34.228.40
2023-01-31 15:49:30 +0000 0 - 0 - 20 attnet-101605.square.site/ 199.34.228.40


Last 5 reports on ASN: WEEBLY
Date UQ / IDS / BL URL IP
2023-02-03 14:00:38 +0000 0 - 0 - 18 topattcommunication.weebly.com/ 199.34.228.54
2023-02-03 13:00:56 +0000 0 - 0 - 17 btconnect-10510746btconnect.weebly.com/ 199.34.228.54
2023-02-03 13:00:34 +0000 0 - 0 - 2 att-106827.weeblysite.com/ 199.34.228.96
2023-02-03 12:54:37 +0000 0 - 0 - 33 att-104443.square.site/ 199.34.228.40
2023-02-03 12:10:20 +0000 0 - 0 - 18 repondeurfixe123.weebly.com/ 199.34.228.53


Last 5 reports on domain: square.site
Date UQ / IDS / BL URL IP
2023-02-03 12:54:37 +0000 0 - 0 - 33 att-104443.square.site/ 199.34.228.40
2023-02-02 01:15:55 +0000 0 - 0 - 5 att-101686.square.site/ 199.34.228.39
2023-02-01 11:52:00 +0000 0 - 0 - 14 att-109649-105907.square.site/ 199.34.228.39
2023-02-01 09:05:21 +0000 0 - 0 - 14 att-109649-105907.square.site/ 199.34.228.40
2023-02-01 02:35:22 +0000 0 - 0 - 14 att-109649-105907.square.site/ 199.34.228.40


No other reports with similar screenshot

JavaScript

Executed Scripts (34)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (80)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2594
Cache-Control: max-age=162559
Date: Thu, 01 Dec 2022 14:05:07 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:14:26 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7445
Expires: Thu, 01 Dec 2022 16:09:12 GMT
Date: Thu, 01 Dec 2022 14:05:07 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 13:19:46 GMT
cache-control: public,max-age=3600
age: 2721
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17183
Expires: Thu, 01 Dec 2022 18:51:30 GMT
Date: Thu, 01 Dec 2022 14:05:07 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: AssD/dcvR/wQbyCL1ZBUiG41H8W59QrHB53p/YDw1k3EuvZysFNTGMMFyoQQsY4IhyRJagyf4yo=
x-amz-request-id: C8H7MEG9TK2PYANV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 13:46:17 GMT
age: 1130
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 01 Dec 2022 14:05:07 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.entrust.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.110.10.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
ETag: "74A4C5724F362E68E403FE11052253E9532D31830610112B3344E0FCF3A96C6D"
Last-Modified: Thu, 01 Dec 2022 10:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3547
Expires: Thu, 01 Dec 2022 15:04:15 GMT
Date: Thu, 01 Dec 2022 14:05:08 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1588
Md5:    dc1cb5d863c22656ea232d80b0be112c
Sha1:   e0a49d50b81b8a3d8b8dcfe1f3880a615c9644a5
Sha256: 74a4c5724f362e68e403fe11052253e9532d31830610112b3344e0fcf3a96c6d
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 13:11:15 GMT
cache-control: public,max-age=3600
age: 3233
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: mail-102366.square.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         199.34.228.40
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Thu, 01 Dec 2022 14:05:08 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6IlhpWVNCK1VFU3dZQUJBZ1NWeDg4bGc9PSIsInZhbHVlIjoidFVFVEs5dUJXVUpxWFwvMU5HV05cL3d6QjdMS0V0Y2tObGlaVzFLYmZsdlwvV2hpbDc1V3Y3dHpDOHR1WUJtcjdONW9Fb2doN0JrQnJLMVdwYXUyQVwvaGtndjEwSkU5VWlleVgySndqaW1LXC9Ld1kxQ1ZvVHFcL1pqdDRvWVZMeU5RXC9PIiwibWFjIjoiZDJkYWNhMWJmNzQ2ZjdkM2I3MjJkZmYyZjUxNjhjOWZjNjgzYTA0MDFhMGQwYzRkZWJhN2Q4MzkxN2YyYTA4NyJ9; expires=Thu, 15-Dec-2022 14:05:08 GMT; Max-Age=1209600; path=/ XSRF-TOKEN=eyJpdiI6IlZOeThrTVZQM3JqNTJRTCthZXg0Umc9PSIsInZhbHVlIjoiZHZvaTgxNTk3XC9leWh1NUpYRGxZd2dKM2JWUnltZlluazljMmNGM2gxcTJHbVdzSGVrbWJwcnRCeTQzZWtcL2xRcHZyaytTUGRzM1hnSUVZZmtSWmtiNGFwVmxtXC9BTWE4MHh1UVdtZ0pkOUJNMUZkUEJqc25ZM2FTMWFzbFRZemgiLCJtYWMiOiIxYjE0MTU0MjMxYmU5ZGEzYjYwMjEzMDBmOTQ2Y2Q5MGQ5NGJmMGViNzliZDlhNGZhNWNmZDkxZGIxZDk5NmU4In0%3D; expires=Thu, 15-Dec-2022 14:05:08 GMT; Max-Age=1209600; path=/ PublishedSiteSession=eyJpdiI6Ik1QakUzMTh4Wlg0VEt3OFlrOVhra1E9PSIsInZhbHVlIjoieFJDaUo2WWt6UjNMbkJ0NmlcL0Q4TDdYVjd6anZ6dlFpN25oQm5QYlwvMGt1c0M5NGJ2UmhTSkNaMGNLZjhLNWIweWRVcnVSR2FkQ2RzTHpvbXh2XC9GeXhwMmFcL1RJVEVSZkZIMlIxb0NvUTFXZFlnTFRvZks2T0F6dTBEdDUrR3Q4IiwibWFjIjoiZWUxZGZhODBiMTU2N2E4YWQwOWM1OTY2MGY4NWI2M2ViOTVjODJjOWI1ZDUwZTRiMWZhMjJiOTdhODBiODRhOCJ9; expires=Thu, 15-Dec-2022 14:05:08 GMT; Max-Age=1209600; path=/; httponly
X-Host: blu84.sf2p.intern.weebly.net
X-Revision: 816ece5f6932666fedb5f058fa3c5c7398fbad59
X-Request-ID: 8623c53643b935d228bac2f80283128c
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (19650)
Size:   9005
Md5:    21ae374c6311d031bfdd23fee42198cb
Sha1:   2393946ca397db6a8c1967a447635bf863613a4a
Sha256: f712acc28abb71f6aa7c4501e8f73c54e1cc17adfc99a131c1426de34703cba6

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - phishtank: Other
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2586
Cache-Control: max-age=157487
Date: Thu, 01 Dec 2022 14:05:08 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:49:55 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 14:05:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "EE978EBA9108D163B111EB7645AA895408E33DDF"
Expires: Fri, 02 Dec 2022 01:00:00 GMT
Last-Modified: Thu, 01 Dec 2022 13:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2592
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772c6040fb82b51e-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    806660ae117dd2ec424d4c5805ef143c
Sha1:   5c930f9613a4c014d49739c62be7888a2b7aadba
Sha256: 58ca27c7e7adb098ae5b61225d126678c24db75ec5766a63f5a4cca2f6529795
                                        
                                            GET /js/wsnbn/snowday262.js HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.1.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Wed, 23 Nov 2022 18:03:15 GMT
etag: "637e6063-124fe"
expires: Thu, 08 Dec 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: grn145.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:08 GMT
age: 624387
x-served-by: cache-sjc10061-SJC, cache-bma1651-BMA
x-cache: HIT, HIT
x-cache-hits: 36, 6942
x-timer: S1669903509.638922,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25752
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2512)
Size:   25752
Md5:    234327230add9a5a5d61a48829ea4565
Sha1:   7966cc0e4bd76f88ff193c8a99a067de804b7129
Sha256: bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
                                        
                                            GET /app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Tue, 29 Mar 2022 18:09:33 GMT
x-rgw-object-type: Normal
etag: W/"40372ca3b0cfa19f4e5d664243108364"
x-amz-request-id: tx00000000000005ce1aaac-0062434bb9-a9f1ce7-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:08 GMT
via: 1.1 varnish
age: 1428248
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1669903509.643508,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4998
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11882), with no line terminators
Size:   4998
Md5:    20a4e66f534b80396d40bbc4291b2172
Sha1:   d7c962996f2715d94483be2bf9b644c7185d7ec7
Sha256: 0f19e8ad1c9bd5ae2ae5141f31b4e491bb460558da0ac51cd402964e716880ac
                                        
                                            GET /app/checkout/assets/checkout/css/wcko.e109c60fad1548bf0512.css HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: nginx
last-modified: Wed, 30 Nov 2022 18:46:00 GMT
x-rgw-object-type: Normal
etag: W/"a01b81c528efe77869fe834f89101c4b"
x-amz-request-id: tx00000000000003d163238-006387a768-c67eadd-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:08 GMT
via: 1.1 varnish
age: 68860
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669903509.644591,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (64270), with no line terminators
Size:   23000
Md5:    3041f445073c4b70b39d57313e42b8ae
Sha1:   d6b9205c7f407c08a3ebafd03ad6ac3e244c62fe
Sha256: dd6007839ebfa91501671af44e481678a1f26daecd85ee44ecfd4f54093f67e3
                                        
                                            GET /app/website/js/vue-modules.9bc3531c7b14b533b653.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Mon, 24 Oct 2022 20:40:22 GMT
x-rgw-object-type: Normal
etag: W/"be42f69ec175a01b6e195526f58dae71"
x-amz-request-id: tx00000000000002109ab7c-006356f891-c695612-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/vue-modules.9bc3531c7b14b533b653.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 1d15aad34e0d20a973977ec67b3bf5090814a6cf
x-request-id: f2d07942d6e3e48efaf38632576a5abf
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:08 GMT
via: 1.1 varnish
age: 2460379
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 10
x-timer: S1669903509.645278,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 72192
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (27432)
Size:   72192
Md5:    f4b29141d74cfc31ae87b2379bf827c6
Sha1:   d3cecf2609cbc423e0a59e9cad96c96595fc550c
Sha256: 77ba93a6fbe46719dede0298898f4d896c073a42d0c093179615edf38f1fd0e5
                                        
                                            GET /app/website/js/runtime.f0a9dbde4c118f994851.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Wed, 30 Nov 2022 22:08:09 GMT
x-rgw-object-type: Normal
etag: W/"24b4f4475dd5798f3fba003ac2a80327"
x-amz-request-id: tx00000000000003d0deaf5-006387d52a-c6aed46-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/runtime.f0a9dbde4c118f994851.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 816ece5f6932666fedb5f058fa3c5c7398fbad59
x-request-id: 3dae7342c54b5d8ee1fddb18a3e34352
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:08 GMT
via: 1.1 varnish
age: 56975
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1669903509.646434,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24982
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (51152)
Size:   24982
Md5:    60017a3c245cabedfa052a0c75f3c098
Sha1:   c8ce6535b605218f8c4f6554832de957a54f8194
Sha256: e3057d0f7d970e516152ed1186ed7b2d29bb807bc21299454951a78867db5e57
                                        
                                            GET /app/website/js/languages/en.4adbd9207512e3f658f1.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Wed, 30 Nov 2022 00:27:54 GMT
x-rgw-object-type: Normal
etag: W/"1ae2d3558226b425a2ceb38130ffb652"
x-amz-request-id: tx00000000000003c87b576-006386a3f1-c67eadd-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/languages/en.4adbd9207512e3f658f1.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: c44581c509cfdc3a59d66173b99fdedf4b73a44c
x-request-id: c2d6aa29110d021398c61b2cab82daf4
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:08 GMT
via: 1.1 varnish
age: 135211
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1669903509.646591,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 152604
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   152604
Md5:    77a940d5a120c92d733a896c124f1e79
Sha1:   2557f75f95b299efd572e08de1dcc3e21541791d
Sha256: 5c7d2f62be5d845cce30eca0f91b2e3d6cf217936d0017b484b8cbd5f17a33bc
                                        
