Overview

URL thecacaoconnection.com/
IP199.34.228.70
ASNWEEBLY
Location United States
Report completed2022-09-06 16:08:53 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-06 2 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1661444071 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (33)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.100
mnemonic passive DNS downloads.mailchimp.com (6) 11609 2012-05-23 18:26:46 UTC 2022-09-06 06:00:43 UTC 143.204.55.95
mnemonic passive DNS fonts.googleapis.com (4) 8877 2014-07-21 13:19:55 UTC 2022-09-06 12:21:11 UTC 142.250.74.10
mnemonic passive DNS cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-09-06 04:40:07 UTC 151.101.85.229
mnemonic passive DNS bookeo.com (1) 123825 2012-12-10 17:44:16 UTC 2022-09-06 14:11:06 UTC 192.155.93.150
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-09-06 04:41:22 UTC 23.36.77.32
mnemonic passive DNS ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-09-06 07:27:18 UTC 172.64.155.188
mnemonic passive DNS www-151p.bookeo.com (4) 0 2017-02-08 12:19:25 UTC 2019-09-16 13:01:35 UTC 104.192.226.138 Domain (bookeo.com) ranked at: 123825
mnemonic passive DNS mc.us8.list-manage.com (1) 118380 2015-01-08 21:53:09 UTC 2022-09-06 07:45:28 UTC 104.110.24.122
mnemonic passive DNS www.facebook.com (1) 99 2017-01-30 05:00:00 UTC 2022-09-06 04:39:59 UTC 31.13.72.36
mnemonic passive DNS gapi.beeketing.com (1) 83849 2018-02-01 07:32:09 UTC 2022-09-06 16:04:40 UTC 104.21.91.43
mnemonic passive DNS thecacaoconnection.com (1) 0 2015-05-29 05:44:18 UTC 2022-08-11 20:52:54 UTC 199.34.228.70 Unknown ranking
mnemonic passive DNS ajax.googleapis.com (1) 12905 2019-10-15 17:52:08 UTC 2022-09-06 11:20:27 UTC 142.250.74.42
mnemonic passive DNS widgetic.com (2) 70401 2018-09-24 13:15:55 UTC 2022-09-06 11:04:24 UTC 104.21.80.216
mnemonic passive DNS fonts.gstatic.com (8) 0 2014-08-29 13:43:22 UTC 2022-09-06 04:40:06 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS js.stripe.com (2) 1149 2012-09-30 12:39:23 UTC 2022-09-06 05:25:10 UTC 143.204.55.101
mnemonic passive DNS ssl.google-analytics.com (1) 275 2012-10-03 00:55:57 UTC 2022-09-06 04:42:21 UTC 142.250.74.168
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-06 10:46:34 UTC 143.204.55.115
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-06 05:16:49 UTC 143.204.55.25
mnemonic passive DNS www.thecacaoconnection.com (13) 0 2015-05-29 05:44:18 UTC 2022-08-11 20:53:28 UTC 199.34.228.70 Unknown ranking
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-06 14:05:05 UTC 142.250.74.72
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-06 04:40:31 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2022-09-06 12:27:00 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-06 04:43:30 UTC 34.214.17.205
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-06 04:47:03 UTC 104.18.20.226
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-06 08:08:24 UTC 34.120.237.76
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-06 11:45:40 UTC 142.250.74.174
mnemonic passive DNS ec.editmysite.com (2) 12806 2017-01-29 21:50:35 UTC 2022-09-06 07:40:47 UTC 35.82.13.103
mnemonic passive DNS cdn2.editmysite.com (8) 11564 2012-10-02 18:27:39 UTC 2022-09-06 07:40:46 UTC 151.101.85.46
mnemonic passive DNS sdk.beeketing.com (2) 52956 2017-01-04 06:23:37 UTC 2022-09-06 12:45:00 UTC 104.21.91.43
mnemonic passive DNS m.stripe.network (2) 1204 2018-06-23 22:39:58 UTC 2022-09-06 05:25:11 UTC 54.230.111.75
mnemonic passive DNS ocsp.pki.goog (14) 175 2017-06-14 07:23:31 UTC 2022-09-06 04:40:10 UTC 142.250.74.3
mnemonic passive DNS m.stripe.com (1) 1092 2021-04-11 19:21:28 UTC 2022-09-06 06:09:55 UTC 52.34.194.100


