Overview

URL benefits.care/
IP199.34.228.77
ASNWEEBLY
Location United States
Report completed2022-09-06 19:20:06 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-06 2 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1662144649 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

URL www.benefits.care/uploads/7/9/8/4/7984078/water-refresh-invite-in_orig.jpg
IP  199.34.228.77
Magic gzip compressed data, max compression\012- data
Size 204080
MD5 5de6ce3e5dcb3e303405dc5782e06181
SHA1 e54d2217b9c5e3dc42dd6cebe03e5c4dd2259aea
SHA256 4cb2c44bced888acdccf96c0636f4b4a57c9ca539559326b562b940d09f1057c
Analyzer Analysed Verdict Comment
VirusTotal 0/0
URL www.benefits.care/ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getMiniCart]
IP  199.34.228.77
Magic gzip compressed data, max compression\012- data
Size 2331
MD5 3a1419968ea3700782d2c6aa8b52298b
SHA1 1edd72420485e159cc2a8dd7c66cb99e1ddd2fb5
SHA256 c76a8b6c8798a1f07f1045494ddf49b7212d0f8dd927493cb0529d94fa80e5b9
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (19)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ajax.googleapis.com (1) 12905 2019-10-15 17:52:08 UTC 2022-09-06 17:10:18 UTC 142.250.74.42
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.39
mnemonic passive DNS benefits.care (1) 0 2021-01-24 06:30:24 UTC 2022-09-06 18:34:25 UTC 199.34.228.77 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-09-06 04:41:22 UTC 23.36.77.32
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-06 04:40:31 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (6) 86 2012-05-21 07:02:23 UTC 2022-09-06 12:27:00 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-06 04:43:30 UTC 35.86.38.2
mnemonic passive DNS cdn2.editmysite.com (16) 11564 2012-10-02 18:27:39 UTC 2022-09-06 07:40:46 UTC 151.101.85.46
mnemonic passive DNS ec.editmysite.com (2) 12806 2017-01-29 21:50:35 UTC 2022-09-06 07:40:47 UTC 44.235.202.207
mnemonic passive DNS www.editmysite.com (3) 43381 2017-01-29 18:23:39 UTC 2022-09-06 09:53:13 UTC 74.115.50.67
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-06 14:05:23 UTC 143.204.55.35
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-06 05:16:49 UTC 143.204.55.25
mnemonic passive DNS ocsp.pki.goog (15) 175 2017-06-14 07:23:31 UTC 2022-09-06 04:40:10 UTC 142.250.74.3
mnemonic passive DNS fonts.googleapis.com (3) 8877 2014-07-21 13:19:55 UTC 2022-09-06 18:21:11 UTC 142.250.74.10
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-06 08:08:24 UTC 34.120.237.76
mnemonic passive DNS www.weebly.com (4) 21455 2014-01-19 01:07:09 UTC 2022-09-06 15:14:49 UTC 74.115.50.110
mnemonic passive DNS ssl.google-analytics.com (1) 275 2012-10-03 00:55:57 UTC 2022-09-06 04:42:21 UTC 142.250.74.8
mnemonic passive DNS www.benefits.care (45) 0 2022-05-15 13:07:55 UTC 2022-09-06 18:34:25 UTC 199.34.228.77 Unknown ranking
mnemonic passive DNS fonts.gstatic.com (6) 0 2014-08-29 13:43:22 UTC 2022-09-06 04:40:06 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.34.228.77

Date UQ / IDS / BL URL IP
2022-12-06 06:58:56 +0000
0 - 0 - 8 suydamconstruction.com/ 199.34.228.77
2022-12-01 19:39:33 +0000
0 - 0 - 0 www.wmclaw.com 199.34.228.77
2022-11-29 23:43:28 +0000
0 - 0 - 8 globalsry.com/ 199.34.228.77
2022-11-29 12:31:33 +0000
0 - 0 - 1 www.rsma.ie/ 199.34.228.77
2022-11-27 23:41:41 +0000
0 - 0 - 8 sry.com.tw/ 199.34.228.77

Last 5 reports on ASN: WEEBLY

Date UQ / IDS / BL URL IP
2022-12-08 01:03:15 +0000
0 - 0 - 2 att-107145.square.site/ 199.34.228.39
2022-12-07 12:28:52 +0000
0 - 0 - 2 att-100947.weeblysite.com/ 199.34.228.96
2022-12-07 12:12:52 +0000
0 - 0 - 1 feidelitylogin.weebly.com/ 199.34.228.53
2022-12-07 12:05:32 +0000
0 - 0 - 2 login-page-100494.weeblysite.com/ 199.34.228.97
2022-12-07 02:00:13 +0000
0 - 0 - 5 jdjdjdjdhh.weebly.com/ 199.34.228.53

Last 1 reports on domain: benefits.care

Date UQ / IDS / BL URL IP
2022-09-06 19:20:06 +0000
0 - 0 - 1 benefits.care/ 199.34.228.77

No other reports with similar screenshot



JavaScript

Executed Scripts (62)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 587, repeated: 1) - SHA256: 9444a2aeb0dd69645ef943e8babccf598d7e52356a2fd5981aae4ea57316c31b

                                        < !DOCTYPE html > < head > < script type = "text/javascript"
src = "https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js" > < /script><script type="text/javascript
" src=" //www.weebly.com/weebly/apps/generateVideo.php?source=weebly&output=js&elementid=209302418711482155&user=7984078&ineditor=0&align=center&margintop=0px&marginbottom=0px&downloadable=0&height=226&video=b/7984078-485169743507177004/220902_janie_at_event_552.mp4&image=b/7984078-485169743507177004/220902_janie_at_event_552.jpg"></script></head><body style="margin:0; padding: 0;border:none;overflow:hidden;"></body></html>
                                    


HTTP Transactions (123)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 19:04:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kNL32K5xzutc9bY3bt84rUSD6etgbaLPlMi5Vl0_JlvEg7BsSkY6kg==
Age: 933


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    b593eb39329cfe060d55be5e4a5405e2
Sha1:   78e46c1028e9f94f8569303ad2d90d7df13a059a
Sha256: 08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
                                        
                                            GET / HTTP/1.1 
Host: benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         199.34.228.77
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 06 Sep 2022 19:19:55 GMT
Server: Apache
Location: http://www.benefits.care/
Content-Length: 233
Keep-Alive: timeout=10, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   233
Md5:    8075586e52116ca1c05ccb252675d112
Sha1:   f7b56d2cf67f854be82c86c1bc5504eba00e8ede
Sha256: 1425ec037f9b2987060b384ed78700aeba32092c5da0469f854ff752d9bc46b1
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9704
Expires: Tue, 06 Sep 2022 22:01:39 GMT
Date: Tue, 06 Sep 2022 19:19:55 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: n-yhNLpkNITRS2boottSRl9g172eO3_7s0qrugVILjtmMeUARUhabA==
age: 65078
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 06 Sep 2022 19:19:55 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         199.34.228.77
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 06 Sep 2022 19:19:55 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=www.benefits.care
Vary: X-W-SSL,User-Agent
Location: https://www.benefits.care/
X-Host: grn7.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 350
Keep-Alive: timeout=10, max=63
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   350
Md5:    2ded51dcc9ce9900eeffdd8d92d23be7
Sha1:   b482e5e88f162048e7dc17edd1d34eb0f3143140
Sha256: 8c70a9a75d82bf0bd70cb8574ee273b5fb58cc78b75f376734407186f62b6b87
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 06 Sep 2022 18:38:18 GMT
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 18:43:14 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZER0BbSVjfnJ55dbEwXV_gCCyN4jUifbBqZamO-Q8ouPB7kfdkr_pg==
Age: 2498


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6226
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 19:19:56 GMT
Last-Modified: Tue, 06 Sep 2022 17:36:10 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B44E5FDD8D172BD5AEBAA80B71971C501C7A85627A7747DF5062A305F656FBF2"
Last-Modified: Tue, 06 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21557
Expires: Wed, 07 Sep 2022 01:19:13 GMT
Date: Tue, 06 Sep 2022 19:19:56 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ny9jc7ofjU37ZoECrZOk/Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.86.38.2
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pcCRxHarSzLUb0aiB1DrTNM8QF4=

                                        
                                            GET / HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 06 Sep 2022 19:19:56 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.benefits.care language=en; expires=Tue, 20-Sep-2022 19:19:56 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"4fb35e8b53999345dc07f6d46e107191-gzip"
Content-Encoding: gzip
X-Host: blu50.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 20243
Keep-Alive: timeout=10, max=63
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (42189)
Size:   20243
Md5:    b5ebbf4caf995612a45ebc89eb2e1fa1
Sha1:   be36f2db294ff3d8a4f5f9043e9d0a541e4cabd0
Sha256: b23130cdc24a2791a8a595782637aa8599182807404bf09f55fd6657644c50b5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 19:19:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 19:19:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 19:19:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/site/main.js?buildTime=1662144649 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Fri, 02 Sep 2022 18:13:42 GMT
etag: "631247d6-74804"
expires: Fri, 16 Sep 2022 18:51:18 GMT
cache-control: max-age=1209600
x-host: blu133.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 19:19:56 GMT
age: 347318
x-served-by: cache-sjc10030-SJC, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 3
x-timer: S1662491997.922288,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 146400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32147)
Size:   146400
Md5:    81b8673c5d3aa3ab8c0574f2a8f0e3b4
Sha1:   2e0661bc7907d9e2703b3347c3fec579f0aef5d6
Sha256: 0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40
                                        