                                            GET /app/website/js/site.e4a639b4e6cbc5fa0b62.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Wed, 30 Nov 2022 00:27:54 GMT
x-rgw-object-type: Normal
etag: W/"92b7a95dd1db394fb0cfc49f415aec73"
x-amz-request-id: tx00000000000003c5d74e3-006386a3f6-c6aed46-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/site.e4a639b4e6cbc5fa0b62.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: c44581c509cfdc3a59d66173b99fdedf4b73a44c
x-request-id: 3f7e053b5acbb3a42139528cfbc8a669
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:08 GMT
via: 1.1 varnish
age: 135212
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669903509.648121,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 665920
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (50409)
Size:   665920
Md5:    23cd053bc319af19b42bf6fbb2759f3c
Sha1:   2f2cdcdc141a3201c7f692d6ee018832f6f4afbb
Sha256: 929fb0f308a3da317c6eaeab4170386b56cf627ce0946675742cf8e6d898c22f
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 14:05:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "EE978EBA9108D163B111EB7645AA895408E33DDF"
Expires: Fri, 02 Dec 2022 01:00:00 GMT
Last-Modified: Thu, 01 Dec 2022 13:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2592
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772c60414be5b51e-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    806660ae117dd2ec424d4c5805ef143c
Sha1:   5c930f9613a4c014d49739c62be7888a2b7aadba
Sha256: 58ca27c7e7adb098ae5b61225d126678c24db75ec5766a63f5a4cca2f6529795
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 14:05:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "EE978EBA9108D163B111EB7645AA895408E33DDF"
Expires: Fri, 02 Dec 2022 01:00:00 GMT
Last-Modified: Thu, 01 Dec 2022 13:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2592
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772c6041ac4bb51e-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    806660ae117dd2ec424d4c5805ef143c
Sha1:   5c930f9613a4c014d49739c62be7888a2b7aadba
Sha256: 58ca27c7e7adb098ae5b61225d126678c24db75ec5766a63f5a4cca2f6529795
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wew31coIqDbjAr/d9yfwnA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.89.114.252
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Fsxe+ZGcXI2bCYRJ6Hylr+9D/qs=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100612
Date: Thu, 01 Dec 2022 14:05:09 GMT
Etag: "63879623-1d7"
Expires: Fri, 02 Dec 2022 18:02:01 GMT
Last-Modified: Wed, 30 Nov 2022 17:42:59 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mh0z3tpK-DP24vH0yEZaK_1RugGdTJ0QltkGtUe_oHTr6OlxJrXbmA==
Age: 1142

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101494
Date: Thu, 01 Dec 2022 14:05:09 GMT
Etag: "63879623-1d7"
Expires: Fri, 02 Dec 2022 18:16:43 GMT
Last-Modified: Wed, 30 Nov 2022 17:42:59 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uhs20qm2fTnPDh_R9y7SQiUOSiDCjyjhCghbiSrUQ5gsqiFrEwG8Qw==
Age: 2024

                                        
                                            OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://mail-102366.square.site/
Origin: https://mail-102366.square.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         44.232.247.128
HTTP/2 200 OK
                                        
date: Thu, 01 Dec 2022 14:05:09 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://mail-102366.square.site
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2

                                        
                                            POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1989
Origin: https://mail-102366.square.site
Connection: keep-alive
Referer: https://mail-102366.square.site/
Cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         44.232.247.128
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
date: Thu, 01 Dec 2022 14:05:09 GMT
content-length: 2
server: nginx
set-cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c; Expires=Fri, 01 Dec 2023 14:05:09 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://mail-102366.square.site
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig] HTTP/1.1 
Host: mail-102366.square.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6IlZOeThrTVZQM3JqNTJRTCthZXg0Umc9PSIsInZhbHVlIjoiZHZvaTgxNTk3XC9leWh1NUpYRGxZd2dKM2JWUnltZlluazljMmNGM2gxcTJHbVdzSGVrbWJwcnRCeTQzZWtcL2xRcHZyaytTUGRzM1hnSUVZZmtSWmtiNGFwVmxtXC9BTWE4MHh1UVdtZ0pkOUJNMUZkUEJqc25ZM2FTMWFzbFRZemgiLCJtYWMiOiIxYjE0MTU0MjMxYmU5ZGEzYjYwMjEzMDBmOTQ2Y2Q5MGQ5NGJmMGViNzliZDlhNGZhNWNmZDkxZGIxZDk5NmU4In0=
Content-Length: 78
Origin: https://mail-102366.square.site
Connection: keep-alive
Referer: https://mail-102366.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IlhpWVNCK1VFU3dZQUJBZ1NWeDg4bGc9PSIsInZhbHVlIjoidFVFVEs5dUJXVUpxWFwvMU5HV05cL3d6QjdMS0V0Y2tObGlaVzFLYmZsdlwvV2hpbDc1V3Y3dHpDOHR1WUJtcjdONW9Fb2doN0JrQnJLMVdwYXUyQVwvaGtndjEwSkU5VWlleVgySndqaW1LXC9Ld1kxQ1ZvVHFcL1pqdDRvWVZMeU5RXC9PIiwibWFjIjoiZDJkYWNhMWJmNzQ2ZjdkM2I3MjJkZmYyZjUxNjhjOWZjNjgzYTA0MDFhMGQwYzRkZWJhN2Q4MzkxN2YyYTA4NyJ9; XSRF-TOKEN=eyJpdiI6IlZOeThrTVZQM3JqNTJRTCthZXg0Umc9PSIsInZhbHVlIjoiZHZvaTgxNTk3XC9leWh1NUpYRGxZd2dKM2JWUnltZlluazljMmNGM2gxcTJHbVdzSGVrbWJwcnRCeTQzZWtcL2xRcHZyaytTUGRzM1hnSUVZZmtSWmtiNGFwVmxtXC9BTWE4MHh1UVdtZ0pkOUJNMUZkUEJqc25ZM2FTMWFzbFRZemgiLCJtYWMiOiIxYjE0MTU0MjMxYmU5ZGEzYjYwMjEzMDBmOTQ2Y2Q5MGQ5NGJmMGViNzliZDlhNGZhNWNmZDkxZGIxZDk5NmU4In0%3D; PublishedSiteSession=eyJpdiI6Ik1QakUzMTh4Wlg0VEt3OFlrOVhra1E9PSIsInZhbHVlIjoieFJDaUo2WWt6UjNMbkJ0NmlcL0Q4TDdYVjd6anZ6dlFpN25oQm5QYlwvMGt1c0M5NGJ2UmhTSkNaMGNLZjhLNWIweWRVcnVSR2FkQ2RzTHpvbXh2XC9GeXhwMmFcL1RJVEVSZkZIMlIxb0NvUTFXZFlnTFRvZks2T0F6dTBEdDUrR3Q4IiwibWFjIjoiZWUxZGZhODBiMTU2N2E4YWQwOWM1OTY2MGY4NWI2M2ViOTVjODJjOWI1ZDUwZTRiMWZhMjJiOTdhODBiODRhOCJ9; _snow_ses.15db=*; _snow_id.15db=fba7bce3-3c31-4b99-9021-bfb6f13281d4.1669903507.1.1669903507.1669903507.ac62d6ce-349b-4e86-af75-cde573b3719f; _dd_s=rum=1&id=22a51571-c9fc-42a8-8ecf-fcc2faf39b0f&created=1669903507945&expire=1669904407945
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.40
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Thu, 01 Dec 2022 14:05:09 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn84.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 894
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (894), with no line terminators
Size:   894
Md5:    ecac4f30bee8180dcfdf7a45566baa9e
Sha1:   ab9320699e69c2e7e86d244d9f8da66a0dce0597
Sha256: fb88375c828f8acd06b6e56c4e5752fb239d1a8d4aae16c0ec90a869844abbf7
                                        
                                            POST /api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7 HTTP/1.1 
Host: sentry.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mail-102366.square.site/
Content-Type: text/plain;charset=UTF-8
Origin: https://mail-102366.square.site
Content-Length: 429
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.188.42.15
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Thu, 01 Dec 2022 14:05:09 GMT
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://mail-102366.square.site
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2482
Expires: Thu, 01 Dec 2022 14:46:31 GMT
Date: Thu, 01 Dec 2022 14:05:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2482
Expires: Thu, 01 Dec 2022 14:46:31 GMT
Date: Thu, 01 Dec 2022 14:05:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2482
Expires: Thu, 01 Dec 2022 14:46:31 GMT
Date: Thu, 01 Dec 2022 14:05:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2482
Expires: Thu, 01 Dec 2022 14:46:31 GMT
Date: Thu, 01 Dec 2022 14:05:09 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16038
x-amzn-requestid: 9d34c42b-ba0c-498f-8f99-d4ab527ffa89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMdHXNIAMFgaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe9-376846f31dc9b995797cbd18;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:25 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DngCuOTO9fQAwWe_ip6EtBcgruigZN6Bl1_v5BHM2dsWlhqCXCL3gg==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:33 GMT
age: 58776
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16038
Md5:    ffd12f9c423ffc627d9e3b3145944fe4
Sha1:   5cf9a7a784952e1bb0cbe499104f1774b1269d08
Sha256: a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8740
x-amzn-requestid: 4823cf63-98eb-40d3-bb8b-e09cd2262f36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7SqHjYIAMF8xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c10-316b213c33ce9bc2355c0900;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tK4wl-g5kcUhVFE3iZGILhZhZSsaMzQD9JTBHj1JXV95yXs_e3gMGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 12:31:43 GMT
age: 5606
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8740
Md5:    26d6dffbf400da4803a2e76e2a8ef2f8
Sha1:   2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
Sha256: 04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gsn5uUFEzDZDOMPTvW9UQxtccvRfJKUM4eJ8U99jvUGzNIKkF9SzeA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:20 GMT
age: 58549
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12898
Md5:    820cf89fcab8380adff42982c9fb11ed
Sha1:   84241ddddbbfd7de30118307fb1a62800d0a4cb3
Sha256: 0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
                                        
                                            GET /app/website/css/site.273c42e34939130f9c67.css HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: nginx
last-modified: Tue, 29 Nov 2022 21:38:48 GMT
x-rgw-object-type: Normal
etag: W/"9d081df7a69ba3304484f0f0d8c91ec2"
x-amz-request-id: tx00000000000003c430e19-0063867c4b-c6aed46-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 4d369cb9c41c252f23e2aa636267be82d5b77eb6
x-request-id: 740a7cabb050e44bf81efc63d8fa073e
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:08 GMT
via: 1.1 varnish
age: 145450
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669903509.657114,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24060
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   9674
Md5:    5508d05a290b663fd89ead9b58f2efd8
Sha1:   53650399f9a986ba54addd668b4557109d12003b
Sha256: 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
                                        