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.34.228.70

Date UQ / IDS / BL URL IP
2022-09-20 23:47:01 +0000
0 - 0 - 7 www.knottlaw.org/ 199.34.228.70
2022-09-06 18:44:03 +0000
0 - 0 - 1 www.menandwomenunited.org/food-pantry.html 199.34.228.70
2022-09-06 16:08:53 +0000
0 - 0 - 1 thecacaoconnection.com/ 199.34.228.70
2022-09-06 12:37:03 +0000
0 - 0 - 1 www.selmarketing.net/ 199.34.228.70
2022-09-06 03:21:05 +0000
0 - 0 - 1 mediageneration.co.uk/ 199.34.228.70

Last 5 reports on ASN: WEEBLY

Date UQ / IDS / BL URL IP
2022-11-26 21:34:35 +0000
0 - 0 - 18 att-103486.weeblysite.com/ 199.34.228.97
2022-11-26 18:51:01 +0000
0 - 0 - 18 yahoo-107935.weeblysite.com/ 199.34.228.97
2022-11-26 18:50:23 +0000
0 - 0 - 18 onuraolbillspayment.weeblysite.com/ 199.34.228.97
2022-11-26 18:45:03 +0000
0 - 0 - 19 pemulihan-akun-facebook-co.weebly.com/ 199.34.228.53
2022-11-26 18:44:45 +0000
0 - 0 - 20 loginyourofficemessageoutlook.weebly.com/ 199.34.228.53

Last 1 reports on domain: thecacaoconnection.com

Date UQ / IDS / BL URL IP
2022-09-06 16:08:53 +0000
0 - 0 - 1 thecacaoconnection.com/ 199.34.228.70

No other reports with similar screenshot



JavaScript

Executed Scripts (63)


Executed Evals (2)

#1 JavaScript::Eval (size: 72, repeated: 1) - SHA256: 3421c3a2ecc23147c673489b7f93ffa2404a1e924643f20250dc45bf470ad76d

                                        ({
    usePlainJson: true,
    isDebug: false
})
//# sourceURL=data-dojo-config
                                    

#2 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 74867c5a2cf408b090752d3cb8767bb46fdb4a0529bc959d96f51aeb2607d7e3

                                        require('buffer').Buffer
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 158, repeated: 1) - SHA256: d1167e3b70947916f421c7e95057bdf8910f7ba485e3716107c9fa1cf6403437

                                        < !DOCTYPE html > < html > < head > < meta name = "viewport"
content = "width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" / > < /head><body></body > < /html>
                                    


HTTP Transactions (101)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 16:04:19 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zLYBKqsh3Ugbp--6EZutN2vmFcX_X6u_W7oTTT1Hm7InkQZAz7eZyA==
Age: 261


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3731
Expires: Tue, 06 Sep 2022 17:10:51 GMT
Date: Tue, 06 Sep 2022 16:08:40 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: thecacaoconnection.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         199.34.228.70
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 06 Sep 2022 16:08:40 GMT
Server: Apache
Location: http://www.thecacaoconnection.com/
Content-Length: 242
Keep-Alive: timeout=10, max=71
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   242
Md5:    d2f71fad8d1df889315bf9146f135b66
Sha1:   0805d00a0450e60b278c56cc272f2d40eec40157
Sha256: b8b7281917497ac8b34ea0f3810cadc970b4a60a85a87e07750a4b90bec1146e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QmA6chLxRtTTvLNiMclr9uNnkU3hJ8TIbVcWakN3zwBxodYrEDc2-g==
age: 53603
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 06 Sep 2022 16:08:41 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: www.thecacaoconnection.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         199.34.228.70
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 06 Sep 2022 16:08:41 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=www.thecacaoconnection.com
Vary: X-W-SSL,User-Agent
Location: https://www.thecacaoconnection.com/
X-Host: blu105.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 386
Keep-Alive: timeout=10, max=72
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   386
Md5:    c58f4fb82a7b7d5cd00518384949c71d
Sha1:   0231d43442e6a1d74651a686b8266faffb9088c5
Sha256: 2f6489227a9c2be60565178beb82016cd7be6002b590a81c148c43c686da2067
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 06 Sep 2022 15:38:18 GMT
Expires: Tue, 06 Sep 2022 16:34:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aCSUImiTgW2vxbodi_WdJW_G76vuglpiBLbPkkSxPEsW823Y27Cmbw==
Age: 1823