                                            GET /js/old/slideshow-jq.js?buildTime=1662144649 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Fri, 02 Sep 2022 18:13:42 GMT
etag: "631247d6-9e0b"
expires: Fri, 16 Sep 2022 18:53:33 GMT
cache-control: max-age=1209600
x-host: blu115.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 19:19:56 GMT
age: 347183
x-served-by: cache-sjc10031-SJC, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 5, 8
x-timer: S1662491997.923043,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 13265
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32013)
Size:   13265
Md5:    da04d4da36c827437eb064334cf40561
Sha1:   b54b259c2dce4a00e265deddf2ee0941dda6ed40
Sha256: 0064ed54b2f6244cda5252037026ceb744b58067811265aa1a10c3f7cd937b3a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 19:19:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/site/theme-plugins.js?buildTime=1662144649 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Fri, 02 Sep 2022 18:13:42 GMT
etag: "631247d6-314e"
expires: Fri, 16 Sep 2022 18:55:10 GMT
cache-control: max-age=1209600
x-host: blu119.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 19:19:56 GMT
age: 347087
x-served-by: cache-sjc10077-SJC, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 5
x-timer: S1662491997.924369,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 3747
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12622), with no line terminators
Size:   3747
Md5:    326fac3bf2f5a48ddb695ce00260efd8
Sha1:   824134c8f3cbfc5b0ce818dcb0befc99842e4fa6
Sha256: 8fa81dbf4afb7142ee09f89d14e23fd44928c782bced6ef6c44fe9515429af50
                                        
                                            GET /js/site/commerce-core.js?buildTime=1662144649 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Fri, 02 Sep 2022 18:13:42 GMT
etag: "631247d6-f57e"
expires: Fri, 16 Sep 2022 18:51:18 GMT
cache-control: max-age=1209600
x-host: grn118.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 19:19:56 GMT
age: 347318
x-served-by: cache-sjc10059-SJC, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 65
x-timer: S1662491997.922434,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 17388
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32011)
Size:   17388
Md5:    e32a0ae988b9f1c9de6f0f70bfa0ffbd
Sha1:   c2e9ad2d183fa12c63df33521a919ad9eb0b44cb
Sha256: fb4389e623d2a4a9b1d7be60bb37b99e71294a39fbfee8f7d9db5f68f67d0ec8
                                        
                                            GET /js/site/main-commerce-browse.js?buildTime=1662144649 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Fri, 02 Sep 2022 18:13:42 GMT
etag: "631247d6-f92d"
expires: Fri, 16 Sep 2022 18:51:18 GMT
cache-control: max-age=1209600
x-host: grn49.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 19:19:56 GMT
age: 347318
x-served-by: cache-sjc10041-SJC, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 235, 162
x-timer: S1662491997.922522,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 16977
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32049)
Size:   16977
Md5:    15eaf839ff82242f8d02b1f60c073760
Sha1:   ed5886bbb71827073b52523683a95f0a051f8c40
Sha256: c484962adc762a7df4929e867d53141cebf339cc60e1c611b3b7bfa61e1aea7d
                                        
                                            GET /css/old/slideshow/slideshow.css?1662144649 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Fri, 02 Sep 2022 18:13:37 GMT
etag: W/"631247d1-1cb9"
expires: Fri, 16 Sep 2022 18:53:33 GMT
cache-control: max-age=1209600
x-host: blu136.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 19:19:56 GMT
age: 347184
x-served-by: cache-sjc10076-SJC, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 10
x-timer: S1662491997.937018,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1488
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7352)
Size:   1488
Md5:    ba9bbd4df86b5b255f5ef44658e52130
Sha1:   3970cecb6939475f95556c2d32d17de0d1645f32
Sha256: 244b7b062e6e558009c622e46008d5542604b9163315220199a2ac50868ff3e5
                                        
                                            GET /files/main_style.css?1662160387 HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn29.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (936)
Size:   8132
Md5:    ecf29288802ec74d3ed3e40f151385b5
Sha1:   f485aad6c34a0224ab3cb85286c68ee093464d8f
Sha256: 10ed462a20878258884843a0e041ccbdce82cd1a6051445f2c40a510dd52d5b5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 19:19:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css/sites.css?buildTime=1662144649 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Fri, 02 Sep 2022 18:13:15 GMT
etag: W/"631247bb-342c0"
expires: Fri, 16 Sep 2022 18:51:18 GMT
cache-control: max-age=1209600
x-host: grn13.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 19:19:56 GMT
age: 347318
x-served-by: cache-sjc10060-SJC, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 238
x-timer: S1662491997.942744,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 29723
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   29723
Md5:    47fce46b49e95d7c570a5fa1600f25a7
Sha1:   d927380977eae6001d9734e67ea666b261a520e4
Sha256: c81b992fe5e5b2ab4c92f2dbb28e6755aaf1ff26f8df15b306f1118423fa3785
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 19:19:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css/old/fancybox.css?1662144649 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Fri, 02 Sep 2022 18:13:22 GMT
etag: "631247c2-f47"
expires: Fri, 16 Sep 2022 19:09:21 GMT
cache-control: max-age=1209600
x-host: blu81.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 19:19:56 GMT
age: 346235
x-served-by: cache-sjc10062-SJC, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 187
x-timer: S1662491997.943198,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1218
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3910)
Size:   1218
Md5:    b644e92258f4c7c0b4270047652d1e60
Sha1:   93734d52ee9e86a768159e514076051813c39cd9
Sha256: 29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 19:19:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.42
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 09:37:50 GMT
expires: Sun, 03 Sep 2023 09:37:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 294127
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65483)
Size:   33593
Md5:    a54a444f20643b131117dc2112cca05f
Sha1:   074964746b12ff1d30f7656310d6154ae1cc98b5
Sha256: aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 19:19:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /files/theme/plugins.js?1573850854 HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 28 Jan 2022 02:17:25 GMT
x-rgw-object-type: Normal
ETag: W/"86db86f3ec46612c95a552a133cf2501"
x-amz-request-id: tx000000000000000043bd3-006258b625-4d6022f-las
X-Storage-Bucket: z8a29
X-Storage-Object: 8a295e631b0d74ebc6b734fdd9a2d5b29653da10a362599b0004ee135c115ce9
X-Host: blu14.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   18075
Md5:    35f647b2742c690703076a35ee299d33
Sha1:   d8f040a94a3db61a2eb9c4d22906dd515b85fa75
Sha256: 89b301a048d2d58d670d3f1767422cc357dd9e66a0b0a1fd047b5165c30c87c2
                                        
                                            GET /files/templateArtifacts.js?1662160387 HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu14.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (1630)
Size:   1632
Md5:    e0836e8203c22b8e4086f27e91e86f5a
Sha1:   28235e77f5a895c8cd411aff4a6ef4e6f7d419c2
Sha256: 32dbc4a2eeca39a57d35670f00e2cf59e03c279521e47506c56c5c36d8b664b6
                                        
                                            GET /files/theme/custom.js?1573850854 HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 10 May 2022 00:14:12 GMT
x-rgw-object-type: Normal
ETag: W/"167b5f2a55a6ac2775d799bf9a87343d"
x-amz-request-id: tx000000000000001c5d29e-0062848988-b9fbc63-sfo1
X-Storage-Bucket: za16d
X-Storage-Object: a16df105a4c2f66f83e36051a5d4b3e7399fadc9046f779b7f373a5dc46b2361
X-Host: grn70.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   2637
Md5:    0ebe47e011abac0beb0353c38e6fe5f6
Sha1:   c234e549ad5d546b3901f209a50639352dfd23db
Sha256: 8f6c0204657565452ae33714fa329826c79cbea1af9ab891e70abfc9cd66e5fa
                                        
                                            GET /uploads/7/9/8/4/7984078/access-center-logo-horizontal_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:57 GMT
Content-Length: 13489
Connection: keep-alive
Last-Modified: Wed, 25 May 2022 22:13:07 GMT
x-rgw-object-type: Normal
ETag: "c3d141446be856ea699d2ef0f36d19b1"
x-amz-request-id: tx000000000000037392db6-0063179d5d-c033918-sfo1
X-Storage-Bucket: zc319
X-Storage-Object: c319257db08ae1f402bf4eccdfc95cc4df0f917ff5043b7c1d2f76089faa9041
X-Host: grn84.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 729x172, components 3\012- data
Size:   13489
Md5:    c3d141446be856ea699d2ef0f36d19b1
Sha1:   f8301589b9addc970a22a8893212e4fbbe18b6ff
Sha256: c319257db08ae1f402bf4eccdfc95cc4df0f917ff5043b7c1d2f76089faa9041
                                        
                                            GET /js/wsnbn/snowday262.js HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Tue, 30 Aug 2022 19:50:08 GMT
etag: "630e69f0-124fe"
expires: Thu, 15 Sep 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: grn123.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 19:19:57 GMT
age: 470476
x-served-by: cache-sjc10034-SJC, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 878
x-timer: S1662491998.633702,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 25752
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2512)
Size:   25752
Md5:    234327230add9a5a5d61a48829ea4565
Sha1:   7966cc0e4bd76f88ff193c8a99a067de804b7129
Sha256: bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
                                        
                                            GET /uploads/7/9/8/4/7984078/access-center-logo-horizontal.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:57 GMT
Content-Length: 6156
Connection: keep-alive
Last-Modified: Wed, 25 May 2022 22:13:35 GMT
x-rgw-object-type: Normal
ETag: "faacf7d0fd4d8b6be9371653566ac216"
x-amz-request-id: tx000000000000037b61121-0063179d5d-bfe36ba-sfo1
X-Storage-Bucket: z422a
X-Storage-Object: 422a8a2ebcb404d05b4494a4d583ea2e534ee121234ef0232869a518b5d74510
X-Host: blu27.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x94, components 3\012- data
Size:   6156
Md5:    faacf7d0fd4d8b6be9371653566ac216
Sha1:   22ba1d32aec45c63d7b4a72ad7de8674cf3c2ebd
Sha256: 422a8a2ebcb404d05b4494a4d583ea2e534ee121234ef0232869a518b5d74510
                                        