                                            GET /app/website/cms/api/v1/users/144043552/customers/coordinates HTTP/1.1 
Host: mail-102366.square.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IlZOeThrTVZQM3JqNTJRTCthZXg0Umc9PSIsInZhbHVlIjoiZHZvaTgxNTk3XC9leWh1NUpYRGxZd2dKM2JWUnltZlluazljMmNGM2gxcTJHbVdzSGVrbWJwcnRCeTQzZWtcL2xRcHZyaytTUGRzM1hnSUVZZmtSWmtiNGFwVmxtXC9BTWE4MHh1UVdtZ0pkOUJNMUZkUEJqc25ZM2FTMWFzbFRZemgiLCJtYWMiOiIxYjE0MTU0MjMxYmU5ZGEzYjYwMjEzMDBmOTQ2Y2Q5MGQ5NGJmMGViNzliZDlhNGZhNWNmZDkxZGIxZDk5NmU4In0=
Connection: keep-alive
Referer: https://mail-102366.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IlhpWVNCK1VFU3dZQUJBZ1NWeDg4bGc9PSIsInZhbHVlIjoidFVFVEs5dUJXVUpxWFwvMU5HV05cL3d6QjdMS0V0Y2tObGlaVzFLYmZsdlwvV2hpbDc1V3Y3dHpDOHR1WUJtcjdONW9Fb2doN0JrQnJLMVdwYXUyQVwvaGtndjEwSkU5VWlleVgySndqaW1LXC9Ld1kxQ1ZvVHFcL1pqdDRvWVZMeU5RXC9PIiwibWFjIjoiZDJkYWNhMWJmNzQ2ZjdkM2I3MjJkZmYyZjUxNjhjOWZjNjgzYTA0MDFhMGQwYzRkZWJhN2Q4MzkxN2YyYTA4NyJ9; XSRF-TOKEN=eyJpdiI6IlZOeThrTVZQM3JqNTJRTCthZXg0Umc9PSIsInZhbHVlIjoiZHZvaTgxNTk3XC9leWh1NUpYRGxZd2dKM2JWUnltZlluazljMmNGM2gxcTJHbVdzSGVrbWJwcnRCeTQzZWtcL2xRcHZyaytTUGRzM1hnSUVZZmtSWmtiNGFwVmxtXC9BTWE4MHh1UVdtZ0pkOUJNMUZkUEJqc25ZM2FTMWFzbFRZemgiLCJtYWMiOiIxYjE0MTU0MjMxYmU5ZGEzYjYwMjEzMDBmOTQ2Y2Q5MGQ5NGJmMGViNzliZDlhNGZhNWNmZDkxZGIxZDk5NmU4In0%3D; PublishedSiteSession=eyJpdiI6Ik1QakUzMTh4Wlg0VEt3OFlrOVhra1E9PSIsInZhbHVlIjoieFJDaUo2WWt6UjNMbkJ0NmlcL0Q4TDdYVjd6anZ6dlFpN25oQm5QYlwvMGt1c0M5NGJ2UmhTSkNaMGNLZjhLNWIweWRVcnVSR2FkQ2RzTHpvbXh2XC9GeXhwMmFcL1RJVEVSZkZIMlIxb0NvUTFXZFlnTFRvZks2T0F6dTBEdDUrR3Q4IiwibWFjIjoiZWUxZGZhODBiMTU2N2E4YWQwOWM1OTY2MGY4NWI2M2ViOTVjODJjOWI1ZDUwZTRiMWZhMjJiOTdhODBiODRhOCJ9; _snow_ses.15db=*; _snow_id.15db=fba7bce3-3c31-4b99-9021-bfb6f13281d4.1669903507.1.1669903507.1669903507.ac62d6ce-349b-4e86-af75-cde573b3719f; _dd_s=rum=1&id=22a51571-c9fc-42a8-8ecf-fcc2faf39b0f&created=1669903507945&expire=1669904407945
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.40
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Thu, 01 Dec 2022 14:05:09 GMT
Set-Cookie: websitespring-xsrf=eyJpdiI6ImgzMTl1SnNra3hrdFhKVmFiSCtqdmc9PSIsInZhbHVlIjoiNmdEREF6a1VuUzR5dGpjUEdaekFmQWNLSFBmelZ6YWpZZ2VwNXZsMmlUUEtSZnRmV2dZdjBURHplcGx3Q0xmd2JEdElCeDBET0ZKN1hxTkdBbm83QnJDeDdxYXJ1eXpsejF4V05sTms5eGhNK25ZXC9PWVIwSFdkUzZrdmpFMzJ4IiwibWFjIjoiMzcwMzZkOTFjMDc0NjlkOGY5MDYzYzMyZjUxNDlhOTVlOWMyODlhODk3ZTVmMjQ1MDNlZmJhZGVkOGUzOTMwNCJ9; expires=Thu, 15-Dec-2022 14:05:09 GMT; Max-Age=1209600; path=/ XSRF-TOKEN=eyJpdiI6IlRDeHJXc3F4b2dsR1FGTTY4ZEFjVnc9PSIsInZhbHVlIjoiejVzY0tyd0ZjbTRaSmlFb1RZNkFHaWlmWStmTkhpSFdFd1QzQTltWlhuWEV3dUZxM3kxK2VNd0poNnFONStwRktROUdtTk5VWUhvWmxtY2lncHAyWDB2bERVRDVGUDlPVEhNT2RBdEZORHNQSWZkbU5MXC9qR3VuK2FiTDlUSTdaIiwibWFjIjoiNDVhOGJmNzg0YzBlYjQ4ZTBjMDgwYWY2ZGRkYmQ1NjlhY2Y0ZDcxM2EyYjNmODQ5NzkzM2QyNWExNDI4M2ZkYSJ9; expires=Thu, 15-Dec-2022 14:05:09 GMT; Max-Age=1209600; path=/
X-Host: blu48.sf2p.intern.weebly.net
X-Revision: 816ece5f6932666fedb5f058fa3c5c7398fbad59
X-Request-ID: 1b3dfcbe067d2ca576d48f047ac640fb
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   70
Md5:    9752b06c768724a72741cf9388713596
Sha1:   3c05993fc47e53d1edaa9c03779565a7753f3a61
Sha256: 1d97b677c782c9ae57c8b4dcb6afd88a8068ea3cd133a00cf1050dfe0b4d835c

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - fortinet: Phishing
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9459
x-amzn-requestid: c08f55b2-7ac6-4dec-b53c-fd3f4533f9c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpBiGoHIAMFR2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bba3-69c2c2d05e55fd745caf1dce;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:09:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w_Mb-0pBwp-pUyU2bdJ8MhrGHkk6VQgJmcGV9MfHwj_yGUMIYZkyrg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 10:48:24 GMT
age: 11805
etag: "2f9532d698b4c28df23e18bbb66399ec776d5b9f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9459
Md5:    e1e6b6ba4f82221b41c3d9129008c76d
Sha1:   2f9532d698b4c28df23e18bbb66399ec776d5b9f
Sha256: 218c6f41a16e6087c611d4db5784a7cc1d027084d0bf2bd6dc3843ee5dfd560f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4762
x-amzn-requestid: b7c0e28a-de0d-443d-8bf4-900a964bf110
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uSFcMoAMF2CQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc1-7abade3a670201cf1906b79f;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gZSkafSw8cXo9AChLOTVJW7r_hHLW8kaHlA-ED2_zFJwuUk1uS3VRw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:29:36 GMT
age: 2133
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4762
Md5:    d2dd5a4bcfd47db8f38544bf39ce3031
Sha1:   fa2217bae05b7beca2e12597eaad835298276b82
Sha256: 3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
                                        
                                            POST /ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments] HTTP/1.1 
Host: mail-102366.square.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6IlZOeThrTVZQM3JqNTJRTCthZXg0Umc9PSIsInZhbHVlIjoiZHZvaTgxNTk3XC9leWh1NUpYRGxZd2dKM2JWUnltZlluazljMmNGM2gxcTJHbVdzSGVrbWJwcnRCeTQzZWtcL2xRcHZyaytTUGRzM1hnSUVZZmtSWmtiNGFwVmxtXC9BTWE4MHh1UVdtZ0pkOUJNMUZkUEJqc25ZM2FTMWFzbFRZemgiLCJtYWMiOiIxYjE0MTU0MjMxYmU5ZGEzYjYwMjEzMDBmOTQ2Y2Q5MGQ5NGJmMGViNzliZDlhNGZhNWNmZDkxZGIxZDk5NmU4In0=
Content-Length: 83
Origin: https://mail-102366.square.site
Connection: keep-alive
Referer: https://mail-102366.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IlhpWVNCK1VFU3dZQUJBZ1NWeDg4bGc9PSIsInZhbHVlIjoidFVFVEs5dUJXVUpxWFwvMU5HV05cL3d6QjdMS0V0Y2tObGlaVzFLYmZsdlwvV2hpbDc1V3Y3dHpDOHR1WUJtcjdONW9Fb2doN0JrQnJLMVdwYXUyQVwvaGtndjEwSkU5VWlleVgySndqaW1LXC9Ld1kxQ1ZvVHFcL1pqdDRvWVZMeU5RXC9PIiwibWFjIjoiZDJkYWNhMWJmNzQ2ZjdkM2I3MjJkZmYyZjUxNjhjOWZjNjgzYTA0MDFhMGQwYzRkZWJhN2Q4MzkxN2YyYTA4NyJ9; XSRF-TOKEN=eyJpdiI6IlZOeThrTVZQM3JqNTJRTCthZXg0Umc9PSIsInZhbHVlIjoiZHZvaTgxNTk3XC9leWh1NUpYRGxZd2dKM2JWUnltZlluazljMmNGM2gxcTJHbVdzSGVrbWJwcnRCeTQzZWtcL2xRcHZyaytTUGRzM1hnSUVZZmtSWmtiNGFwVmxtXC9BTWE4MHh1UVdtZ0pkOUJNMUZkUEJqc25ZM2FTMWFzbFRZemgiLCJtYWMiOiIxYjE0MTU0MjMxYmU5ZGEzYjYwMjEzMDBmOTQ2Y2Q5MGQ5NGJmMGViNzliZDlhNGZhNWNmZDkxZGIxZDk5NmU4In0%3D; PublishedSiteSession=eyJpdiI6Ik1QakUzMTh4Wlg0VEt3OFlrOVhra1E9PSIsInZhbHVlIjoieFJDaUo2WWt6UjNMbkJ0NmlcL0Q4TDdYVjd6anZ6dlFpN25oQm5QYlwvMGt1c0M5NGJ2UmhTSkNaMGNLZjhLNWIweWRVcnVSR2FkQ2RzTHpvbXh2XC9GeXhwMmFcL1RJVEVSZkZIMlIxb0NvUTFXZFlnTFRvZks2T0F6dTBEdDUrR3Q4IiwibWFjIjoiZWUxZGZhODBiMTU2N2E4YWQwOWM1OTY2MGY4NWI2M2ViOTVjODJjOWI1ZDUwZTRiMWZhMjJiOTdhODBiODRhOCJ9; _snow_ses.15db=*; _snow_id.15db=fba7bce3-3c31-4b99-9021-bfb6f13281d4.1669903507.1.1669903507.1669903507.ac62d6ce-349b-4e86-af75-cde573b3719f; _dd_s=rum=1&id=22a51571-c9fc-42a8-8ecf-fcc2faf39b0f&created=1669903507945&expire=1669904407945
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.40
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Thu, 01 Dec 2022 14:05:10 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu106.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 201
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   201
Md5:    bbf985fd86ef8add09a38860a98def2f
Sha1:   2804fa968da1e1b8be4b6f150438e45f4150d3c0
Sha256: 236153652c6f09415db4ee8f8b9a98827da5987a001a136d94d87f401ef6f160
                                        