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6220
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 16:08:41 GMT
Last-Modified: Tue, 06 Sep 2022 14:25:01 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D0DB851E2B7EDEDB05A796A55B98C975769474E4B14A2B8BAA7D1A1C31B84C26"
Last-Modified: Mon, 05 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Tue, 06 Sep 2022 22:08:40 GMT
Date: Tue, 06 Sep 2022 16:08:41 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UWosu2rnwBsSBivdVlUFUQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.214.17.205
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: N798bATO5/obTfEyM8FbORYf0B0=

                                        
                                            GET / HTTP/1.1 
Host: www.thecacaoconnection.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         199.34.228.70
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 06 Sep 2022 16:08:41 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.thecacaoconnection.com language=en; expires=Tue, 20-Sep-2022 16:08:41 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"57a68e5229cc5a22d4de3ef0a2feeb3b-gzip"
Content-Encoding: gzip
X-Host: grn141.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 18388
Keep-Alive: timeout=10, max=60
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (40878)
Size:   18388
Md5:    1cf443e0d74702c241af8e8326d72596
Sha1:   d139814b839ed67ab2891ab43dded4b90cdc163f
Sha256: a714973eb62f39c9cddabd844c08f239ef10c9a9a34b2d25084070a9f4474538
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 16:08:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 16:08:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/site/commerce-core.js?buildTime=1661444071 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Thu, 25 Aug 2022 15:13:00 GMT
etag: "6307917c-f57e"
expires: Thu, 08 Sep 2022 16:15:09 GMT
cache-control: max-age=1209600
x-host: blu6.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 16:08:42 GMT
age: 1036412
x-served-by: cache-sjc10025-SJC, cache-bma1675-BMA
x-cache: HIT, HIT
x-cache-hits: 30, 1
x-timer: S1662480522.299371,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 17388
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32011)
Size:   17388
Md5:    e32a0ae988b9f1c9de6f0f70bfa0ffbd
Sha1:   c2e9ad2d183fa12c63df33521a919ad9eb0b44cb
Sha256: fb4389e623d2a4a9b1d7be60bb37b99e71294a39fbfee8f7d9db5f68f67d0ec8
                                        
                                            GET /js/site/main-commerce-browse.js?buildTime=1661444071 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Thu, 25 Aug 2022 15:13:00 GMT
etag: "6307917c-f92d"
expires: Thu, 08 Sep 2022 16:15:09 GMT
cache-control: max-age=1209600
x-host: blu116.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 16:08:42 GMT
age: 1036412
x-served-by: cache-sjc10081-SJC, cache-bma1675-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1662480522.299861,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 16977
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32049)
Size:   16977
Md5:    15eaf839ff82242f8d02b1f60c073760
Sha1:   ed5886bbb71827073b52523683a95f0a051f8c40
Sha256: c484962adc762a7df4929e867d53141cebf339cc60e1c611b3b7bfa61e1aea7d
                                        
                                            GET /gtag/js?id=UA-161573962-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 16:08:42 GMT
expires: Tue, 06 Sep 2022 16:08:42 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Sep 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41829
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1615)
Size:   41829
Md5:    c4c61df1e239c0866553035fdc1e80fc
Sha1:   d417c0d0c37ad81b6450a242631c5cbb71b14cb0
Sha256: 5fd4ef428766a59ee245b6ad789ca6e6482c067e43580cded59203968198fe31
                                        