                                            GET /uploads/7/9/8/4/7984078/access-center-logo-for-website-002_orig.png HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:57 GMT
Content-Length: 11397
Connection: keep-alive
Last-Modified: Mon, 16 May 2022 15:25:28 GMT
x-rgw-object-type: Normal
ETag: "e109fcf5ac73383b4e53c87fef334d9b"
x-amz-request-id: tx00000000000003735ffb2-0063179d5d-c0351c8-sfo1
X-Storage-Bucket: z4278
X-Storage-Object: 42789546e5058b5d513998a23a7d5190f2a66f3c9412e4fcdaeaef9823c0537e
X-Host: grn29.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  PNG image data, 704 x 224, 8-bit/color RGB, non-interlaced\012- data
Size:   11397
Md5:    e109fcf5ac73383b4e53c87fef334d9b
Sha1:   47344d645c5125680b8093bca5cda4539e41ffc3
Sha256: 42789546e5058b5d513998a23a7d5190f2a66f3c9412e4fcdaeaef9823c0537e
                                        
                                            GET /images/util/videojs/play-icon.png?1662144649 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: image/png
                                        
x-guploader-uploadid: ADPycduA1Ccak40_-sAQRVlQ76ZQX38dcWSmcr71Zg8RIjRjCkpajjwSPtrhQVN5NPSxctJViPn7KIn03V58-q6eOXxkIg
x-goog-generation: 1495741012858797
x-goog-metageneration: 8
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3434
x-goog-hash: crc32c=jhQo6Q==, md5=ItdHjX2HhY3cB77A0tFa8g==
x-goog-storage-class: STANDARD
server: UploadServer
expires: Mon, 05 Sep 2022 19:18:09 GMT
cache-control: public, max-age=86400, s-maxage=259200
last-modified: Thu, 25 May 2017 19:36:52 GMT
etag: "22d7478d7d87858ddc07bec0d2d15af2"
accept-ranges: bytes
date: Tue, 06 Sep 2022 19:19:57 GMT
via: 1.1 varnish
age: 85853
x-served-by: cache-bma1668-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1662491998.648086,VS0,VE1
access-control-allow-origin: *
content-length: 3434
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size:   3434
Md5:    22d7478d7d87858ddc07bec0d2d15af2
Sha1:   5bcc615975ada37710303f66e852263ebe3c7dea
Sha256: 64c766443a2a39e78f6ac184a19545d6b7bbee0b0ebd0c3471b51cbfad5fffd0
                                        
                                            GET /uploads/7/9/8/4/7984078/editor/access-and-star.jpg?1652715626 HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:57 GMT
Content-Length: 4024
Connection: keep-alive
Last-Modified: Thu, 16 Jun 2022 14:21:17 GMT
x-rgw-object-type: Normal
ETag: "9bdac7cad82d418baca0aaadd352987e"
x-amz-request-id: tx0000000000000378a4431-0063179d5d-c03521c-sfo1
X-Storage-Bucket: z9631
X-Storage-Object: 9631f9cbf3f20738c177a60c23ed8b34bf5629eff7785c1b5893a75c3fcf573f
X-Host: grn29.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 137x130, components 3\012- data
Size:   4024
Md5:    9bdac7cad82d418baca0aaadd352987e
Sha1:   8340fa9ad80c53a1de83d180a1efa4674ece9d39
Sha256: 9631f9cbf3f20738c177a60c23ed8b34bf5629eff7785c1b5893a75c3fcf573f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 19:19:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 19:19:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 19:19:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 19:19:56 GMT
date: Tue, 06 Sep 2022 19:19:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /images/old/slideshow/control_icons.gif HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn2.editmysite.com/css/old/slideshow/slideshow.css?1662144649
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: image/gif
                                        
x-guploader-uploadid: ADPycduaocO0AE51t-7YP295IG9trj3YomORVYpk4sPUpbMAAmx6sSMpEFhsC2xFzoxFbSdmQJOJHdl52j01ttYrCbCOSw
cache-control: public, max-age=86400, s-maxage=259200
expires: Fri, 19 Aug 2022 04:07:54 GMT
last-modified: Thu, 25 May 2017 18:53:05 GMT
etag: "88041de02e278ceedcd7de52bcdb8156"
x-goog-generation: 1495738385881388
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 187
x-goog-hash: crc32c=P9yuOw==, md5=iAQd4C4njO7c195SvNuBVg==
x-goog-storage-class: STANDARD
server: UploadServer
accept-ranges: bytes
date: Tue, 06 Sep 2022 19:19:57 GMT
via: 1.1 varnish
age: 54401
x-served-by: cache-bma1668-BMA
x-cache: HIT
x-cache-hits: 76
x-timer: S1662491998.733100,VS0,VE0
access-control-allow-origin: *
content-length: 187
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 25 x 13\012- data
Size:   187
Md5:    88041de02e278ceedcd7de52bcdb8156
Sha1:   775bf1f3464e006b3f644512e52477ecc9385222
Sha256: 00bd643d7b1cd928b72aa4b6d69df8d5838a8f07e26294fda69ab365fa454c3f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 19:19:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.benefits.care
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:10:21 GMT
expires: Wed, 06 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 7776
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size:   23580
Md5:    e1b3b5908c9cf23dfb2b9c52b9a023ab
Sha1:   fcd4136085f2a03481d9958cc6793a5ed98e714c
Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
                                        
                                            GET /images/old/loading.gif HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn2.editmysite.com/css/old/slideshow/slideshow.css?1662144649
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: image/gif
                                        
x-guploader-uploadid: ADPycdtVWhRmpQElawWKq6ABZSNlvJ-DkJiG1b8HSnt4G-cnM4tWoZIpyFUc3GCi9hgukI7qKfsK-iHSXZSY399biNcy4pv5nSOu
cache-control: public, max-age=86400, s-maxage=259200
expires: Fri, 19 Aug 2022 23:56:30 GMT
last-modified: Thu, 25 May 2017 18:45:50 GMT
etag: "0b0212ec4e07451700c88a335ebba854"
x-goog-generation: 1495737950396999
x-goog-metageneration: 6
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2964
x-goog-hash: crc32c=F+8alw==, md5=CwIS7E4HRRcAyIozXruoVA==
x-goog-storage-class: STANDARD
server: UploadServer
accept-ranges: bytes
date: Tue, 06 Sep 2022 19:19:57 GMT
via: 1.1 varnish
age: 242113
x-served-by: cache-bma1668-BMA
x-cache: HIT
x-cache-hits: 127
x-timer: S1662491998.750876,VS0,VE0
access-control-allow-origin: *
content-length: 2964
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 30 x 30\012- data
Size:   2964
Md5:    0b0212ec4e07451700c88a335ebba854
Sha1:   e62e40bbd31145dc64c0a555991a5dc5696d1943
Sha256: 37f5bf015ade9651005d72bcfdbb48838014c1c357f848585df731bc7eaff120
                                        
                                            GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.benefits.care
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 16:40:18 GMT
expires: Fri, 01 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 441579
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size:   30928
Md5:    ac0d2859ea5f8fd6bcb3c305c08ec184
Sha1:   7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
                                        
                                            GET /s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.benefits.care
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Aug 2022 21:01:08 GMT
expires: Wed, 30 Aug 2023 21:01:08 GMT
cache-control: public, max-age=31536000
age: 598729
last-modified: Tue, 24 May 2022 18:26:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 25184, version 1.0\012- data
Size:   25184
Md5:    23eec75ba54d389a0188abbb596b7614
Sha1:   daa4672ad515a108325f52116e9a49aab8cdd5fa
Sha256: 538c7067580f457dd3dd98ebaabeb19405c12bdd01674d3db8fd9948ee73c862
                                        
                                            GET /s/crimsontext/v19/wlppgwHKFkZgtmSR3NB0oRJX1C1GDNNQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.benefits.care
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25540
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 20:03:31 GMT
expires: Tue, 05 Sep 2023 20:03:31 GMT
cache-control: public, max-age=31536000
age: 83786
last-modified: Tue, 24 May 2022 18:29:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 25540, version 1.0\012- data
Size:   25540
Md5:    19ab149056827f64d640fa3d65f4e536
Sha1:   754c09533c5b386067e762ae85f39c345ec10915
Sha256: 60b9b9640fc716abd752df41f38ad81052f4905e42be2ff3c1f78e851863aee0
                                        
                                            GET /s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.benefits.care
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 19:24:25 GMT
expires: Tue, 05 Sep 2023 19:24:25 GMT
cache-control: public, max-age=31536000
age: 86132
last-modified: Mon, 15 Aug 2022 18:07:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 35660, version 1.0\012- data
Size:   35660
Md5:    0d0d3e5824e5e67a9e993960df2b67a9
Sha1:   328d67bb1d5899a7809df9f4385181863fd035f1
Sha256: 38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639
                                        