                                            GET /uploads/b/9c2a49a0-7123-11ed-87c9-7d0bb1c1c234/icon_180x180_ios_MzEyND.png?width=180 HTTP/1.1 
Host: mail-102366.square.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IlhpWVNCK1VFU3dZQUJBZ1NWeDg4bGc9PSIsInZhbHVlIjoidFVFVEs5dUJXVUpxWFwvMU5HV05cL3d6QjdMS0V0Y2tObGlaVzFLYmZsdlwvV2hpbDc1V3Y3dHpDOHR1WUJtcjdONW9Fb2doN0JrQnJLMVdwYXUyQVwvaGtndjEwSkU5VWlleVgySndqaW1LXC9Ld1kxQ1ZvVHFcL1pqdDRvWVZMeU5RXC9PIiwibWFjIjoiZDJkYWNhMWJmNzQ2ZjdkM2I3MjJkZmYyZjUxNjhjOWZjNjgzYTA0MDFhMGQwYzRkZWJhN2Q4MzkxN2YyYTA4NyJ9; XSRF-TOKEN=eyJpdiI6IlRDeHJXc3F4b2dsR1FGTTY4ZEFjVnc9PSIsInZhbHVlIjoiejVzY0tyd0ZjbTRaSmlFb1RZNkFHaWlmWStmTkhpSFdFd1QzQTltWlhuWEV3dUZxM3kxK2VNd0poNnFONStwRktROUdtTk5VWUhvWmxtY2lncHAyWDB2bERVRDVGUDlPVEhNT2RBdEZORHNQSWZkbU5MXC9qR3VuK2FiTDlUSTdaIiwibWFjIjoiNDVhOGJmNzg0YzBlYjQ4ZTBjMDgwYWY2ZGRkYmQ1NjlhY2Y0ZDcxM2EyYjNmODQ5NzkzM2QyNWExNDI4M2ZkYSJ9; PublishedSiteSession=eyJpdiI6Ik1QakUzMTh4Wlg0VEt3OFlrOVhra1E9PSIsInZhbHVlIjoieFJDaUo2WWt6UjNMbkJ0NmlcL0Q4TDdYVjd6anZ6dlFpN25oQm5QYlwvMGt1c0M5NGJ2UmhTSkNaMGNLZjhLNWIweWRVcnVSR2FkQ2RzTHpvbXh2XC9GeXhwMmFcL1RJVEVSZkZIMlIxb0NvUTFXZFlnTFRvZks2T0F6dTBEdDUrR3Q4IiwibWFjIjoiZWUxZGZhODBiMTU2N2E4YWQwOWM1OTY2MGY4NWI2M2ViOTVjODJjOWI1ZDUwZTRiMWZhMjJiOTdhODBiODRhOCJ9; _snow_ses.15db=*; _snow_id.15db=fba7bce3-3c31-4b99-9021-bfb6f13281d4.1669903507.1.1669903507.1669903507.ac62d6ce-349b-4e86-af75-cde573b3719f; _dd_s=rum=1&id=22a51571-c9fc-42a8-8ecf-fcc2faf39b0f&created=1669903507945&expire=1669904407945; websitespring-xsrf=eyJpdiI6ImgzMTl1SnNra3hrdFhKVmFiSCtqdmc9PSIsInZhbHVlIjoiNmdEREF6a1VuUzR5dGpjUEdaekFmQWNLSFBmelZ6YWpZZ2VwNXZsMmlUUEtSZnRmV2dZdjBURHplcGx3Q0xmd2JEdElCeDBET0ZKN1hxTkdBbm83QnJDeDdxYXJ1eXpsejF4V05sTms5eGhNK25ZXC9PWVIwSFdkUzZrdmpFMzJ4IiwibWFjIjoiMzcwMzZkOTFjMDc0NjlkOGY5MDYzYzMyZjUxNDlhOTVlOWMyODlhODk3ZTVmMjQ1MDNlZmJhZGVkOGUzOTMwNCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.40
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Server: nginx
Date: Thu, 01 Dec 2022 14:05:10 GMT
Content-Length: 518
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "/NRW/OJl8W2TgSieGM/WL+ZBNH/CZCPUH5ES/nMseMU"
Fastly-Io-Info: ifsz=997 idim=180x180 ifmt=png ofsz=518 odim=180x180 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx00000000000003e657cb2-006388569c-c699baa-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: z872d
X-Storage-Object: 872dbba98df3e1b1ab11d131ccf681b29b602f7642c9c0505ae16fba60adae49
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 2839
X-Served-By: cache-sjc10055-SJC, cache-pao17466-PAO
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1669903510.272952,VS0,VE1
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu43.sf2p.intern.weebly.net


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   518
Md5:    68d1bbd6c1e07050909888d10b943914
Sha1:   376e6086d9af1591c874619ee3cd8a9358633560
Sha256: 58105916e24b4469a58a58c174aba7f2d6072c4b408f5f3cb648417fd8341357
                                        
                                            GET /square.ico HTTP/1.1 
Host: mail-102366.square.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IlhpWVNCK1VFU3dZQUJBZ1NWeDg4bGc9PSIsInZhbHVlIjoidFVFVEs5dUJXVUpxWFwvMU5HV05cL3d6QjdMS0V0Y2tObGlaVzFLYmZsdlwvV2hpbDc1V3Y3dHpDOHR1WUJtcjdONW9Fb2doN0JrQnJLMVdwYXUyQVwvaGtndjEwSkU5VWlleVgySndqaW1LXC9Ld1kxQ1ZvVHFcL1pqdDRvWVZMeU5RXC9PIiwibWFjIjoiZDJkYWNhMWJmNzQ2ZjdkM2I3MjJkZmYyZjUxNjhjOWZjNjgzYTA0MDFhMGQwYzRkZWJhN2Q4MzkxN2YyYTA4NyJ9; XSRF-TOKEN=eyJpdiI6IlRDeHJXc3F4b2dsR1FGTTY4ZEFjVnc9PSIsInZhbHVlIjoiejVzY0tyd0ZjbTRaSmlFb1RZNkFHaWlmWStmTkhpSFdFd1QzQTltWlhuWEV3dUZxM3kxK2VNd0poNnFONStwRktROUdtTk5VWUhvWmxtY2lncHAyWDB2bERVRDVGUDlPVEhNT2RBdEZORHNQSWZkbU5MXC9qR3VuK2FiTDlUSTdaIiwibWFjIjoiNDVhOGJmNzg0YzBlYjQ4ZTBjMDgwYWY2ZGRkYmQ1NjlhY2Y0ZDcxM2EyYjNmODQ5NzkzM2QyNWExNDI4M2ZkYSJ9; PublishedSiteSession=eyJpdiI6Ik1QakUzMTh4Wlg0VEt3OFlrOVhra1E9PSIsInZhbHVlIjoieFJDaUo2WWt6UjNMbkJ0NmlcL0Q4TDdYVjd6anZ6dlFpN25oQm5QYlwvMGt1c0M5NGJ2UmhTSkNaMGNLZjhLNWIweWRVcnVSR2FkQ2RzTHpvbXh2XC9GeXhwMmFcL1RJVEVSZkZIMlIxb0NvUTFXZFlnTFRvZks2T0F6dTBEdDUrR3Q4IiwibWFjIjoiZWUxZGZhODBiMTU2N2E4YWQwOWM1OTY2MGY4NWI2M2ViOTVjODJjOWI1ZDUwZTRiMWZhMjJiOTdhODBiODRhOCJ9; _snow_ses.15db=*; _snow_id.15db=fba7bce3-3c31-4b99-9021-bfb6f13281d4.1669903507.1.1669903507.1669903507.ac62d6ce-349b-4e86-af75-cde573b3719f; _dd_s=rum=1&id=22a51571-c9fc-42a8-8ecf-fcc2faf39b0f&created=1669903507945&expire=1669904407945; websitespring-xsrf=eyJpdiI6ImgzMTl1SnNra3hrdFhKVmFiSCtqdmc9PSIsInZhbHVlIjoiNmdEREF6a1VuUzR5dGpjUEdaekFmQWNLSFBmelZ6YWpZZ2VwNXZsMmlUUEtSZnRmV2dZdjBURHplcGx3Q0xmd2JEdElCeDBET0ZKN1hxTkdBbm83QnJDeDdxYXJ1eXpsejF4V05sTms5eGhNK25ZXC9PWVIwSFdkUzZrdmpFMzJ4IiwibWFjIjoiMzcwMzZkOTFjMDc0NjlkOGY5MDYzYzMyZjUxNDlhOTVlOWMyODlhODk3ZTVmMjQ1MDNlZmJhZGVkOGUzOTMwNCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.40
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Thu, 01 Dec 2022 14:05:10 GMT
Content-Length: 6518
Connection: keep-alive
Last-Modified: Tue, 02 Apr 2019 14:51:59 GMT
x-rgw-object-type: Normal
ETag: "d810985ef4dc1c0bd5811e36d13c8ca3"
x-amz-request-id: tx000000000000001aa728b-00628473fa-b9fbc7f-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn150.sf2p.intern.weebly.net
X-Revision: 816ece5f6932666fedb5f058fa3c5c7398fbad59
X-Request-ID: 3a360ae5bf740bbb3b0ac54d0571de41


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   6518
Md5:    d810985ef4dc1c0bd5811e36d13c8ca3
Sha1:   2b45bb77c68c937af6a2d9854dc82301526473aa
Sha256: 770e0889aefd823056c7cdbb066a445be0f0754c1b4d4cba877e120fdbcb63e6

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - fortinet: Phishing
                                        
                                            GET /app/website/static/fonts/Square%20Market/Square%20Market.css HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: nginx
last-modified: Tue, 17 Sep 2019 17:09:50 GMT
x-rgw-object-type: Normal
etag: W/"a7ddbe9e253a4f3a9c6de33cf4f3ce60"
x-amz-request-id: tx00000000000000b7d07bc-00626682c3-4d6022f-las
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: dac0242964acdc08ef6cc16c666026a58a1e15a5
x-request-id: 118bb1c1a071abd6cc161598c41b7f5d
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 34094
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 3
x-timer: S1669903510.375312,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 393
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   393
Md5:    f0935782737336d7aedae7e9534d27be
Sha1:   34b49a0ffcd13e03ca2d1303d5a71773e2282362
Sha256: 728ed2ef57525be9b9a8541ffe47f7600ba08e3ce0646afce5b49736692f7745
                                        
                                            GET /app/website/js/26162.90f68a9abd992e8b4683.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Tue, 29 Nov 2022 21:38:49 GMT
x-rgw-object-type: Normal
etag: W/"67004d3a05a3a2977cfdde3df90a74d4"
x-amz-request-id: tx00000000000003c6d148d-0063867c4f-c67eadd-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/26162.90f68a9abd992e8b4683.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 4d369cb9c41c252f23e2aa636267be82d5b77eb6
x-request-id: fe8aa3e98445492152822a5bfc39c407
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 145447
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1669903510.420436,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6274
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11931)
Size:   6274
Md5:    b6fa2e6e7f0257eab91c7beea0130f0f
Sha1:   3d1d3dbf19fe1f51c0fee1169eb1464b2a246cec
Sha256: f0ef82909b1a054d0c303359b0f48f0a69562b841a34f52fb2a588ff672e432b
                                        
                                            GET /app/website/js/40846.a57e3a8ee8e6235cd269.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Mon, 24 Oct 2022 20:40:17 GMT
x-rgw-object-type: Normal
etag: W/"630e018251d928d196cae2e328d36580"
x-amz-request-id: tx000000000000020d04606-006356f890-c696eea-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/40846.a57e3a8ee8e6235cd269.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 816ece5f6932666fedb5f058fa3c5c7398fbad59
x-request-id: e398ee3234afd0beaa5bbf3a1cedd7bc
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 48972
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 5
x-timer: S1669903510.420613,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3900
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10135)
Size:   3900
Md5:    4d5cf35f7af8bfb5855046d65613fdee
Sha1:   417edcc5f6806145e469e623640b80d78e4808e6
Sha256: 8ae35387968d088b0cc9c2c264f236a366b0d7cbf6134450acf18286048a4a4d
                                        