                                            GET /js/site/main-customer-accounts-site.js?buildTime=1661444071 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Thu, 25 Aug 2022 15:13:00 GMT
etag: "6307917c-8250f"
expires: Thu, 08 Sep 2022 16:15:09 GMT
cache-control: max-age=1209600
x-host: blu107.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 16:08:42 GMT
age: 1036412
x-served-by: cache-sjc10074-SJC, cache-bma1675-BMA
x-cache: HIT, HIT
x-cache-hits: 1267, 1
x-timer: S1662480522.301805,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 158930
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32007)
Size:   158930
Md5:    f740fdfbcf394f270a9b176029fa6f37
Sha1:   5f20c49627104282744508eb0278d7185128532e
Sha256: 3021f0f944c9bd7c6e995601f25b3d970e0bd41f9a411f08b2871bb5415a8707

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 16:08:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css/sites.css?buildTime=1661444071 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Thu, 25 Aug 2022 15:12:36 GMT
etag: W/"63079164-347ac"
expires: Thu, 08 Sep 2022 16:14:57 GMT
cache-control: max-age=1209600
x-host: blu116.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 16:08:42 GMT
age: 1036425
x-served-by: cache-sjc10030-SJC, cache-bma1675-BMA
x-cache: HIT, HIT
x-cache-hits: 42, 3
x-timer: S1662480522.310797,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 29746
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   29746
Md5:    d10158b22b553f723d99dc78eaee6390
Sha1:   80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
Sha256: 939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
                                        
                                            GET /js/lang/en/stl.js?buildTime=1661444071& HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Thu, 25 Aug 2022 15:11:43 GMT
etag: "6307912f-2c44e"
expires: Thu, 08 Sep 2022 16:14:57 GMT
cache-control: max-age=1209600
x-host: blu81.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 16:08:42 GMT
age: 1036425
x-served-by: cache-sjc10049-SJC, cache-bma1675-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 2
x-timer: S1662480522.306614,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 32802
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with very long lines (64997)
Size:   32802
Md5:    40ee71f2f2de93b9561845efa9a0cbbc
Sha1:   13451e3fb165d1ad524d9863d8344eab4a2fe353
Sha256: 41a33daf28fc89ce06f3c6a6029d078c20a0f42f07d6ec3dc7127d206dcec5fe
                                        
                                            GET /js/site/main.js?buildTime=1661444071 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Fri, 26 Aug 2022 23:32:06 GMT
etag: "630957f6-74804"
expires: Mon, 12 Sep 2022 11:26:50 GMT
cache-control: max-age=1209600
x-host: blu119.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 16:08:42 GMT
age: 708112
x-served-by: cache-sjc10048-SJC, cache-bma1675-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662480522.304544,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 146400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32147)
Size:   146400
Md5:    81b8673c5d3aa3ab8c0574f2a8f0e3b4
Sha1:   2e0661bc7907d9e2703b3347c3fec579f0aef5d6
Sha256: 0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3551
Cache-Control: max-age=119388
Date: Tue, 06 Sep 2022 16:08:42 GMT
Etag: "63169207-1d7"
Expires: Thu, 08 Sep 2022 01:18:30 GMT
Last-Modified: Tue, 06 Sep 2022 00:19:19 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /files/main_style.css?1661458215 HTTP/1.1 
Host: www.thecacaoconnection.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.70
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 06 Sep 2022 16:08:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn79.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (697)
Size:   5407
Md5:    d2c5aa947cea56554e256fd89fed3063
Sha1:   a3b42db197c9a95669204b56fa9b50b3ab865ae7
Sha256: f1c1ae8acf0bb2ef4a2b6724469ba9593157fb034697cdee2861cd903870720f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 16:08:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 16:08:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/signup-forms/popup/unique-methods/embed.js HTTP/1.1 
Host: downloads.mailchimp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.95
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 17 Aug 2022 13:26:29 GMT
Server: AmazonS3
Content-Encoding: br
Date: Tue, 06 Sep 2022 09:19:32 GMT
ETag: W/"3d9302a8925f2a059e1dfa4fa9b9d42c"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kYpjrwtOIbHtOZO_8t7m25A2qE_nhNCmI1A9VhF5436MGFGi5hRMNw==
Age: 24551
Vary: Accept-Encoding, Origin