                                            GET /s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.benefits.care
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:17:25 GMT
expires: Wed, 06 Sep 2023 17:17:25 GMT
cache-control: public, max-age=31536000
age: 7352
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23236, version 1.0\012- data
Size:   23236
Md5:    716309aab2bca045f9627f63ad79d0bf
Sha1:   38804233a29aaf975d557fe14e762c627bef76e0
Sha256: 115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 19:19:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10489
Expires: Tue, 06 Sep 2022 22:14:47 GMT
Date: Tue, 06 Sep 2022 19:19:58 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:44:33 GMT
age: 77725
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6656
Md5:    983e705542fa78b4d5c876e0c1eada7e
Sha1:   5fc951e5236edd282d4975853ca35dab2e55fb17
Sha256: fa6e478fc213f6cb6c9f33c96c51105262c857bfe313b3d310755be30b1feeb3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GSRJIWisH465dPqbKyPj1iZk1jAu3RGrgwj1CX3X8A397zv9Nt0cHA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 08:35:06 GMT
age: 38692
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4426
Md5:    c81f3df885bdee8cac46ea9495e6b63b
Sha1:   fc766bca874a352a4acb569577d4cf6527f4f074
Sha256: e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7855
x-amzn-requestid: d7c8054c-d7d3-4b76-815d-36c3a2e1f6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYn6FwzoAMF40g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166e32-3ededbf27f83503978e0d775;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:46:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QFEoJOq9eyhQH3KTlAB_ctOvGWRfAkPMHiZUa34wae07KaezXFodBg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:57:14 GMT
age: 76964
etag: "ae50ae4aecd962b698c19f2863857b51cea7fcec"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7855
Md5:    8c23179b2131543088771e3fa84ff231
Sha1:   ae50ae4aecd962b698c19f2863857b51cea7fcec
Sha256: 660900ca69b1787a734c1dbe3d6b9b19656912b4bc4715964c4325edff57f008
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5775
x-amzn-requestid: dc0a6d9c-5aec-44a3-be54-69cec17f9de1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYfxE0noAMFz0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166dfe-6c8ec4b03fc761d81c988132;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z3WamVQsZqAoYnfPZ0rgyYXGzs1jsv56D1oF4Wzva-H-T8a-xPU8mg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:00:00 GMT
age: 76798
etag: "3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5775
Md5:    1a87857b93f99eab3118aae97a1c9d22
Sha1:   3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80
Sha256: 97ce11c0e0efe83d6568f173f9235160157c52b4ab4299823d508c072f113ddc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:31:02 GMT
age: 53336
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12683
Md5:    ec466c0d472e43c11d36bf6fce068205
Sha1:   720d3624a76d060b8e2699e9aa7a320e3efd4878
Sha256: 5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10489
Expires: Tue, 06 Sep 2022 22:14:47 GMT
Date: Tue, 06 Sep 2022 19:19:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10489
Expires: Tue, 06 Sep 2022 22:14:47 GMT
Date: Tue, 06 Sep 2022 19:19:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10489
Expires: Tue, 06 Sep 2022 22:14:47 GMT
Date: Tue, 06 Sep 2022 19:19:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10489
Expires: Tue, 06 Sep 2022 22:14:47 GMT
Date: Tue, 06 Sep 2022 19:19:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3409
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 19:19:58 GMT
Last-Modified: Tue, 06 Sep 2022 18:23:09 GMT
Server: ECS (amb/6B99)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3409
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 19:19:58 GMT
Last-Modified: Tue, 06 Sep 2022 18:23:09 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /uploads/7/9/8/4/7984078/dedicated-tlc-packet-2nd_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:57 GMT
Content-Length: 186746
Connection: keep-alive
Last-Modified: Mon, 06 Jun 2022 02:53:20 GMT
x-rgw-object-type: Normal
ETag: "26707699abf3052d4fbf523655e79cc6"
x-amz-request-id: tx000000000000037392db7-0063179d5d-c033918-sfo1
X-Storage-Bucket: z0ad8
X-Storage-Object: 0ad8e1900fa53fe1015a539bd719b769fb330e2b3e7b84a4893b2a704db2a3c8
X-Host: grn79.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 995x1057, components 3\012- data
Size:   186746
Md5:    26707699abf3052d4fbf523655e79cc6
Sha1:   64ec1a2533ad49008a7213e121012fab435b51a4
Sha256: 0ad8e1900fa53fe1015a539bd719b769fb330e2b3e7b84a4893b2a704db2a3c8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3991
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 19:19:58 GMT
Last-Modified: Tue, 06 Sep 2022 18:13:28 GMT
Server: ECS (amb/6B7A)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 19:19:58 GMT
Last-Modified: Tue, 06 Sep 2022 18:13:54 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: shdsPuWqq0gh86WPyKctFKqz2ZNLUUvRd2QQu1m4cwkBZmozugsCNA==
Age: 3964

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 19:19:58 GMT
Last-Modified: Tue, 06 Sep 2022 17:35:19 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gdIgkugfxJm1RWgxuaLAqHtoOZJNGO3w8CUrEj1pf6yiAz-zTN8P9A==
Age: 6279

                                        
                                            GET /weebly/apps/generateMap.php?map=google&elementid=553238918149402022&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=1&typecontrol=0&zoom=11&long=-83.3105439&lat=42.5009422&domain=www&point=1&align=2&reseller=false HTTP/1.1 
Host: www.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         74.115.50.110
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 06 Sep 2022 19:19:58 GMT
Server: Apache
Location: https://www.editmysite.com/ajax/apps/generateMap.php?map=google&elementid=553238918149402022&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=1&typecontrol=0&zoom=11&long=-83.3105439&lat=42.5009422&domain=www&point=1&align=2&reseller=false
X-Host: blu82.sf2p.intern.weebly.net
Vary: User-Agent
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Keep-Alive: timeout=10, max=66
Connection: Keep-Alive
X-W-DC: SFO
Set-Cookie: sto-id-editor=IOGDBNAK; Domain=weebly.com; Path=/

                                        
                                            GET /uploads/7/9/8/4/7984078/water-refresh-invite-in_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:57 GMT
Content-Length: 203745
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 15:34:00 GMT
x-rgw-object-type: Normal
ETag: "87b1fd95c8f1d665f5523b1a2f7071a3"
x-amz-request-id: tx00000000000003729e762-0063179d5d-bfe27ea-sfo1
X-Storage-Bucket: z069b
X-Storage-Object: 069bf49dbbf21adcda0b24b6ace70dfcaef7895ad3d4b35f0d329dd0ecd80bd0
X-Host: blu44.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   204080
Md5:    5de6ce3e5dcb3e303405dc5782e06181
Sha1:   e54d2217b9c5e3dc42dd6cebe03e5c4dd2259aea
Sha256: 4cb2c44bced888acdccf96c0636f4b4a57c9ca539559326b562b940d09f1057c

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            GET /weebly/apps/generateMap.php?map=google&elementid=966763712847933773&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=1&typecontrol=0&zoom=11&long=-82.9354084&lat=42.4151665&domain=www&point=1&align=2&reseller=false HTTP/1.1 
Host: www.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         74.115.50.110
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 06 Sep 2022 19:19:58 GMT
Server: Apache
Location: https://www.editmysite.com/ajax/apps/generateMap.php?map=google&elementid=966763712847933773&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=1&typecontrol=0&zoom=11&long=-82.9354084&lat=42.4151665&domain=www&point=1&align=2&reseller=false
X-Host: grn82.sf2p.intern.weebly.net
Vary: User-Agent
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Keep-Alive: timeout=10, max=54
Connection: Keep-Alive
X-W-DC: SFO
Set-Cookie: sto-id-editor=MIEJBMAK; Domain=weebly.com; Path=/

                                        
                                            GET /uploads/7/9/8/4/7984078/access-center-logo-options-v2_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:58 GMT
Content-Length: 97663
Connection: keep-alive
Last-Modified: Sun, 15 May 2022 13:24:01 GMT
x-rgw-object-type: Normal
ETag: "5287e31f015ad626880c1b4f385bad72"
x-amz-request-id: tx000000000000037392e35-0063179d5e-c033918-sfo1
X-Storage-Bucket: z9f3a
X-Storage-Object: 9f3a1eaff157e9359890a5db00d34053e7eb026cc9f1a1529201f82905e33b87
X-Host: grn29.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1650x701, components 3\012- data
Size:   97663
Md5:    5287e31f015ad626880c1b4f385bad72
Sha1:   c40bff1ca14a35a5486ef561989cf909509d4e76
Sha256: 9f3a1eaff157e9359890a5db00d34053e7eb026cc9f1a1529201f82905e33b87
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8134
x-amzn-requestid: 5f6027e8-842f-476a-85e5-cc8b848e4567
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEoVIAMFuiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7095c29a04d2f5310b1b84c4;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Gf6IGDeM-y_nDO1C3m9xeyAJdkYRe2CN87Pi986A7B1qsjq5p9VkQw==
via: 1.1 d7782b26e589b8e1397d352f4daf0d58.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 09:10:05 GMT
etag: "ec19429fa76d9ad47a0578734b011b530b79ebbf"
age: 36593
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8134
Md5:    5540d72831e7e7b9fc287f92c48d9f5e
Sha1:   ec19429fa76d9ad47a0578734b011b530b79ebbf
Sha256: bc27a44853fd17cf51d6bba0db58a755c75a309d9b0cbcd454dfc9d62785f72f
                                        
                                            GET /weebly/apps/generateMap.php?map=google&elementid=839598013294448797&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=1&typecontrol=0&zoom=11&long=-83.1015077&lat=42.4101101&domain=www&point=1&align=2&reseller=false HTTP/1.1 
Host: www.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         74.115.50.110
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 06 Sep 2022 19:19:58 GMT
Server: Apache
Location: https://www.editmysite.com/ajax/apps/generateMap.php?map=google&elementid=839598013294448797&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=1&typecontrol=0&zoom=11&long=-83.1015077&lat=42.4101101&domain=www&point=1&align=2&reseller=false
X-Host: grn54.sf2p.intern.weebly.net
Vary: User-Agent
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Keep-Alive: timeout=10, max=74
Connection: Keep-Alive
X-W-DC: SFO
Set-Cookie: sto-id-editor=MBHJBMAK; Domain=weebly.com; Path=/