                                            GET /app/website/js/63481.9f2a08c61dcc257bd389.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Wed, 09 Nov 2022 19:52:55 GMT
x-rgw-object-type: Normal
etag: W/"b773ff7aca17244eeda3a411d655f7bd"
x-amz-request-id: tx00000000000002dd11338-00636c0570-c699baa-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/63481.9f2a08c61dcc257bd389.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 1d85258c5aa1728bc8de03dfdc70889024ddd45f
x-request-id: ad585728d2ef8c4bbbefc1b5932698d4
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 1329634
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 6
x-timer: S1669903510.421988,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6555
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5948)
Size:   6555
Md5:    4b70b28df1cdfd54a94dd5e2815edf48
Sha1:   c5d8877126944e73243ada9d3e487b5481d3d4ef
Sha256: b24d8b86be7a5624be1915e7401f32ca550a6c0bdaf9db4e68be2afe9cf5a76c
                                        
                                            GET /app/website/css/navigation-mobile.5139ec64376ef8e555e7.css HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: nginx
last-modified: Tue, 29 Nov 2022 21:38:48 GMT
x-rgw-object-type: Normal
etag: W/"b0f93023652e9793b493efac86f823a6"
x-amz-request-id: tx00000000000003d512436-0063867c52-c699baa-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 4d369cb9c41c252f23e2aa636267be82d5b77eb6
x-request-id: cf40906dfdad1448e32c6016b4b9308b
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 145447
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1669903510.423730,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5435
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (20743), with no line terminators
Size:   5435
Md5:    9aea8744f605c8fce63afe6b6783318d
Sha1:   d921c30ce0d907f4b7a4347705ed82c33dd1cdff
Sha256: 218440833526f0d854c1c56c8b14a61ff55095334a0abb3f729a197cb8a3cda8
                                        
                                            GET /app/website/js/navigation-mobile.3893084659d8a815334b.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Tue, 29 Nov 2022 21:38:51 GMT
x-rgw-object-type: Normal
etag: W/"9a86b2edf926d1befe04e4366231aa5d"
x-amz-request-id: tx00000000000003d481e15-0063867c4d-c669cc6-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/navigation-mobile.3893084659d8a815334b.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: d3bfc3a9eea8d709f5cc8d078458489ccb39c0a3
x-request-id: 40fd9f8d6d967ddae4dac16a26f08e78
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 145447
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1669903510.424693,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11817
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15388)
Size:   11817
Md5:    0d15ee637abef53d58a6baa383ce957d
Sha1:   bf820bd86e07e6e1722aa8d662d09e14d27c02de
Sha256: 1ab727d1fec6d1fbad4f0095b64eb04de0e476cc240222a281ada2cffd693ac1
                                        
                                            GET /app/website/js/89814.ff25f67b0138fde97cc6.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Tue, 29 Nov 2022 21:38:50 GMT
x-rgw-object-type: Normal
etag: W/"5fbff16a152d8c9d199d8b176a9291cc"
x-amz-request-id: tx00000000000003c4310fa-0063867c4e-c6aed46-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/89814.ff25f67b0138fde97cc6.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 816ece5f6932666fedb5f058fa3c5c7398fbad59
x-request-id: 2701c3c00a4163368cd571108aa03d49
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 43607
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1669903510.427718,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4347
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14076)
Size:   4347
Md5:    574967a8bc3f84b2527a0a07bb97978a
Sha1:   d87bb8e963065e0f789fe01b8426397118a3d66e
Sha256: 585dfe9d74213b00cf532ab9d457e3f5afcc0c3df23a14788a848ec195cb97e7
                                        
                                            GET /app/website/css/4075.ef07cdfea37a7c5694b0.css HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: nginx
last-modified: Tue, 29 Nov 2022 21:38:46 GMT
x-rgw-object-type: Normal
etag: W/"4cedb9274adcc9fdb3e7169cf1187e66"
x-amz-request-id: tx00000000000003c431060-0063867c4d-c6aed46-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 816ece5f6932666fedb5f058fa3c5c7398fbad59
x-request-id: 5082e0462af3ca2126639bed157bce6b
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 37193
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 6
x-timer: S1669903510.428930,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4970
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (19962), with no line terminators
Size:   4970
Md5:    76e7af69880d9f18a24b30db1f68e39b
Sha1:   56e9b4a8836aa3124b31a73ebfecc1397e0455da
Sha256: 1def53e7519ed8fd0a4485634121fa645bbfed351e0561ce21b7b829302f4952
                                        
                                            GET /app/website/js/68058.667179a6426733f44ef7.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Tue, 29 Nov 2022 21:38:49 GMT
x-rgw-object-type: Normal
etag: W/"cdb26c637153ee5f034bb3b3ea992ab8"
x-amz-request-id: tx00000000000003d8e84f7-0063867c58-c695612-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/68058.667179a6426733f44ef7.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 4d369cb9c41c252f23e2aa636267be82d5b77eb6
x-request-id: f99a376c152d77677a65cec2b31c6d12
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 145447
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1669903510.430036,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4573
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12452)
Size:   4573
Md5:    66a99c147af4d5586e1a71452d0dc536
Sha1:   b4a474ad2dda462f9d8d55f3b7fd468eac30685e
Sha256: 8982688a48ecd55e031943ea8a4c91f1a71bdd1336a5f856c01d3c6acd20164f
                                        
                                            GET /app/website/js/40691.25f23dc77cbbcc17e2f9.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Tue, 29 Nov 2022 21:38:49 GMT
x-rgw-object-type: Normal
etag: W/"dbc629f4a0553832450f4dfe2f26fd48"
x-amz-request-id: tx00000000000003c6d15f7-0063867c50-c67eadd-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/40691.25f23dc77cbbcc17e2f9.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: d3bfc3a9eea8d709f5cc8d078458489ccb39c0a3
x-request-id: 40b310ba09d076778e58ab31ce0ccffe
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 145447
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1669903510.430906,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12380
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27698)
Size:   12380
Md5:    dd5fb6540d119ccb00e706170f37aa90
Sha1:   40bb4d3f762d2316af20363c8e494754c1675fc8
Sha256: 7a807115f81fbb947675f8de3fa626848212573a2013a741300c976e2d6e59b6
                                        
                                            GET /app/website/js/51710.aa1ab5e887c56ecc8cd6.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Thu, 27 Oct 2022 18:30:35 GMT
x-rgw-object-type: Normal
etag: W/"c990a626dbce9180c84bbc38211edfb4"
x-amz-request-id: tx0000000000000231e0a6c-00635aceb5-c699baa-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/51710.aa1ab5e887c56ecc8cd6.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 0d7c90f30a41bca94e63fc158c5c3545c658bddc
x-request-id: 78f691eab3cd0501a1d9e856f7e9fe22
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 2556695
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 5
x-timer: S1669903510.431745,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5069
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7190)
Size:   5069
Md5:    7f03d73c021430a5d43ae95d8e30503d
Sha1:   db4a01cadb497865b3bfa13effdb2fcf76f06ae4
Sha256: 9bffb3bef9dc704b93cbf7d7c5af3ac410e15ca5fb80b3b2fd4dabd5698c32e6
                                        
                                            GET /app/website/css/cart-1.37240d5f57b98cf5ad1b.css HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: nginx
last-modified: Tue, 29 Nov 2022 21:38:47 GMT
x-rgw-object-type: Normal
etag: W/"20fa7e55fc4ce300820624cbb03ce0a0"
x-amz-request-id: tx00000000000003d51262d-0063867c54-c699baa-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 816ece5f6932666fedb5f058fa3c5c7398fbad59
x-request-id: 287a2ff69820d43e7fae8395b7bcbb7e
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 48972
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1669903510.436305,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7181
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (26605), with no line terminators
Size:   7181
Md5:    333a17ad8d794f977e855e278b9d8f2c
Sha1:   5dec1dde34716b94321175bffe646fd40de44a0a
Sha256: 81a27021c2d643ab024dbeb486d2db496b5229c792a03af897188d51cc20f799
                                        
                                            GET /app/website/js/cart-1.947366d591b201d731ec.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Wed, 30 Nov 2022 00:27:54 GMT
x-rgw-object-type: Normal
etag: W/"cf5ba7892abe6b3e5426be9ba396d514"
x-amz-request-id: tx00000000000003d6b855e-006386a3f1-c699baa-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/cart-1.947366d591b201d731ec.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: c44581c509cfdc3a59d66173b99fdedf4b73a44c
x-request-id: 0e73fa36281c7bcfaa72af7747836a0e
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 135203
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 7
x-timer: S1669903510.436281,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 37427
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21203)
Size:   37427
Md5:    7c3e32cc491e88a459ab6c1db9d1f832
Sha1:   7a8c211c95c4372b615ba758bb9e98097b04ae82
Sha256: a24428bf21285631d9d7bb68e8412f9a71f3167769bef1f19590f800ae5b294a
                                        
                                            GET /app/website/js/87175.508dd11fafb4ac1ec873.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Tue, 29 Nov 2022 21:38:50 GMT
x-rgw-object-type: Normal
etag: W/"26e6f99096521969f556adfd1f695600"
x-amz-request-id: tx00000000000003d4820c5-0063867c51-c669cc6-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/87175.508dd11fafb4ac1ec873.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 4d369cb9c41c252f23e2aa636267be82d5b77eb6
x-request-id: 2043c8dcff1d9e7467ef1a7079572530
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 145447
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1669903510.447496,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5878
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8586)
Size:   5878
Md5:    55be9acc30c7b0edd8e70c26322decc7
Sha1:   5d3b300576df89a4c97334c2d27d4e5e5cba3192
Sha256: a0315ca081db624ebbe32935c65eed2a9b66787e546b94de09a704b2a4b574c0
                                        
                                            GET /app/website/js/2348.c110a114ffc146d7b153.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Tue, 29 Nov 2022 21:38:49 GMT
x-rgw-object-type: Normal
etag: W/"a992d85a1c455595b692cbf0677af527"
x-amz-request-id: tx00000000000003d338249-0063867c5c-c696eea-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/2348.c110a114ffc146d7b153.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 4d369cb9c41c252f23e2aa636267be82d5b77eb6
x-request-id: f1a78461d93dc68f678b6eb9a4e645f5
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 145447
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1669903510.450102,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9678
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (23747)
Size:   9678
Md5:    6462a7b740986a49b85b4313d00c2a1e
Sha1:   9c16624c66fed954ae7aa6a4ddf2bf286a6efa54
Sha256: 010f6d661c715cf199759c38ed581533599601ae56ad0a82054a0846f24170df
                                        
                                            GET /app/website/css/header-3.c975f74e599a9d33012b.css HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: nginx
last-modified: Tue, 29 Nov 2022 21:38:47 GMT
x-rgw-object-type: Normal
etag: W/"7086b8024625dd95fddfa7e27b288488"
x-amz-request-id: tx00000000000003c6d16dc-0063867c52-c67eadd-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 816ece5f6932666fedb5f058fa3c5c7398fbad59
x-request-id: 284c0892a00ce5ea322f81ac665adced
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 43383
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1669903510.484725,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6307
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (24062), with no line terminators
Size:   6307
Md5:    7c3567730be04a82e1c2b2e9634e131f
Sha1:   afe062f729c58f7329930d087b145d5a99304c77
Sha256: 61bae0f610327957cb1bef51a4df8a88a3ae94ad3f9eab562e6005c75d0cb557
                                        