--- Additional Info ---
Magic:  ASCII text, with very long lines (65526)
Size:   67300
Md5:    27e55fa66d35d6655bccc0cd7498b535
Sha1:   9557d26eeb85346035944477e33e5a2fb30c6a7c
Sha256: d7eaf18759148b288a9e5bc79821a3a0017e6400f8461a7c0ce0ce6c16c37644
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 16:08:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.42
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 09:37:50 GMT
expires: Sun, 03 Sep 2023 09:37:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 282652
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65483)
Size:   33593
Md5:    a54a444f20643b131117dc2112cca05f
Sha1:   074964746b12ff1d30f7656310d6154ae1cc98b5
Sha256: aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 16:08:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 16:08:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /files/theme/custom.js?1567076458 HTTP/1.1 
Host: www.thecacaoconnection.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.70
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 06 Sep 2022 16:08:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 18 Jan 2021 14:32:50 GMT
ETag: W/"6fcce021697b13e209247c749335d960"
x-amz-request-id: tx000000000000003db5b61-00616719b1-1ff7178-las
X-Storage-Bucket: zd0df
X-Storage-Object: d0df8b892221e49173334063a00f56e6e8e1fcfe0253540a1cf89bd49fb43ae3
X-Host: grn46.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   1593
Md5:    74d9378aca52de5ca7a1843ee89f7a42
Sha1:   0c113c8ace5fe6ec17ff82f4a25ff0e98527b603
Sha256: 31292cde48b5de838ab6de09cac2201be29c601f98df1d4e4ab1f1a9eab46c9b
                                        
                                            GET /files/templateArtifacts.js?1661458215 HTTP/1.1 
Host: www.thecacaoconnection.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.70
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Tue, 06 Sep 2022 16:08:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu27.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (1630)
Size:   1632
Md5:    e0836e8203c22b8e4086f27e91e86f5a
Sha1:   28235e77f5a895c8cd411aff4a6ef4e6f7d419c2
Sha256: 32dbc4a2eeca39a57d35670f00e2cf59e03c279521e47506c56c5c36d8b664b6
                                        
                                            GET /files/theme/plugins.js?1567076458 HTTP/1.1 
Host: www.thecacaoconnection.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.70
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 06 Sep 2022 16:08:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 02 Apr 2022 08:42:51 GMT
x-rgw-object-type: Normal
ETag: W/"4cf5477130f7311a5f0af1ecaf425ee4"
x-amz-request-id: tx000000000000001b8ea71-0062847bf2-b9fbc29-sfo1
X-Storage-Bucket: zb83c
X-Storage-Object: b83c1bdb86ae601a4a54799c364306dd922e98d5fddc177d404611bf1a2706f3
X-Host: blu44.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   18996
Md5:    80b977ddf918a1ff63f2350225772ca6
Sha1:   6fbc6b952295c565f67ea251eeb7a4c0cccd1c6a
Sha256: ca0e7374161e8f72ba8d049e4392e8785c6038763b1cba40726d15a87557d38d
                                        
                                            GET /js/beeketing.js?20220906 HTTP/1.1 
Host: sdk.beeketing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 22 Apr 2021 10:19:49 GMT
If-None-Match: W/"60814dc5-53ef8"
TE: trailers