                                        
                                            GET /uploads/7/9/8/4/7984078/water-refresh-ded-handin_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:57 GMT
Content-Length: 241741
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 14:08:07 GMT
x-rgw-object-type: Normal
ETag: "9a4cefea5a1e3870ca124a11fa970e2d"
x-amz-request-id: tx0000000000000378a446c-0063179d5d-c03521c-sfo1
X-Storage-Bucket: z0200
X-Storage-Object: 0200c3550382a3dd06cca822bc9e0737afb236ec4d343b0c5c3771016adf9c6a
X-Host: blu13.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1067x800, components 3\012- data
Size:   241741
Md5:    9a4cefea5a1e3870ca124a11fa970e2d
Sha1:   6fefa5a6231613bfe2c45516e441fd52736c654a
Sha256: 0200c3550382a3dd06cca822bc9e0737afb236ec4d343b0c5c3771016adf9c6a
                                        
                                            GET /uploads/7/9/8/4/7984078/dd-grocery-days_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:57 GMT
Content-Length: 151043
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 15:35:15 GMT
x-rgw-object-type: Normal
ETag: "9ec696bab0f7d2415d12bf056f57aa33"
x-amz-request-id: tx00000000000003735fff9-0063179d5d-c0351c8-sfo1
X-Storage-Bucket: z914a
X-Storage-Object: 914a8212af6ce7cfcd579ee5e355995ca0e2c137664fd620898450d95d571da3
X-Host: grn46.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 954x692, components 3\012- data
Size:   151043
Md5:    9ec696bab0f7d2415d12bf056f57aa33
Sha1:   332b9e2de86cbe95ed5d19dcd20362e931cb4a02
Sha256: 914a8212af6ce7cfcd579ee5e355995ca0e2c137664fd620898450d95d571da3
                                        
                                            OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.benefits.care/
Origin: https://www.benefits.care
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.235.202.207
HTTP/2 200 OK
                                        
date: Tue, 06 Sep 2022 19:19:58 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.benefits.care
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
X-Firefox-Spdy: h2

                                        
                                            GET /uploads/7/9/8/4/7984078/hazelcrest-medicare-coffee-hour-1_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:57 GMT
Content-Length: 163086
Connection: keep-alive
Last-Modified: Mon, 16 May 2022 03:33:32 GMT
x-rgw-object-type: Normal
ETag: "424121eebda3d6930b06fb3ccc83598a"
x-amz-request-id: tx000000000000037b61158-0063179d5d-bfe36ba-sfo1
X-Storage-Bucket: zbd0b
X-Storage-Object: bd0bc58cd837e006c0ec54c89cfd983308622a9db70e97717f89bf96b6e1f19c
X-Host: grn84.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1006x1078, components 3\012- data
Size:   163086
Md5:    424121eebda3d6930b06fb3ccc83598a
Sha1:   992b97a0d511828c28232b20c4ef21aafb822bf4
Sha256: bd0bc58cd837e006c0ec54c89cfd983308622a9db70e97717f89bf96b6e1f19c
                                        
                                            GET /uploads/7/9/8/4/7984078/img-2509_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:58 GMT
Content-Length: 98062
Connection: keep-alive
Last-Modified: Mon, 23 May 2022 12:12:36 GMT
x-rgw-object-type: Normal
ETag: "48b0e02c314580328ef4e2372665a620"
x-amz-request-id: tx000000000000037929e91-0063179d5e-c0351b0-sfo1
X-Storage-Bucket: z04a2
X-Storage-Object: 04a2b1edcd2e19040fdd6d88216319cbb378935b2d937976bc6b3b34278ec54b
X-Host: grn70.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x800, components 3\012- data
Size:   98062
Md5:    48b0e02c314580328ef4e2372665a620
Sha1:   f5de387c887458cb487d06ece58ceb6750fc0768
Sha256: 04a2b1edcd2e19040fdd6d88216319cbb378935b2d937976bc6b3b34278ec54b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 230
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 19:19:58 GMT
Last-Modified: Tue, 06 Sep 2022 19:16:08 GMT
Server: ECS (amb/6B7A)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1786
Origin: https://www.benefits.care
Connection: keep-alive
Referer: https://www.benefits.care/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.235.202.207
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
date: Tue, 06 Sep 2022 19:19:58 GMT
content-length: 2
server: nginx
set-cookie: sp=0db7fac0-cf64-4dcb-b1ad-c58359e488ed; Expires=Wed, 06 Sep 2023 19:19:58 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.benefits.care
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2085
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 19:19:58 GMT
Last-Modified: Tue, 06 Sep 2022 18:45:13 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /weebly/apps/generateVideo.php?source=weebly&output=js&elementid=209302418711482155&user=7984078&ineditor=0&align=center&margintop=0px&marginbottom=0px&downloadable=0&height=226&video=b/7984078-485169743507177004/220902_janie_at_event_552.mp4&image=b/7984078-485169743507177004/220902_janie_at_event_552.jpg HTTP/1.1 
Host: www.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         74.115.50.110
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Sep 2022 19:19:58 GMT
Server: Apache
X-Host: grn68.sf2p.intern.weebly.net
Vary: User-Agent
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 7986
Keep-Alive: timeout=10, max=60
Connection: Keep-Alive
X-W-DC: SFO
Set-Cookie: language=en; expires=Tue, 20-Sep-2022 19:19:58 GMT; Max-Age=1209600; path=/ sto-id-editor=ONAGBMAK; Domain=weebly.com; Path=/


--- Additional Info ---
Magic:  ASCII text
Size:   7986
Md5:    790e67a81abf489db44f6d666db27184
Sha1:   da2f218b1d072615b1d741f8356de1e5f5efbb37
Sha256: 31d4bf88ed746e4c9b78d0a694ad8311842708441bd4f35d17b73fd68049669c
                                        
                                            GET /images/util/videojs/play-icon.png HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn2.editmysite.com/css/sites.css?buildTime=1662144649
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: image/png
                                        
x-guploader-uploadid: ADPycduRhYPLtWNY-3NV2hzDZagv8a3OxzWhyTuu9Vpa4aQG-ZVG-FUPfn2XoGNoBiekx0ZYRfCpVURrCn086sncGvMsuQ
x-goog-generation: 1495741012858797
x-goog-metageneration: 8
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3434
x-goog-hash: crc32c=jhQo6Q==, md5=ItdHjX2HhY3cB77A0tFa8g==
x-goog-storage-class: STANDARD
server: UploadServer
expires: Sat, 27 Aug 2022 01:08:23 GMT
cache-control: public, max-age=86400, s-maxage=259200
last-modified: Thu, 25 May 2017 19:36:52 GMT
etag: "22d7478d7d87858ddc07bec0d2d15af2"
accept-ranges: bytes
date: Tue, 06 Sep 2022 19:19:58 GMT
via: 1.1 varnish
age: 150379
x-served-by: cache-bma1668-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1662491999.831022,VS0,VE0
access-control-allow-origin: *
content-length: 3434
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size:   3434
Md5:    22d7478d7d87858ddc07bec0d2d15af2
Sha1:   5bcc615975ada37710303f66e852263ebe3c7dea
Sha256: 64c766443a2a39e78f6ac184a19545d6b7bbee0b0ebd0c3471b51cbfad5fffd0
                                        
                                            GET /fonts/Proxima-Light/267447_4_0.woff?123597 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.benefits.care
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: font/woff
                                        
server: nginx
last-modified: Fri, 26 Aug 2022 23:28:02 GMT
etag: "63095702-145cc"
expires: Mon, 12 Sep 2022 12:37:29 GMT
cache-control: max-age=1209600
x-host: blu121.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 19:19:58 GMT
age: 715349
x-served-by: cache-sjc10027-SJC, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 4
x-timer: S1662491999.838923,VS0,VE0
access-control-allow-origin: *
content-length: 83404
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 83404, version 0.0\012- data
Size:   83404
Md5:    4927f09d2dc9fe18041a081cd2935c42
Sha1:   c8e18badb908f3d84c591db5aa6bd46267fa3746
Sha256: e1fc6b6ed76b920de3c74bf0905d090d2e5a54c0687d06a5d4042641af0ae78c
                                        
                                            GET /uploads/7/9/8/4/7984078/img-3140_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:58 GMT
Content-Length: 91380
Connection: keep-alive
Last-Modified: Mon, 23 May 2022 12:29:39 GMT
x-rgw-object-type: Normal
ETag: "96ce10a6042dc3e8ef2f98eb213609ce"
x-amz-request-id: tx000000000000037391bca-0063179d49-c033918-sfo1
X-Storage-Bucket: zcdc3
X-Storage-Object: cdc312133c336b427baef4af0f66782a50d94dbd148f8aa4f05634d6611b11cc
X-Host: blu25.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x800, components 3\012- data
Size:   91380
Md5:    96ce10a6042dc3e8ef2f98eb213609ce
Sha1:   b6e251e33fc58bbfc5fb932752c0f3e06b665e70
Sha256: cdc312133c336b427baef4af0f66782a50d94dbd148f8aa4f05634d6611b11cc
                                        
                                            GET /uploads/7/9/8/4/7984078/050922-state-fair-event-grocery-day_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:58 GMT
Content-Length: 173824
Connection: keep-alive
Last-Modified: Mon, 16 May 2022 03:28:21 GMT
x-rgw-object-type: Normal
ETag: "c68e7caed75bece3248d3bf02530c464"
x-amz-request-id: tx000000000000037392ecd-0063179d5e-c033918-sfo1
X-Storage-Bucket: z0a6f
X-Storage-Object: 0a6fe7db2529ab5ad50bac0642a72a4645785cfe6e3df21220bb466b7c33515e
X-Host: blu27.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 977x1050, components 3\012- data
Size:   173824
Md5:    c68e7caed75bece3248d3bf02530c464
Sha1:   7d991717ba3a81b0d0e21fd204c444b6fd742ad0
Sha256: 0a6fe7db2529ab5ad50bac0642a72a4645785cfe6e3df21220bb466b7c33515e
                                        