                                            POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 2429
Origin: https://mail-102366.square.site
Connection: keep-alive
Referer: https://mail-102366.square.site/
Cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         44.232.247.128
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
date: Thu, 01 Dec 2022 14:05:10 GMT
content-length: 2
server: nginx
set-cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c; Expires=Fri, 01 Dec 2023 14:05:10 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://mail-102366.square.site
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            GET /app/website/js/header-3.789e327aca09505bbfaa.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Wed, 30 Nov 2022 00:27:54 GMT
x-rgw-object-type: Normal
etag: W/"8036c809c205e4058fbb7cb7a1182259"
x-amz-request-id: tx00000000000003c87ba5d-006386a3f9-c67eadd-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/header-3.789e327aca09505bbfaa.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: c44581c509cfdc3a59d66173b99fdedf4b73a44c
x-request-id: 73e8e65a8dcf66d0e32d5617130adb51
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 135045
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1669903511.512764,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30734
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15142)
Size:   30734
Md5:    98e559e74778d08fc19da5de5281767c
Sha1:   462cb7ac3b26683fee35443a86bb4b5e55573968
Sha256: 4fb6b741977189f82051e29efd6039719eff75332919005f2466c740881f200c
                                        
                                            GET /app/website/js/15259.402801be5fca5ae67012.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Tue, 29 Nov 2022 21:38:49 GMT
x-rgw-object-type: Normal
etag: W/"8e8012f51a76c3a9875803c77a5ad66f"
x-amz-request-id: tx00000000000003d8e7ef4-0063867c50-c695612-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/15259.402801be5fca5ae67012.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 4d369cb9c41c252f23e2aa636267be82d5b77eb6
x-request-id: f1df0b8e9a00630009bb528155bb9533
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 145447
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 6
x-timer: S1669903511.523946,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1811
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4114)
Size:   1811
Md5:    62dd5821ecf55f387f235b5a781383d1
Sha1:   376eb42416e9611992843a56e045b243e3f4b0e5
Sha256: ddb88d175fd2a97358a46dea9ac2647ca9711c40a022b0c371b3f612c61c103c
                                        
                                            GET /app/website/css/58097.b2894027f49aeadfd36d.css HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: nginx
last-modified: Tue, 29 Nov 2022 21:38:46 GMT
x-rgw-object-type: Normal
etag: W/"0417d4db5a00aac0bb3b84b852832084"
x-amz-request-id: tx00000000000003d8e7ecb-0063867c50-c695612-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: d3bfc3a9eea8d709f5cc8d078458489ccb39c0a3
x-request-id: 9010fb3a10a8acad1daa845dd58bfa94
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 145447
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 6
x-timer: S1669903511.524840,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4336
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (19023), with no line terminators
Size:   4336
Md5:    aa2d74fabc010dc94415ad5b706339e6
Sha1:   5e3c2c0938875b63d8a4de3d1269afdc0963877f
Sha256: 49d20c9435754c0d014819f3fe47feb406b47226c1acf4ae43876ba188bdc628
                                        
                                            GET /app/website/js/58097.84fa5116d1825292a5d2.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Tue, 29 Nov 2022 21:38:49 GMT
x-rgw-object-type: Normal
etag: W/"f3011fd948974c3dd2590ab80f8ca151"
x-amz-request-id: tx00000000000003d8e80a7-0063867c52-c695612-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/58097.84fa5116d1825292a5d2.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 4d369cb9c41c252f23e2aa636267be82d5b77eb6
x-request-id: 22adca1f2d0652616080421ad42a0ee5
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 145447
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1669903511.530599,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10831
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19882)
Size:   10831
Md5:    40cdf1d40d3feb4e0ef8fe7dd27cdea0
Sha1:   cc69dde5b17c81d144ce7d29e6955c16a70adf76
Sha256: 7f1232bcb502cb32e3117fc80339fa88f4441ca0edd751b08a7840a64f37a844
                                        
                                            GET /app/website/js/86433.b17b97f6b33453fa2bf2.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Wed, 09 Nov 2022 21:23:12 GMT
x-rgw-object-type: Normal
etag: W/"a7a3e67f72192489d3821b78f0356a48"
x-amz-request-id: tx00000000000002ce4daf9-00636c1aa4-c6aed46-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/86433.b17b97f6b33453fa2bf2.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 09db0b9815d1fe8dac449ecc2a7da2c932739637
x-request-id: f14f95d79d64f3abe8f63e6592127b75
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 1874408
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 5
x-timer: S1669903511.531272,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12416
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14371)
Size:   12416
Md5:    6b9c177e503fca8fe708c2e29831d1ac
Sha1:   efb3b77ce4d300e0b1d926c091b595c5c6b98da7
Sha256: e060b44158b1da81cf3d6f22a9d9838827cea02bc9785c6ce2dd96fb2cd01f90
                                        
                                            GET /app/website/js/65125.8a5e3ab270e0ed869187.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Wed, 09 Nov 2022 19:52:55 GMT
x-rgw-object-type: Normal
etag: W/"a26f548e123aa35a8f80109396fe1d88"
x-amz-request-id: tx00000000000003c433071-0063867c74-c6aed46-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/65125.8a5e3ab270e0ed869187.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: d3bfc3a9eea8d709f5cc8d078458489ccb39c0a3
x-request-id: 8bda8240de6bb04e7185ec63eb53a430
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 145328
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669903511.532266,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5993
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6042)
Size:   5993
Md5:    8aa797358c17e8a88789b8b6c54aa8f7
Sha1:   385283fc2c904334f42232eedae89c1b7ef5fc1e
Sha256: 0dec8a1a6dfb6399031e8dce920f1ad4ba32a25ba2eecde58e4ad041df170133
                                        
                                            GET /app/website/css/contact-us-1.04308c6d0274c8eec2ea.css HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: nginx
last-modified: Tue, 29 Nov 2022 21:38:47 GMT
x-rgw-object-type: Normal
etag: W/"62e4dbf984ffe50c03b74ba172868909"
x-amz-request-id: tx00000000000003d8e8452-0063867c57-c695612-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: d3bfc3a9eea8d709f5cc8d078458489ccb39c0a3
x-request-id: 8bd28e297008a0b4912da7173de89718
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 145329
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1669903511.533938,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1735
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5436), with no line terminators
Size:   1735
Md5:    8081362dce04e69b40e6e64fb13f0a69
Sha1:   a02e9fc5eb5e1d1a2f9c780551dca0d6fcc649fb
Sha256: fd0fb81807bc78a0af4751472332787e11cd37df27dfdd9f1da26858833e6063
                                        
                                            GET /app/website/js/84617.57a4a22d50d97ef68388.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Wed, 09 Nov 2022 19:52:56 GMT
x-rgw-object-type: Normal
etag: W/"7b5b131b4e69152821ff5a4fe2022617"
x-amz-request-id: tx00000000000003c43148d-0063867c53-c6aed46-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/84617.57a4a22d50d97ef68388.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 4d369cb9c41c252f23e2aa636267be82d5b77eb6
x-request-id: 71e727baccbe8c15f2b2e7bd0beec0a1
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 145448
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1669903511.548651,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3672
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6759)
Size:   3672
Md5:    6b5da97afeba2c0ab16c7e39543950fd
Sha1:   53f7c2e7fc445215156c64ed412140082d6a0eff
Sha256: 1a36470dadf694029f0bbb1f8d84944bca202c20efab2cfa3a78889a3bc0dc8b
                                        
                                            GET /app/website/js/9918.0e76939342cd73ff8659.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Thu, 17 Nov 2022 16:52:48 GMT
x-rgw-object-type: Normal
etag: W/"8f8c383cf0d0c9f4039f4e1ecc06c8ab"
x-amz-request-id: tx000000000000034627a04-0063766751-c695612-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/9918.0e76939342cd73ff8659.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: b71ae12a0ae22ce8f9c838c55a8daf2fe3e2d773
x-request-id: a8706da67a3878ee550992336c221c31
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 1199372
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1669903511.548813,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11621
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11873)
Size:   11621
Md5:    36b8c7f251ffc86c98201607cf6d5177
Sha1:   fc9b5b2d1c229c26f041d0ec036fcf12c7854819
Sha256: 2a67b5c2a11b6a62e47cc5ec51d4f6dc5f972c78487973fd86ac7521dabb167b
                                        
                                            GET /app/website/js/contact-us-1.d29a1c0719d9da0dc41f.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Mon, 24 Oct 2022 20:40:18 GMT
x-rgw-object-type: Normal
etag: W/"9ce8c2632e7b61c895e304a0bbbb31d0"
x-amz-request-id: tx000000000000020dd10ff-006356f8ae-c699baa-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/contact-us-1.d29a1c0719d9da0dc41f.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: b71ae12a0ae22ce8f9c838c55a8daf2fe3e2d773
x-request-id: 3c5ae2024712fa737b9e7eae5191c10c
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 1259312
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669903511.548467,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 791
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1638)
Size:   791
Md5:    2d80e865f1df71512989f924d9ab5d3d
Sha1:   9e22b7838107f1acef9a37f275a6b06d3095e74e
Sha256: 9be7dd653b0a42289e2c949d4bb0a1011d78f8b777af26538343baa9d204ccd1
                                        
                                            GET /app/website/css/footer-7.512f37d49618d4a21b87.css HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: nginx
last-modified: Tue, 29 Nov 2022 21:38:47 GMT
x-rgw-object-type: Normal
etag: W/"ec71e757a21ed005dfada016b6fa2f2c"
x-amz-request-id: tx00000000000003d5121ed-0063867c4f-c699baa-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: d3bfc3a9eea8d709f5cc8d078458489ccb39c0a3
x-request-id: f9f6d6664ec9936bcd9c397b0bcf9fad
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 145329
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1669903511.550594,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3576
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12648), with no line terminators
Size:   3576
Md5:    1248f34a96f5f4b21da883a21e791b3d
Sha1:   b3291fad39ef94590311714651cd1d31a8b8a937
Sha256: da952be2c00b2e9818666da5b3d089edf97400eab0e07b3de8c8880db433171a
                                        
                                            GET /app/website/js/footer-7.37a241c2947cefd03bfc.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Mon, 24 Oct 2022 20:40:19 GMT
x-rgw-object-type: Normal
etag: W/"ad9430fe5f7a13045db57a3384fef3ad"
x-amz-request-id: tx00000000000002109af8e-006356f895-c695612-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/footer-7.37a241c2947cefd03bfc.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: a8d88e993a93bd9817ee7244258c4bc5ea4f8cc7
x-request-id: 2483587321d6c3c3b05fb518119244d7
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 1345809
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1669903511.550850,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1292
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4862)
Size:   1292
Md5:    b16de8bcc4be647d8028328eea812192
Sha1:   471722048d6dbac50b8873f78380775719d7097a
Sha256: f13bf8606f8bd4d12a8115b70de70ea75edbd401bd25db7560542cf88668e8b5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1144
Cache-Control: max-age=150642
Date: Thu, 01 Dec 2022 14:05:10 GMT
Etag: "63885990-1d7"
Expires: Sat, 03 Dec 2022 07:55:52 GMT
Last-Modified: Thu, 01 Dec 2022 07:36:48 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /app/website/css/free-footer.86d148e5cb2be7f08d49.css HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: nginx
last-modified: Thu, 14 Jul 2022 19:54:09 GMT
x-rgw-object-type: Normal
etag: W/"607e0fd2b514ffdc06c62b1eb1bc428b"
x-amz-request-id: tx00000000000003106c3ab-006372be75-c6aed46-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: dc3e8c554bdd1a0853a3631849a999d1346b5f4d
x-request-id: 72cbe81acfb270119614b8c0a550566a
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 1421122
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 3
x-timer: S1669903511.724301,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 351
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (626), with no line terminators
Size:   351
Md5:    ee20922f55875dd45d7acae546cadedc
Sha1:   491672dcd84153d29c9e2346e0f78d1fef5e729d
Sha256: 6594eb11c5c147a510920933dbd3177b6678ce61f0bdc38a6377761534792336
                                        