                                         
                                         104.21.91.43
HTTP/2 304 Not Modified
                                        
date: Tue, 06 Sep 2022 16:08:43 GMT
cache-control: max-age=300, public, s-maxage=300
cf-bgj: minify
cf-polished: origSize=343800
etag: "60814dc5-53ef8"
expires: Tue, 06 Sep 2022 16:10:42 GMT
last-modified: Thu, 22 Apr 2021 10:19:49 GMT
pragma: public
cf-cache-status: HIT
age: 181
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygsLoUvxW%2F0CLwiZ917sYgIkq9skhBGBk0onagGUXYi%2Bi5KJMYqO9pBTPw7wUdc2Kbrufwvdddq%2Bs0mpd8VtlkdzgLGNnBFG00Qe82jSF5uxiNht4Vmo9dLM%2FnqX8yUL8IJbPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74687705bfbab4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /wbl/js/sdk.js HTTP/1.1 
Host: widgetic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.80.216
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 16:08:43 GMT
content-length: 12544
vary: Accept-Encoding
x-powered-by: Express
cache-control: public, max-age=86400
last-modified: Thu, 25 Aug 2022 13:08:46 GMT
etag: W/"9ba3-206806219"
content-encoding: gzip
x-varnish: 546752708
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 9827
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZIFBA1Utefz13A1ucxHKz1OJqg%2B%2FkzJyIHBE4bZsp5c6s9o2SEEm7UHZHoREaULCVtAjkrtQU0IZRjPjGX9MTsTVJrRWNQxrWHrMpdG%2FuUtBG%2F5XV6ERisSPZ5%2F%2FBY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74687705d9e10b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (39843), with no line terminators
Size:   12544
Md5:    5bdd2cee934171c2343f7f21451449e3
Sha1:   743c85150a83060195301232d33f82834a227cd6
Sha256: 1b13d4c0200b2c789a201bdfe4a3ec29e02c0c86384166f3ce5c2897348b9ae5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 16:08:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 16:08:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.thecacaoconnection.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:21 GMT
expires: Thu, 31 Aug 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 506062
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size:   15740
Md5:    b9c29351c46f3e8c8631c4002457f48a
Sha1:   e57e59c5780995ff2937ab2b511a769212974a87
Sha256: f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
                                        
                                            GET /css?family=Roboto:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 16:08:42 GMT
date: Tue, 06 Sep 2022 16:08:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   23881
Md5:    5e6d97d5c871ffb5f938fad243230d99
Sha1:   9030ea9119e85b0818df826be4f2d06626cffaa4
Sha256: 994b9db9feb0729eb357187b8d5ab3c271bceb6ace4168e1d1b956f925f2ef2b
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.thecacaoconnection.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 506075
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13035
Expires: Tue, 06 Sep 2022 19:45:58 GMT
Date: Tue, 06 Sep 2022 16:08:43 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 16:08:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 16:08:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13035
Expires: Tue, 06 Sep 2022 19:45:58 GMT
Date: Tue, 06 Sep 2022 16:08:43 GMT
Connection: keep-alive

                                        
                                            GET /js/wsnbn/snowday262.js HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Tue, 30 Aug 2022 19:50:08 GMT
etag: "630e69f0-124fe"
expires: Thu, 15 Sep 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: grn123.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 16:08:43 GMT
age: 459002
x-served-by: cache-sjc10034-SJC, cache-bma1675-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 4983
x-timer: S1662480523.280526,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 25752
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2512)
Size:   25752
Md5:    234327230add9a5a5d61a48829ea4565
Sha1:   7966cc0e4bd76f88ff193c8a99a067de804b7129
Sha256: bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
                                        
                                            GET /s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.thecacaoconnection.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 18:22:32 GMT
expires: Thu, 31 Aug 2023 18:22:32 GMT
cache-control: public, max-age=31536000
age: 510371
last-modified: Fri, 24 Jun 2022 18:41:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 26100, version 1.0\012- data
Size:   26100
Md5:    312bcfa92b0b0a09c3f404b2c662a0b6
Sha1:   5398ff9ee3c10bffc54e3a9f7e5e7506a822b38a
Sha256: 979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
                                        