                                            GET /ajax/apps/generateMap.php?map=google&elementid=966763712847933773&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=1&typecontrol=0&zoom=11&long=-82.9354084&lat=42.4151665&domain=www&point=1&align=2&reseller=false HTTP/1.1 
Host: www.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.benefits.care/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         74.115.50.67
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 06 Sep 2022 19:19:58 GMT
Server: Apache
X-Host: blu102.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 11574
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
X-W-DC: SFO
Set-Cookie: sto-id-designer=MPHJBNAK; Domain=editmysite.com; Path=/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (827)
Size:   11574
Md5:    a9d0e211ed31beb5728f8722b16d1897
Sha1:   8552d8ec1e892dfb19b2f7980724e492108c02bc
Sha256: dec9b1ce4118e55f61e13d9a3a2bce8ad7eeb77f8f505f2856dda96353bea15e
                                        
                                            GET /uploads/7/9/8/4/7984078/220902-janie-pic-1_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:58 GMT
Content-Length: 225965
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 23:06:00 GMT
x-rgw-object-type: Normal
ETag: "f46c4de9606d427a4d9d2cf273111efd"
x-amz-request-id: tx000000000000037929ec3-0063179d5e-c0351b0-sfo1
X-Storage-Bucket: z6fdc
X-Storage-Object: 6fdc428aacbcf7c023522bc80692e44c1355c7f7ceaf5d7b9688f16562202695
X-Host: grn29.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1100x715, components 3\012- data
Size:   225965
Md5:    f46c4de9606d427a4d9d2cf273111efd
Sha1:   f1e4daaef8c8bf1fdf296ecf8ffa000542df9094
Sha256: 6fdc428aacbcf7c023522bc80692e44c1355c7f7ceaf5d7b9688f16562202695
                                        
                                            GET /uploads/7/9/8/4/7984078/agent-with-senior_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:58 GMT
Content-Length: 59715
Connection: keep-alive
Last-Modified: Tue, 22 Jun 2021 20:06:28 GMT
x-rgw-object-type: Normal
ETag: "80eed8327f7922b46bd47d68c75a848b"
x-amz-request-id: tx00000000000003729e833-0063179d5e-bfe27ea-sfo1
X-Storage-Bucket: z0728
X-Storage-Object: 072827a3de830821badbf739159c69f4445735a9520827db5725dfd6deab5948
X-Host: blu134.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x408, components 3\012- data
Size:   59715
Md5:    80eed8327f7922b46bd47d68c75a848b
Sha1:   4960bc10107b950027e7200ad6c2b5e4a23e4704
Sha256: 072827a3de830821badbf739159c69f4445735a9520827db5725dfd6deab5948
                                        
                                            GET /ajax/apps/generateMap.php?map=google&elementid=839598013294448797&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=1&typecontrol=0&zoom=11&long=-83.1015077&lat=42.4101101&domain=www&point=1&align=2&reseller=false HTTP/1.1 
Host: www.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.benefits.care/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         74.115.50.67
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 06 Sep 2022 19:19:58 GMT
Server: Apache
X-Host: grn51.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 11574
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
X-W-DC: SFO
Set-Cookie: sto-id-designer=BEHIBMAK; Domain=editmysite.com; Path=/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (827)
Size:   11574
Md5:    476a08316720d7bcd27d8c579ea45d65
Sha1:   2cbb55a967bc821b60b91306af7b61a0cd6b6274
Sha256: 329d4a7f18a243783b511104a1a4d6b7625a52d6fced9a4a84a8aa6832c9525a
                                        
                                            GET /ajax/apps/generateMap.php?map=google&elementid=553238918149402022&ineditor=0&control=3&width=auto&height=250px&overviewmap=0&scalecontrol=1&typecontrol=0&zoom=11&long=-83.3105439&lat=42.5009422&domain=www&point=1&align=2&reseller=false HTTP/1.1 
Host: www.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.benefits.care/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         74.115.50.67
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 06 Sep 2022 19:19:59 GMT
Server: Apache
X-Host: grn23.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 11574
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
X-W-DC: SFO
Set-Cookie: sto-id-designer=GNGJBMAK; Domain=editmysite.com; Path=/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (827)
Size:   11574
Md5:    c6cb08a7d8e61cb7cfe96a7c980f78fe
Sha1:   636a2ef241de47011fbc2d2bfe3677e115cba505
Sha256: 638051024dc95de93cbb1b6224b1361e4df8549a8becb465ac4ae864b7b28ec9
                                        
                                            GET /uploads/7/9/8/4/7984078/ac-ccdd_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:58 GMT
Content-Length: 45592
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 14:31:47 GMT
x-rgw-object-type: Normal
ETag: "380288f257732f91f79c2da84fec4724"
x-amz-request-id: tx000000000000037b61298-0063179d5e-bfe36ba-sfo1
X-Storage-Bucket: zd363
X-Storage-Object: d363ea904451ff2f24ddea6774889376d93eb0367bccdaff3716291e3c4ba5f4
X-Host: grn127.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 967x129, components 3\012- data
Size:   45592
Md5:    380288f257732f91f79c2da84fec4724
Sha1:   ce2b725b6f5e8e6997c46dc0451f03f91bcefd80
Sha256: d363ea904451ff2f24ddea6774889376d93eb0367bccdaff3716291e3c4ba5f4
                                        
                                            GET /uploads/7/9/8/4/7984078/img-3144_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:59 GMT
Content-Length: 72108
Connection: keep-alive
Last-Modified: Mon, 23 May 2022 12:27:44 GMT
x-rgw-object-type: Normal
ETag: "6bbdf3bf6efc654f474a8b3a3202b941"
x-amz-request-id: tx000000000000037929f8f-0063179d5f-c0351b0-sfo1
X-Storage-Bucket: z4c6e
X-Storage-Object: 4c6e64b02b29544f6191917a9a43304eb0c8ab8f50e3bec22ecbc3117c1f0778
X-Host: grn127.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 780x800, components 3\012- data
Size:   72108
Md5:    6bbdf3bf6efc654f474a8b3a3202b941
Sha1:   b9376c54fa22f1edcfc0638a37d5062238f702b1
Sha256: 4c6e64b02b29544f6191917a9a43304eb0c8ab8f50e3bec22ecbc3117c1f0778
                                        
                                            GET /uploads/b/7984078-485169743507177004/220902_janie_at_event_552.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en; _snow_ses.1ce9=*; _snow_id.1ce9=5673db3b-7225-40ce-a4fc-ccc23d5e599e.1662491992.1.1662491992.1662491992.d2c18ff1-1cca-4294-91e0-2611423fc5b1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:58 GMT
Content-Length: 253068
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 23:13:06 GMT
x-rgw-object-type: Normal
ETag: "1f61b9c1dfb26bc90df52719eebf3518"
x-amz-request-id: tx00000000000003729e890-0063179d5e-bfe27ea-sfo1
X-Storage-Bucket: zd0c5
X-Storage-Object: d0c52e32f13a6119724928f1f10c35aec436ea352277c96daedd8932545b2ec8
X-Host: grn46.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1280x720, components 3\012- data
Size:   253068
Md5:    1f61b9c1dfb26bc90df52719eebf3518
Sha1:   5b454ab5cb7285de2b1bf2b12bd60b2f632401c3
Sha256: d0c52e32f13a6119724928f1f10c35aec436ea352277c96daedd8932545b2ec8
                                        
                                            GET /uploads/7/9/8/4/7984078/220902-janie-pic-2nd_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:59 GMT
Content-Length: 397906
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 23:07:37 GMT
x-rgw-object-type: Normal
ETag: "9885a36f7d4f74f7076fa085f724b333"
x-amz-request-id: tx00000000000003736014d-0063179d5f-c0351c8-sfo1
X-Storage-Bucket: z38cc
X-Storage-Object: 38cc522a72bdf152ea78caeeb547a344f1266fe93b266227e929c70143222161
X-Host: blu71.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 879x1448, components 3\012- data
Size:   397906
Md5:    9885a36f7d4f74f7076fa085f724b333
Sha1:   87b4d91f504b8d4221bc31993ec8ff6b62d4577e
Sha256: 38cc522a72bdf152ea78caeeb547a344f1266fe93b266227e929c70143222161
                                        
                                            GET /uploads/7/9/8/4/7984078/ee-dr-sowirka_orig.png HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:58 GMT
Content-Length: 391847
Connection: keep-alive
Last-Modified: Mon, 16 May 2022 02:46:58 GMT
x-rgw-object-type: Normal
ETag: "0aae71f580b368a8bfeff8c7f4bb8515"
x-amz-request-id: tx000000000000037b61247-0063179d5e-bfe36ba-sfo1
X-Storage-Bucket: z0022
X-Storage-Object: 00222259044472e9efeab92af1d79ab830e82960e1fcaade4530003cf758f20a
X-Host: blu13.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 1123 x 514, 8-bit/color RGB, non-interlaced\012- data
Size:   391847
Md5:    0aae71f580b368a8bfeff8c7f4bb8515
Sha1:   7706160be45196b0ddb0b73123e1debb513f7cf3
Sha256: 00222259044472e9efeab92af1d79ab830e82960e1fcaade4530003cf758f20a
                                        