                                            GET /app/website/js/free-footer.15aead6eeba7d5c05788.js HTTP/1.1 
Host: cdn3.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.193.46
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
last-modified: Thu, 17 Nov 2022 16:52:48 GMT
x-rgw-object-type: Normal
etag: W/"4bf2d5346ca6cfcf2337aeea4e0f43ff"
x-amz-request-id: tx00000000000003c518db2-0063865978-c67eadd-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/free-footer.15aead6eeba7d5c05788.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 4d369cb9c41c252f23e2aa636267be82d5b77eb6
x-request-id: 10448b87d6d257df19c44bc14b21a181
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Thu, 01 Dec 2022 14:05:10 GMT
via: 1.1 varnish
age: 153781
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1669903511.725557,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3226
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7460)
Size:   3226
Md5:    76d8ec5e01e8b74adae27eaaf5cde45d
Sha1:   23af3dbc6657ff5fb675609bfe6a39386fa72b1e
Sha256: 6daa6563cd9c314a08051e8cb9dbc226ca59bd3a44df3bba650f474783cf8804
                                        
                                            POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1887
Origin: https://mail-102366.square.site
Connection: keep-alive
Referer: https://mail-102366.square.site/
Cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         44.232.247.128
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
date: Thu, 01 Dec 2022 14:05:10 GMT
content-length: 2
server: nginx
set-cookie: sp=f0bca798-7201-43a3-93d7-b31b13a96a7c; Expires=Fri, 01 Dec 2023 14:05:10 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://mail-102366.square.site
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-816ece5&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=1510b2c2-fcb5-441e-b226-1fbfe8ccc8f6&batch_time=1669903509260 HTTP/1.1 
Host: rum.browser-intake-datadoghq.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 16165
Origin: https://mail-102366.square.site
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         3.233.155.111
HTTP/2 202 Accepted
content-type: application/json
                                        
date: Thu, 01 Dec 2022 14:05:10 GMT
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   53
Md5:    9d21f15887fd164200413b27207ce2d7
Sha1:   b6660def00d279123d56a4434d7201082e7953c3
Sha256: f3774ec730ea76451d4740c327e331ea25f26169cf6ff6180975090f6e88b1df
                                        
                                            POST /api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.21.2%2Cenv%3Aproduction%2Cservice%3Asquare-online-buyer-journey%2Cversion%3Aprime-816ece5&dd-api-key=pubc0f9d721a4f01e74b0453dd99e44a542&dd-evp-origin-version=4.21.2&dd-evp-origin=browser&dd-request-id=08f05b3e-f80c-4f40-845d-5575512a8d56&batch_time=1669903508974 HTTP/1.1 
Host: rum.browser-intake-datadoghq.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 16108
Origin: https://mail-102366.square.site
Connection: keep-alive
Referer: https://mail-102366.square.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         3.233.155.111
HTTP/2 202 Accepted
content-type: application/json
                                        
date: Thu, 01 Dec 2022 14:05:11 GMT
content-length: 53
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=15724800;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   53
Md5:    e0fef937139b6f714deef24b5dad309b
Sha1:   65a0cbc27ed8b31e2fe01aedc8940ac7223a66e1
Sha256: 0d5050b9e1c635adfc56772d9a2423f34955a3b88de89391f6668a956b719368
                                        
                                            POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder] HTTP/1.1 
Host: mail-102366.square.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6IlRDeHJXc3F4b2dsR1FGTTY4ZEFjVnc9PSIsInZhbHVlIjoiejVzY0tyd0ZjbTRaSmlFb1RZNkFHaWlmWStmTkhpSFdFd1QzQTltWlhuWEV3dUZxM3kxK2VNd0poNnFONStwRktROUdtTk5VWUhvWmxtY2lncHAyWDB2bERVRDVGUDlPVEhNT2RBdEZORHNQSWZkbU5MXC9qR3VuK2FiTDlUSTdaIiwibWFjIjoiNDVhOGJmNzg0YzBlYjQ4ZTBjMDgwYWY2ZGRkYmQ1NjlhY2Y0ZDcxM2EyYjNmODQ5NzkzM2QyNWExNDI4M2ZkYSJ9
Content-Length: 89
Origin: https://mail-102366.square.site
Connection: keep-alive
Referer: https://mail-102366.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IlhpWVNCK1VFU3dZQUJBZ1NWeDg4bGc9PSIsInZhbHVlIjoidFVFVEs5dUJXVUpxWFwvMU5HV05cL3d6QjdMS0V0Y2tObGlaVzFLYmZsdlwvV2hpbDc1V3Y3dHpDOHR1WUJtcjdONW9Fb2doN0JrQnJLMVdwYXUyQVwvaGtndjEwSkU5VWlleVgySndqaW1LXC9Ld1kxQ1ZvVHFcL1pqdDRvWVZMeU5RXC9PIiwibWFjIjoiZDJkYWNhMWJmNzQ2ZjdkM2I3MjJkZmYyZjUxNjhjOWZjNjgzYTA0MDFhMGQwYzRkZWJhN2Q4MzkxN2YyYTA4NyJ9; XSRF-TOKEN=eyJpdiI6IlRDeHJXc3F4b2dsR1FGTTY4ZEFjVnc9PSIsInZhbHVlIjoiejVzY0tyd0ZjbTRaSmlFb1RZNkFHaWlmWStmTkhpSFdFd1QzQTltWlhuWEV3dUZxM3kxK2VNd0poNnFONStwRktROUdtTk5VWUhvWmxtY2lncHAyWDB2bERVRDVGUDlPVEhNT2RBdEZORHNQSWZkbU5MXC9qR3VuK2FiTDlUSTdaIiwibWFjIjoiNDVhOGJmNzg0YzBlYjQ4ZTBjMDgwYWY2ZGRkYmQ1NjlhY2Y0ZDcxM2EyYjNmODQ5NzkzM2QyNWExNDI4M2ZkYSJ9; PublishedSiteSession=eyJpdiI6Ik1QakUzMTh4Wlg0VEt3OFlrOVhra1E9PSIsInZhbHVlIjoieFJDaUo2WWt6UjNMbkJ0NmlcL0Q4TDdYVjd6anZ6dlFpN25oQm5QYlwvMGt1c0M5NGJ2UmhTSkNaMGNLZjhLNWIweWRVcnVSR2FkQ2RzTHpvbXh2XC9GeXhwMmFcL1RJVEVSZkZIMlIxb0NvUTFXZFlnTFRvZks2T0F6dTBEdDUrR3Q4IiwibWFjIjoiZWUxZGZhODBiMTU2N2E4YWQwOWM1OTY2MGY4NWI2M2ViOTVjODJjOWI1ZDUwZTRiMWZhMjJiOTdhODBiODRhOCJ9; _snow_ses.15db=*; _snow_id.15db=fba7bce3-3c31-4b99-9021-bfb6f13281d4.1669903507.1.1669903509.1669903507.ac62d6ce-349b-4e86-af75-cde573b3719f; _dd_s=rum=1&id=22a51571-c9fc-42a8-8ecf-fcc2faf39b0f&created=1669903507945&expire=1669904407945; websitespring-xsrf=eyJpdiI6ImgzMTl1SnNra3hrdFhKVmFiSCtqdmc9PSIsInZhbHVlIjoiNmdEREF6a1VuUzR5dGpjUEdaekFmQWNLSFBmelZ6YWpZZ2VwNXZsMmlUUEtSZnRmV2dZdjBURHplcGx3Q0xmd2JEdElCeDBET0ZKN1hxTkdBbm83QnJDeDdxYXJ1eXpsejF4V05sTms5eGhNK25ZXC9PWVIwSFdkUzZrdmpFMzJ4IiwibWFjIjoiMzcwMzZkOTFjMDc0NjlkOGY5MDYzYzMyZjUxNDlhOTVlOWMyODlhODk3ZTVmMjQ1MDNlZmJhZGVkOGUzOTMwNCJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.40
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Thu, 01 Dec 2022 14:05:10 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu82.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 182
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   182
Md5:    6f6b6b81dd3714cd388808342e960a10
Sha1:   f34bc92a2c7a4dfe56bd6f069ad601e6a61e3b61
Sha256: 2eb22bb7b96aaee11236fcf99e822ede29d3a2ddf2d6f019bb70005b5a1540ef
                                        
                                            POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable] HTTP/1.1 
Host: mail-102366.square.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6IlRDeHJXc3F4b2dsR1FGTTY4ZEFjVnc9PSIsInZhbHVlIjoiejVzY0tyd0ZjbTRaSmlFb1RZNkFHaWlmWStmTkhpSFdFd1QzQTltWlhuWEV3dUZxM3kxK2VNd0poNnFONStwRktROUdtTk5VWUhvWmxtY2lncHAyWDB2bERVRDVGUDlPVEhNT2RBdEZORHNQSWZkbU5MXC9qR3VuK2FiTDlUSTdaIiwibWFjIjoiNDVhOGJmNzg0YzBlYjQ4ZTBjMDgwYWY2ZGRkYmQ1NjlhY2Y0ZDcxM2EyYjNmODQ5NzkzM2QyNWExNDI4M2ZkYSJ9
Content-Length: 77
Origin: https://mail-102366.square.site
Connection: keep-alive
Referer: https://mail-102366.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IlhpWVNCK1VFU3dZQUJBZ1NWeDg4bGc9PSIsInZhbHVlIjoidFVFVEs5dUJXVUpxWFwvMU5HV05cL3d6QjdMS0V0Y2tObGlaVzFLYmZsdlwvV2hpbDc1V3Y3dHpDOHR1WUJtcjdONW9Fb2doN0JrQnJLMVdwYXUyQVwvaGtndjEwSkU5VWlleVgySndqaW1LXC9Ld1kxQ1ZvVHFcL1pqdDRvWVZMeU5RXC9PIiwibWFjIjoiZDJkYWNhMWJmNzQ2ZjdkM2I3MjJkZmYyZjUxNjhjOWZjNjgzYTA0MDFhMGQwYzRkZWJhN2Q4MzkxN2YyYTA4NyJ9; XSRF-TOKEN=eyJpdiI6IlRDeHJXc3F4b2dsR1FGTTY4ZEFjVnc9PSIsInZhbHVlIjoiejVzY0tyd0ZjbTRaSmlFb1RZNkFHaWlmWStmTkhpSFdFd1QzQTltWlhuWEV3dUZxM3kxK2VNd0poNnFONStwRktROUdtTk5VWUhvWmxtY2lncHAyWDB2bERVRDVGUDlPVEhNT2RBdEZORHNQSWZkbU5MXC9qR3VuK2FiTDlUSTdaIiwibWFjIjoiNDVhOGJmNzg0YzBlYjQ4ZTBjMDgwYWY2ZGRkYmQ1NjlhY2Y0ZDcxM2EyYjNmODQ5NzkzM2QyNWExNDI4M2ZkYSJ9; PublishedSiteSession=eyJpdiI6Ik1QakUzMTh4Wlg0VEt3OFlrOVhra1E9PSIsInZhbHVlIjoieFJDaUo2WWt6UjNMbkJ0NmlcL0Q4TDdYVjd6anZ6dlFpN25oQm5QYlwvMGt1c0M5NGJ2UmhTSkNaMGNLZjhLNWIweWRVcnVSR2FkQ2RzTHpvbXh2XC9GeXhwMmFcL1RJVEVSZkZIMlIxb0NvUTFXZFlnTFRvZks2T0F6dTBEdDUrR3Q4IiwibWFjIjoiZWUxZGZhODBiMTU2N2E4YWQwOWM1OTY2MGY4NWI2M2ViOTVjODJjOWI1ZDUwZTRiMWZhMjJiOTdhODBiODRhOCJ9; _snow_ses.15db=*; _snow_id.15db=fba7bce3-3c31-4b99-9021-bfb6f13281d4.1669903507.1.1669903509.1669903507.ac62d6ce-349b-4e86-af75-cde573b3719f; _dd_s=rum=1&id=22a51571-c9fc-42a8-8ecf-fcc2faf39b0f&created=1669903507945&expire=1669904407945; websitespring-xsrf=eyJpdiI6ImgzMTl1SnNra3hrdFhKVmFiSCtqdmc9PSIsInZhbHVlIjoiNmdEREF6a1VuUzR5dGpjUEdaekFmQWNLSFBmelZ6YWpZZ2VwNXZsMmlUUEtSZnRmV2dZdjBURHplcGx3Q0xmd2JEdElCeDBET0ZKN1hxTkdBbm83QnJDeDdxYXJ1eXpsejF4V05sTms5eGhNK25ZXC9PWVIwSFdkUzZrdmpFMzJ4IiwibWFjIjoiMzcwMzZkOTFjMDc0NjlkOGY5MDYzYzMyZjUxNDlhOTVlOWMyODlhODk3ZTVmMjQ1MDNlZmJhZGVkOGUzOTMwNCJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.40
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Thu, 01 Dec 2022 14:05:10 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu77.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 79
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   79
Md5:    26e70d9925604cbe0c7e866fc54d87f4
Sha1:   ef5b3fb91cf2534cbf57806d14b21f0a5ae5c259
Sha256: c0e7b562566962eced45cdf3319b692c55f3df7c3c6d39436a9d21bae2d2e049
                                        