                                            GET /s/dancingscript/v24/If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.thecacaoconnection.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 42404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 16:57:36 GMT
expires: Fri, 01 Sep 2023 16:57:36 GMT
cache-control: public, max-age=31536000
age: 429067
last-modified: Mon, 11 Jul 2022 20:34:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 42404, version 1.0\012- data
Size:   42404
Md5:    68a0c578810054f9357521a1930f3eee
Sha1:   90243174fef8bbad60a3d45e07e1f3d19f29c490
Sha256: 44f79d6564067d847cea0ab32624f0db3a4a3a4a0daedee4e5efbad531c88fac
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 16:08:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.thecacaoconnection.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 506075
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:44:33 GMT
age: 66250
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6656
Md5:    983e705542fa78b4d5c876e0c1eada7e
Sha1:   5fc951e5236edd282d4975853ca35dab2e55fb17
Sha256: fa6e478fc213f6cb6c9f33c96c51105262c857bfe313b3d310755be30b1feeb3
                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.thecacaoconnection.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Aug 2022 17:10:21 GMT
expires: Wed, 30 Aug 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 601102
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size:   23580
Md5:    e1b3b5908c9cf23dfb2b9c52b9a023ab
Sha1:   fcd4136085f2a03481d9958cc6793a5ed98e714c
Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:31:02 GMT
age: 41861
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   93971
Md5:    b0403914a12b431a223e48d0e8e9c0ce
Sha1:   bf71522d0abb4e5eb46c7805d50b140dd10d0429
Sha256: 856f7e9f053da3b64cf49b096e0087c4a69bde8d21b0df5a4b1434a756b13694
                                        
                                            GET /css?family=Cabin:400,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 16:08:42 GMT
date: Tue, 06 Sep 2022 16:08:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   7002
Md5:    fa99ac7a505b6bbe5eb68e899e3eeadd
Sha1:   62f74636164f073cc187acba4b8b97ec964c313b
Sha256: 94b5e2d732cebb93ae13348a6e4320bbc3fcb5f6d4742d75a706cce6a5240781
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7855
x-amzn-requestid: d7c8054c-d7d3-4b76-815d-36c3a2e1f6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYn6FwzoAMF40g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166e32-3ededbf27f83503978e0d775;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:46:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QFEoJOq9eyhQH3KTlAB_ctOvGWRfAkPMHiZUa34wae07KaezXFodBg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:57:14 GMT
age: 65489
etag: "ae50ae4aecd962b698c19f2863857b51cea7fcec"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7855
Md5:    8c23179b2131543088771e3fa84ff231
Sha1:   ae50ae4aecd962b698c19f2863857b51cea7fcec
Sha256: 660900ca69b1787a734c1dbe3d6b9b19656912b4bc4715964c4325edff57f008
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GSRJIWisH465dPqbKyPj1iZk1jAu3RGrgwj1CX3X8A397zv9Nt0cHA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 08:35:06 GMT
age: 27217
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4426
Md5:    c81f3df885bdee8cac46ea9495e6b63b
Sha1:   fc766bca874a352a4acb569577d4cf6527f4f074
Sha256: e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 16:08:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/cabin/v26/u-4g0qWljRw-Pd815fNqc8T_wAFcX-c37OnuHXg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.thecacaoconnection.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27584
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 01:28:50 GMT
expires: Sun, 03 Sep 2023 01:28:50 GMT
cache-control: public, max-age=31536000
age: 311993
last-modified: Fri, 24 Jun 2022 18:42:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 27584, version 1.0\012- data
Size:   27584
Md5:    4b1ccde40f50e18ba65d8dd6c37b9568
Sha1:   c3207ebc1f717a9312ffd980ff2167ca2e48019f
Sha256: 8fbad22272f358d3e1a9e09a50761bd38b44cd558e3316d562e33804f9536a54
                                        