                                            GET /uploads/7/9/8/4/7984078/img-2514_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:59 GMT
Content-Length: 98197
Connection: keep-alive
Last-Modified: Mon, 23 May 2022 12:39:20 GMT
x-rgw-object-type: Normal
ETag: "c70f08b882e4210e81055e34bbbbd22d"
x-amz-request-id: tx000000000000037929f7a-0063179d5f-c0351b0-sfo1
X-Storage-Bucket: z360e
X-Storage-Object: 360e21cb6d51c4cd2865d2bffc564e85b2b1cba08072aaec242968cc9ba13637
X-Host: grn32.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x800, components 3\012- data
Size:   98197
Md5:    c70f08b882e4210e81055e34bbbbd22d
Sha1:   5d59efa96279ae89252ac369b109e5f18ef972d4
Sha256: 360e21cb6d51c4cd2865d2bffc564e85b2b1cba08072aaec242968cc9ba13637
                                        
                                            GET /uploads/7/9/8/4/7984078/img-2511_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:59 GMT
Content-Length: 95193
Connection: keep-alive
Last-Modified: Mon, 23 May 2022 12:13:00 GMT
x-rgw-object-type: Normal
ETag: "8d59aa292a9b3253dc72dc5cb8992ad4"
x-amz-request-id: tx000000000000037360146-0063179d5f-c0351c8-sfo1
X-Storage-Bucket: z150a
X-Storage-Object: 150a0c85326e4394218be271a6de1650cc36bc347be909442b349da90caf3879
X-Host: blu24.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x800, components 3\012- data
Size:   95193
Md5:    8d59aa292a9b3253dc72dc5cb8992ad4
Sha1:   f09bb15ab92c3bf045c90490e57118901f3ba39e
Sha256: 150a0c85326e4394218be271a6de1650cc36bc347be909442b349da90caf3879
                                        
                                            GET /uploads/7/9/8/4/7984078/img-3127_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:59 GMT
Content-Length: 84660
Connection: keep-alive
Last-Modified: Mon, 23 May 2022 12:27:54 GMT
x-rgw-object-type: Normal
ETag: "0d20745c46235d96a9656bc1cf684b81"
x-amz-request-id: tx000000000000037392fc4-0063179d5f-c033918-sfo1
X-Storage-Bucket: z2a5d
X-Storage-Object: 2a5d40a59a281b5f625f31574734aa7c2c217d48ad8504907b0f5191a574fa6d
X-Host: grn70.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 717x800, components 3\012- data
Size:   84660
Md5:    0d20745c46235d96a9656bc1cf684b81
Sha1:   5659cd48ba1f6a5d2499035d7ae90f82736b82d6
Sha256: 2a5d40a59a281b5f625f31574734aa7c2c217d48ad8504907b0f5191a574fa6d
                                        
                                            GET /uploads/7/9/8/4/7984078/img-3132_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:59 GMT
Content-Length: 56750
Connection: keep-alive
Last-Modified: Mon, 23 May 2022 12:28:12 GMT
x-rgw-object-type: Normal
ETag: "aa5b39df4352ed36d4f35a5ddbc49cd3"
x-amz-request-id: tx000000000000037b6136b-0063179d5f-bfe36ba-sfo1
X-Storage-Bucket: zb98c
X-Storage-Object: b98c457120f01d7d2edace3f5dafa7bb3eba59c4413444ede74a4873b1698905
X-Host: grn46.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x800, components 3\012- data
Size:   56750
Md5:    aa5b39df4352ed36d4f35a5ddbc49cd3
Sha1:   a3710d440e6f2b6ac4441edd4b5e480683a55559
Sha256: b98c457120f01d7d2edace3f5dafa7bb3eba59c4413444ede74a4873b1698905
                                        
                                            GET /uploads/7/9/8/4/7984078/ee-staff_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:59 GMT
Content-Length: 164562
Connection: keep-alive
Last-Modified: Mon, 16 May 2022 02:55:00 GMT
x-rgw-object-type: Normal
ETag: "7e4dbd61181b0791a6a6c9df5632c269"
x-amz-request-id: tx00000000000003729e953-0063179d5f-bfe27ea-sfo1
X-Storage-Bucket: zb320
X-Storage-Object: b320a94d582bfeed095cdb1e9bd371fff58d17a3863131f91f345794a4a69fa8
X-Host: blu14.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 987x800, components 3\012- data
Size:   164562
Md5:    7e4dbd61181b0791a6a6c9df5632c269
Sha1:   caacb94f8ed587385a8c9951aefb31fc43a84dbc
Sha256: b320a94d582bfeed095cdb1e9bd371fff58d17a3863131f91f345794a4a69fa8
                                        
                                            GET /uploads/7/9/8/4/7984078/img-3130_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:59 GMT
Content-Length: 67409
Connection: keep-alive
Last-Modified: Mon, 23 May 2022 12:28:47 GMT
x-rgw-object-type: Normal
ETag: "f7e9ca0f89b0542162f4ca8f49515907"
x-amz-request-id: tx00000000000003792a007-0063179d5f-c0351b0-sfo1
X-Storage-Bucket: z1fc7
X-Storage-Object: 1fc795624989d53206bc1316fe7580f30544ba0a22b9b652bc50cb8a58aa5232
X-Host: blu24.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 662x800, components 3\012- data
Size:   67409
Md5:    f7e9ca0f89b0542162f4ca8f49515907
Sha1:   d29407f8f86cab388ccb9ef9af9a65b81f04434a
Sha256: 1fc795624989d53206bc1316fe7580f30544ba0a22b9b652bc50cb8a58aa5232
                                        
                                            GET /uploads/7/9/8/4/7984078/img-3135_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:59 GMT
Content-Length: 127779
Connection: keep-alive
Last-Modified: Mon, 23 May 2022 12:28:32 GMT
x-rgw-object-type: Normal
ETag: "b4fed8cdc414a79a86aa604606e980ad"
x-amz-request-id: tx000000000000037b61382-0063179d5f-bfe36ba-sfo1
X-Storage-Bucket: z7b1e
X-Storage-Object: 7b1efc63d87c5aa4e2cb208044ee4929c1961b700edfdc1ffe03b392a963af75
X-Host: grn127.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1067x800, components 3\012- data
Size:   127779
Md5:    b4fed8cdc414a79a86aa604606e980ad
Sha1:   5c9e2532e4db10ae2f924b4750f1b1dc3d2cffd5
Sha256: 7b1efc63d87c5aa4e2cb208044ee4929c1961b700edfdc1ffe03b392a963af75
                                        
                                            GET /uploads/7/9/8/4/7984078/ee-dr-tv_orig.png HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:19:59 GMT
Content-Length: 91160
Connection: keep-alive
Last-Modified: Mon, 16 May 2022 02:58:32 GMT
x-rgw-object-type: Normal
ETag: "3f69f731817fbcf514c4ef38f6208911"
x-amz-request-id: tx00000000000003735eedd-0063179d4b-c0351c8-sfo1
X-Storage-Bucket: z1731
X-Storage-Object: 17315da1ae299f7c20c3d6dfcd3cf88d9505a90a44de857f54555c39f29c75c5
X-Host: blu134.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 274 x 168, 8-bit/color RGBA, non-interlaced\012- data
Size:   91160
Md5:    3f69f731817fbcf514c4ef38f6208911
Sha1:   fc4afb5b70f2142f28ffb008e1357be9cc5a36ba
Sha256: 17315da1ae299f7c20c3d6dfcd3cf88d9505a90a44de857f54555c39f29c75c5
                                        
                                            GET /uploads/7/9/8/4/7984078/ee-grand-open_orig.png HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:20:00 GMT
Content-Length: 101155
Connection: keep-alive
Last-Modified: Mon, 16 May 2022 03:00:20 GMT
x-rgw-object-type: Normal
ETag: "e041c0b6cd1ef81ff42fe4667b386df2"
x-amz-request-id: tx00000000000003792a04a-0063179d60-c0351b0-sfo1
X-Storage-Bucket: z0cdc
X-Storage-Object: 0cdc76d64110a813b9f2f2bb64d4bb32d79fc26b37472b8d6f96325f7d7152ad
X-Host: grn29.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 290 x 174, 8-bit/color RGBA, non-interlaced\012- data
Size:   101155
Md5:    e041c0b6cd1ef81ff42fe4667b386df2
Sha1:   3bc5f127acf12480a98e88259e306a510c941256
Sha256: 0cdc76d64110a813b9f2f2bb64d4bb32d79fc26b37472b8d6f96325f7d7152ad
                                        
                                            GET /uploads/7/9/8/4/7984078/dr-jen-casey_orig.png HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:20:00 GMT
Content-Length: 76062
Connection: keep-alive
Last-Modified: Mon, 16 May 2022 03:00:37 GMT
x-rgw-object-type: Normal
ETag: "1b9b31f0b941a1a5dc0d0a84d2e3c13a"
x-amz-request-id: tx000000000000033ede129-0063128b02-c033918-sfo1
X-Storage-Bucket: zf224
X-Storage-Object: f224171b203110a65f64794c94a30f0422c15e52bc5fd2b2801eaac747c105cb
X-Host: grn84.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 300 x 168, 8-bit/color RGBA, non-interlaced\012- data
Size:   76062
Md5:    1b9b31f0b941a1a5dc0d0a84d2e3c13a
Sha1:   0302978042619e29a3f712f2d85fd401f175dfa1
Sha256: f224171b203110a65f64794c94a30f0422c15e52bc5fd2b2801eaac747c105cb
                                        