                                            GET /uploads/b/d4de93a52a17c20a281a4bcef038c28af07819b438a83c6dd2975a30a6bf2cda/badru%20bt_1669866616.png?width=400 HTTP/1.1 
Host: mail-102366.square.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IlhpWVNCK1VFU3dZQUJBZ1NWeDg4bGc9PSIsInZhbHVlIjoidFVFVEs5dUJXVUpxWFwvMU5HV05cL3d6QjdMS0V0Y2tObGlaVzFLYmZsdlwvV2hpbDc1V3Y3dHpDOHR1WUJtcjdONW9Fb2doN0JrQnJLMVdwYXUyQVwvaGtndjEwSkU5VWlleVgySndqaW1LXC9Ld1kxQ1ZvVHFcL1pqdDRvWVZMeU5RXC9PIiwibWFjIjoiZDJkYWNhMWJmNzQ2ZjdkM2I3MjJkZmYyZjUxNjhjOWZjNjgzYTA0MDFhMGQwYzRkZWJhN2Q4MzkxN2YyYTA4NyJ9; XSRF-TOKEN=eyJpdiI6IlRDeHJXc3F4b2dsR1FGTTY4ZEFjVnc9PSIsInZhbHVlIjoiejVzY0tyd0ZjbTRaSmlFb1RZNkFHaWlmWStmTkhpSFdFd1QzQTltWlhuWEV3dUZxM3kxK2VNd0poNnFONStwRktROUdtTk5VWUhvWmxtY2lncHAyWDB2bERVRDVGUDlPVEhNT2RBdEZORHNQSWZkbU5MXC9qR3VuK2FiTDlUSTdaIiwibWFjIjoiNDVhOGJmNzg0YzBlYjQ4ZTBjMDgwYWY2ZGRkYmQ1NjlhY2Y0ZDcxM2EyYjNmODQ5NzkzM2QyNWExNDI4M2ZkYSJ9; PublishedSiteSession=eyJpdiI6Ik1QakUzMTh4Wlg0VEt3OFlrOVhra1E9PSIsInZhbHVlIjoieFJDaUo2WWt6UjNMbkJ0NmlcL0Q4TDdYVjd6anZ6dlFpN25oQm5QYlwvMGt1c0M5NGJ2UmhTSkNaMGNLZjhLNWIweWRVcnVSR2FkQ2RzTHpvbXh2XC9GeXhwMmFcL1RJVEVSZkZIMlIxb0NvUTFXZFlnTFRvZks2T0F6dTBEdDUrR3Q4IiwibWFjIjoiZWUxZGZhODBiMTU2N2E4YWQwOWM1OTY2MGY4NWI2M2ViOTVjODJjOWI1ZDUwZTRiMWZhMjJiOTdhODBiODRhOCJ9; _snow_ses.15db=*; _snow_id.15db=fba7bce3-3c31-4b99-9021-bfb6f13281d4.1669903507.1.1669903509.1669903507.ac62d6ce-349b-4e86-af75-cde573b3719f; _dd_s=rum=1&id=22a51571-c9fc-42a8-8ecf-fcc2faf39b0f&created=1669903507945&expire=1669904407945; websitespring-xsrf=eyJpdiI6ImgzMTl1SnNra3hrdFhKVmFiSCtqdmc9PSIsInZhbHVlIjoiNmdEREF6a1VuUzR5dGpjUEdaekFmQWNLSFBmelZ6YWpZZ2VwNXZsMmlUUEtSZnRmV2dZdjBURHplcGx3Q0xmd2JEdElCeDBET0ZKN1hxTkdBbm83QnJDeDdxYXJ1eXpsejF4V05sTms5eGhNK25ZXC9PWVIwSFdkUzZrdmpFMzJ4IiwibWFjIjoiMzcwMzZkOTFjMDc0NjlkOGY5MDYzYzMyZjUxNDlhOTVlOWMyODlhODk3ZTVmMjQ1MDNlZmJhZGVkOGUzOTMwNCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.40
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Server: nginx
Date: Thu, 01 Dec 2022 14:05:11 GMT
Content-Length: 3646
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "OJzklZnJzdkea8tZSbemKrI5qkXgkjfJHWQLUHjQE5c"
Fastly-Io-Info: ifsz=4425 idim=225x225 ifmt=png ofsz=3646 odim=225x225 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx000000000000039c62188-0063809cba-c699baa-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: z67ed
X-Storage-Object: 67edc2fb216da26cf34dcac2bf5b51a2cfa39d903e12e5071a12814cd016fe4f
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 204
X-Served-By: cache-sjc10020-SJC, cache-pao17440-PAO
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
X-Timer: S1669903511.147484,VS0,VE1
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu43.sf2p.intern.weebly.net


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   3646
Md5:    d66ffc6d42bd41d690084fdc033cb40c
Sha1:   b558f2562142048920c6cf551b2b786a2dc14ac7
Sha256: f052ae6ddd54826877d31d423102bb8e51d255b600263d52b3fdf795875d84ca

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - fortinet: Phishing
                                        
                                            GET /app/website/square.ico HTTP/1.1 
Host: mail-102366.square.site
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail-102366.square.site/
Cookie: _ga_DNQ3ZPYMQW=GS1.1.1654494733.1.0.1654494733.0; _ga=GA1.1.1202189608.1654494733; publishedsite-xsrf=eyJpdiI6IlhpWVNCK1VFU3dZQUJBZ1NWeDg4bGc9PSIsInZhbHVlIjoidFVFVEs5dUJXVUpxWFwvMU5HV05cL3d6QjdMS0V0Y2tObGlaVzFLYmZsdlwvV2hpbDc1V3Y3dHpDOHR1WUJtcjdONW9Fb2doN0JrQnJLMVdwYXUyQVwvaGtndjEwSkU5VWlleVgySndqaW1LXC9Ld1kxQ1ZvVHFcL1pqdDRvWVZMeU5RXC9PIiwibWFjIjoiZDJkYWNhMWJmNzQ2ZjdkM2I3MjJkZmYyZjUxNjhjOWZjNjgzYTA0MDFhMGQwYzRkZWJhN2Q4MzkxN2YyYTA4NyJ9; XSRF-TOKEN=eyJpdiI6IlRDeHJXc3F4b2dsR1FGTTY4ZEFjVnc9PSIsInZhbHVlIjoiejVzY0tyd0ZjbTRaSmlFb1RZNkFHaWlmWStmTkhpSFdFd1QzQTltWlhuWEV3dUZxM3kxK2VNd0poNnFONStwRktROUdtTk5VWUhvWmxtY2lncHAyWDB2bERVRDVGUDlPVEhNT2RBdEZORHNQSWZkbU5MXC9qR3VuK2FiTDlUSTdaIiwibWFjIjoiNDVhOGJmNzg0YzBlYjQ4ZTBjMDgwYWY2ZGRkYmQ1NjlhY2Y0ZDcxM2EyYjNmODQ5NzkzM2QyNWExNDI4M2ZkYSJ9; PublishedSiteSession=eyJpdiI6Ik1QakUzMTh4Wlg0VEt3OFlrOVhra1E9PSIsInZhbHVlIjoieFJDaUo2WWt6UjNMbkJ0NmlcL0Q4TDdYVjd6anZ6dlFpN25oQm5QYlwvMGt1c0M5NGJ2UmhTSkNaMGNLZjhLNWIweWRVcnVSR2FkQ2RzTHpvbXh2XC9GeXhwMmFcL1RJVEVSZkZIMlIxb0NvUTFXZFlnTFRvZks2T0F6dTBEdDUrR3Q4IiwibWFjIjoiZWUxZGZhODBiMTU2N2E4YWQwOWM1OTY2MGY4NWI2M2ViOTVjODJjOWI1ZDUwZTRiMWZhMjJiOTdhODBiODRhOCJ9; _snow_ses.15db=*; _snow_id.15db=fba7bce3-3c31-4b99-9021-bfb6f13281d4.1669903507.1.1669903509.1669903507.ac62d6ce-349b-4e86-af75-cde573b3719f; _dd_s=rum=1&id=22a51571-c9fc-42a8-8ecf-fcc2faf39b0f&created=1669903507945&expire=1669904407945; websitespring-xsrf=eyJpdiI6ImgzMTl1SnNra3hrdFhKVmFiSCtqdmc9PSIsInZhbHVlIjoiNmdEREF6a1VuUzR5dGpjUEdaekFmQWNLSFBmelZ6YWpZZ2VwNXZsMmlUUEtSZnRmV2dZdjBURHplcGx3Q0xmd2JEdElCeDBET0ZKN1hxTkdBbm83QnJDeDdxYXJ1eXpsejF4V05sTms5eGhNK25ZXC9PWVIwSFdkUzZrdmpFMzJ4IiwibWFjIjoiMzcwMzZkOTFjMDc0NjlkOGY5MDYzYzMyZjUxNDlhOTVlOWMyODlhODk3ZTVmMjQ1MDNlZmJhZGVkOGUzOTMwNCJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         199.34.228.40
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Thu, 01 Dec 2022 14:05:11 GMT
Content-Length: 6518
Connection: keep-alive
Last-Modified: Tue, 02 Apr 2019 14:51:59 GMT
x-rgw-object-type: Normal
ETag: "d810985ef4dc1c0bd5811e36d13c8ca3"
x-amz-request-id: tx000000000000001af9993-00628473f6-b9fbc29-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu47.sf2p.intern.weebly.net
X-Revision: 816ece5f6932666fedb5f058fa3c5c7398fbad59
X-Request-ID: 6e80a17ca658700a17ada65e0737803a


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   6518
Md5:    d810985ef4dc1c0bd5811e36d13c8ca3
Sha1:   2b45bb77c68c937af6a2d9854dc82301526473aa
Sha256: 770e0889aefd823056c7cdbb066a445be0f0754c1b4d4cba877e120fdbcb63e6

Alerts:
  Blocklists:
    - openphish: BT Group plc
    - fortinet: Phishing