                                            GET /uploads/7/9/8/4/7984078/051222-harriet-tubman-event-flyer-1_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:20:00 GMT
Content-Length: 183648
Connection: keep-alive
Last-Modified: Mon, 16 May 2022 03:29:41 GMT
x-rgw-object-type: Normal
ETag: "8aa7fdf3288ffe9d49e71407d3ed71c8"
x-amz-request-id: tx000000000000034b3b31c-00631358ba-c03521c-sfo1
X-Storage-Bucket: z2d77
X-Storage-Object: 2d775533f479867f0897abd78a49920d0798da994964391a3210b4b474d8d6ac
X-Host: blu13.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1009x1064, components 3\012- data
Size:   183648
Md5:    8aa7fdf3288ffe9d49e71407d3ed71c8
Sha1:   704af787bf833399ff7aba9854fe88c31b3b2457
Sha256: 2d775533f479867f0897abd78a49920d0798da994964391a3210b4b474d8d6ac
                                        
                                            GET /uploads/7/9/8/4/7984078/dr-greet_orig.png HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:20:00 GMT
Content-Length: 97531
Connection: keep-alive
Last-Modified: Mon, 16 May 2022 03:00:48 GMT
x-rgw-object-type: Normal
ETag: "d0c9993d475d3681659ccc346685b305"
x-amz-request-id: tx000000000000037b613f8-0063179d60-bfe36ba-sfo1
X-Storage-Bucket: z0361
X-Storage-Object: 036141d815afe7d8b76b763744c1dffafaf92928f2db3483a771c0ba603f53a6
X-Host: blu24.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  PNG image data, 275 x 183, 8-bit/color RGBA, non-interlaced\012- data
Size:   97531
Md5:    d0c9993d475d3681659ccc346685b305
Sha1:   dc3ff0cfe55eb50bcb33ac405ed483f216cfc682
Sha256: 036141d815afe7d8b76b763744c1dffafaf92928f2db3483a771c0ba603f53a6
                                        
                                            GET /uploads/7/9/8/4/7984078/bingo-day_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:20:00 GMT
Content-Length: 167229
Connection: keep-alive
Last-Modified: Mon, 16 May 2022 03:28:06 GMT
x-rgw-object-type: Normal
ETag: "257756b2df489b18ca84f1dfc0549fef"
x-amz-request-id: tx00000000000003735ef4a-0063179d4b-c0351c8-sfo1
X-Storage-Bucket: z833b
X-Storage-Object: 833b47432e1ccb5a42e6236cb0d0d24cc2c866e71975d7b80eb6e01b8625af10
X-Host: grn46.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 839x941, components 3\012- data
Size:   167229
Md5:    257756b2df489b18ca84f1dfc0549fef
Sha1:   057f9fd8e0e62c6bbad2e06c2d5480ea304fb2b8
Sha256: 833b47432e1ccb5a42e6236cb0d0d24cc2c866e71975d7b80eb6e01b8625af10
                                        
                                            GET /uploads/7/9/8/4/7984078/051322-sojourner-truth-homes-flyer-1_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:20:00 GMT
Content-Length: 172945
Connection: keep-alive
Last-Modified: Mon, 16 May 2022 03:28:35 GMT
x-rgw-object-type: Normal
ETag: "91ea824874cfdf74b7143e43c5ee4b6b"
x-amz-request-id: tx000000000000036fd82fb-0063175e1c-c033918-sfo1
X-Storage-Bucket: z4886
X-Storage-Object: 48867ad8fc7261ca9153e90c22080b076ea8dac5e47677639d8c6730b49631f9
X-Host: blu24.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 969x1022, components 3\012- data
Size:   172945
Md5:    91ea824874cfdf74b7143e43c5ee4b6b
Sha1:   dcbf510457ecdf76f55198304026fbb3bfe2553a
Sha256: 48867ad8fc7261ca9153e90c22080b076ea8dac5e47677639d8c6730b49631f9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 19:20:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ga.js HTTP/1.1 
Host: ssl.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.8
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Tue, 06 Sep 2022 18:29:20 GMT
expires: Tue, 06 Sep 2022 20:29:20 GMT
cache-control: public, max-age=7200
age: 3041
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1305)
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 19:20:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://www.benefits.care
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en; _snow_ses.1ce9=*; _snow_id.1ce9=5673db3b-7225-40ce-a4fc-ccc23d5e599e.1662491992.1.1662491992.1662491992.d2c18ff1-1cca-4294-91e0-2611423fc5b1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Tue, 06 Sep 2022 19:20:01 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn91.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=24
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Size:   348
Md5:    a944dd688c99d2901d6719be713271c0
Sha1:   4f5454d5d434829baf46671638610791758725d9
Sha256: adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
                                        
                                            POST /ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getMiniCart] HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 69
Origin: https://www.benefits.care
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en; _snow_ses.1ce9=*; _snow_id.1ce9=5673db3b-7225-40ce-a4fc-ccc23d5e599e.1662491992.1.1662491992.1662491992.d2c18ff1-1cca-4294-91e0-2611423fc5b1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Tue, 06 Sep 2022 19:20:01 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu88.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 2073
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   2331
Md5:    3a1419968ea3700782d2c6aa8b52298b
Sha1:   1edd72420485e159cc2a8dd7c66cb99e1ddd2fb5
Sha256: c76a8b6c8798a1f07f1045494ddf49b7212d0f8dd927493cb0529d94fa80e5b9

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en; _snow_ses.1ce9=*; _snow_id.1ce9=5673db3b-7225-40ce-a4fc-ccc23d5e599e.1662491992.1.1662491992.1662491992.d2c18ff1-1cca-4294-91e0-2611423fc5b1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:20:01 GMT
Content-Length: 2641
Connection: keep-alive
Last-Modified: Sun, 15 May 2022 13:08:27 GMT
x-rgw-object-type: Normal
ETag: "a4d50d48b63d844a0366e9f557a0a5aa"
x-amz-request-id: tx00000000000003729ead0-0063179d61-bfe27ea-sfo1
X-Storage-Bucket: z9ffa
X-Storage-Object: 9ffa2986da4a39c48fc2474cf84b0e2d2b9b817bd72b11c0c931016e7573a97e
X-Host: grn46.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 64x64, components 3\012- data
Size:   2641
Md5:    a4d50d48b63d844a0366e9f557a0a5aa
Sha1:   ceeae35cda1949fd2f4b3f61af3200827c0b7a14
Sha256: 9ffa2986da4a39c48fc2474cf84b0e2d2b9b817bd72b11c0c931016e7573a97e
                                        
                                            GET /uploads/7/9/8/4/7984078/ac-full-monument_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en; _snow_ses.1ce9=*; _snow_id.1ce9=5673db3b-7225-40ce-a4fc-ccc23d5e599e.1662491992.1.1662491992.1662491992.d2c18ff1-1cca-4294-91e0-2611423fc5b1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:20:01 GMT
Content-Length: 164765
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 14:31:26 GMT
x-rgw-object-type: Normal
ETag: "eb09a5f866c43c2aa2325b64b385836e"
x-amz-request-id: tx000000000000037836ff2-0063179634-c03521c-sfo1
X-Storage-Bucket: z351b
X-Storage-Object: 351b6194cbecc9cbcdba0b22fd9a7d2a22615869644b72af7f548155e5166c3a
X-Host: grn139.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 731x800, components 3\012- data
Size:   164765
Md5:    eb09a5f866c43c2aa2325b64b385836e
Sha1:   f7791ea94dee91341ea4478b3619a24b313f6acd
Sha256: 351b6194cbecc9cbcdba0b22fd9a7d2a22615869644b72af7f548155e5166c3a
                                        
                                            GET /uploads/7/9/8/4/7984078/img-3136_orig.jpg HTTP/1.1 
Host: www.benefits.care
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Cookie: is_mobile=0; language=en; _snow_ses.1ce9=*; _snow_id.1ce9=5673db3b-7225-40ce-a4fc-ccc23d5e599e.1662491992.1.1662491992.1662491992.d2c18ff1-1cca-4294-91e0-2611423fc5b1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.77
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 19:20:01 GMT
Content-Length: 131730
Connection: keep-alive
Last-Modified: Mon, 23 May 2022 12:29:06 GMT
x-rgw-object-type: Normal
ETag: "8719e7c7029bf0cacf9f89bb6752c94e"
x-amz-request-id: tx0000000000000376ab012-0063174c1a-bfe36ba-sfo1
X-Storage-Bucket: z0f31
X-Storage-Object: 0f3137fdbbf0fe0fe98ea643d4a15d34d4826752aee82a0830d7eda7ec1f47de
X-Host: blu71.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1027x800, components 3\012- data
Size:   131730
Md5:    8719e7c7029bf0cacf9f89bb6752c94e
Sha1:   062bdb560161991222c5be85255ed3a2f697416f
Sha256: 0f3137fdbbf0fe0fe98ea643d4a15d34d4826752aee82a0830d7eda7ec1f47de
                                        
                                            GET /css?family=Lora:400,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 19:19:56 GMT
date: Tue, 06 Sep 2022 19:19:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/site/main-customer-accounts-site.js?buildTime=1662144649 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Fri, 02 Sep 2022 18:13:42 GMT
etag: "631247d6-82592"
expires: Fri, 16 Sep 2022 18:51:18 GMT
cache-control: max-age=1209600
x-host: blu119.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 19:19:56 GMT
age: 347318
x-served-by: cache-sjc10061-SJC, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 3
x-timer: S1662491997.926318,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 159023
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/lang/en/stl.js?buildTime=1662144649& HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Fri, 02 Sep 2022 18:12:14 GMT
etag: "6312477e-2c44e"
expires: Fri, 16 Sep 2022 18:51:18 GMT
cache-control: max-age=1209600
x-host: blu9.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 19:19:56 GMT
age: 347319
x-served-by: cache-sjc10028-SJC, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 2320, 135
x-timer: S1662491997.927455,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 32802
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Montserrat:400,700&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.benefits.care/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 19:19:57 GMT
date: Tue, 06 Sep 2022 19:19:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---