                                            GET /v3/m-outer-e52e635988f6f4658a329b4b948f1007.html HTTP/1.1 
Host: js.stripe.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.101
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
content-length: 186
last-modified: Fri, 02 Sep 2022 18:36:32 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Tue, 06 Sep 2022 15:59:07 GMT
cache-control: max-age=31536000
etag: "e52e635988f6f4658a329b4b948f1007"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lewVcWkYG724ZNFoWX7Uy9AS4nzD9sjmYZG7pgB76KMMTFZ9VvPERA==
age: 590
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   62287
Md5:    46bd4c108f3db4b764b405037235cd01
Sha1:   4ac3b1e398cca6c6cd81f6dc01b9c07bfbfd79e8
Sha256: 19b061203406259dc9c104d873cced5867324d0e273b5577989cdfaf461a92c2
                                        
                                            GET /v3/fingerprinted/js/m-outer-a0304d3ea31e8647892809f01854788c.js HTTP/1.1 
Host: js.stripe.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/v3/m-outer-e52e635988f6f4658a329b4b948f1007.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         143.204.55.101
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
content-length: 526
last-modified: Fri, 02 Sep 2022 18:36:32 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
date: Tue, 06 Sep 2022 16:07:45 GMT
cache-control: max-age=60
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: suEBhT_XGkdCF3pN9b5oK0pwHytCFRM-FgWXIa5uriZDqZgxHE8f4Q==
age: 59
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (526), with no line terminators
Size:   526
Md5:    d96c709017743c0759cf3853d1806ba5
Sha1:   72e21587610c49c8305a55e71f73fa88ed618205
Sha256: ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 16:08:43 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 11:18:07 GMT
Expires: Sat, 10 Sep 2022 11:18:06 GMT
Etag: "b3475b32236cadef3b8c1638b1aa53fba694187d"
Cache-Control: max-age=327562,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746877072bbc0b4d-OSL


--- Additional Info ---
Magic:  data
Size:   5649
Md5:    7bbb4f5525fd68402de72ab78387c5f8
Sha1:   6610c8b90515a3ec2d1d79d26a6e04c1dcec44e1
Sha256: 0c4bb962feaddbc4ecbde0a9e6759ff17ee68abb6ced00d41785987e7822ae08
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8134
x-amzn-requestid: 5f6027e8-842f-476a-85e5-cc8b848e4567
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEoVIAMFuiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7095c29a04d2f5310b1b84c4;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Gf6IGDeM-y_nDO1C3m9xeyAJdkYRe2CN87Pi986A7B1qsjq5p9VkQw==
via: 1.1 d7782b26e589b8e1397d352f4daf0d58.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 15:57:32 GMT
etag: "ec19429fa76d9ad47a0578734b011b530b79ebbf"
age: 671
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8134
Md5:    5540d72831e7e7b9fc287f92c48d9f5e
Sha1:   ec19429fa76d9ad47a0578734b011b530b79ebbf
Sha256: bc27a44853fd17cf51d6bba0db58a755c75a309d9b0cbcd454dfc9d62785f72f
                                        
                                            GET /inner.html HTTP/1.1 
Host: m.stripe.network
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.75
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
content-length: 930
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
accept-ranges: bytes
server: Cloudfront
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
date: Tue, 06 Sep 2022 16:05:04 GMT
cache-control: max-age=300, public
etag: "fc2e029628f163bb59adc6fa5a31161c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lfXxvhXzjN-rPqaAoqqMKoTxCEvj5WvIOdDLkzpLOO1nUBGXGqJutw==
age: 223
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (930), with no line terminators
Size:   930
Md5:    fc2e029628f163bb59adc6fa5a31161c
Sha1:   0f4547ae510d1bf36e3630d41bdab29d64c03d64
Sha256: a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
                                        
                                            GET /uploads/1/6/8/9/16899824/cacao-shaman-heart-main-crop_orig.jpg HTTP/1.1 
Host: www.thecacaoconnection.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.70
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 16:08:43 GMT
Content-Length: 186202
Connection: keep-alive
Last-Modified: Sat, 10 Nov 2018 19:24:10 GMT
x-rgw-object-type: Normal
ETag: "126959d58e209552622f1376cc388282"
x-amz-request-id: tx000000000000021b0dc18-0062f6c272-bfe27ea-sfo1
X-Storage-Bucket: z2c25
X-Storage-Object: 2c25f22fd84edf2d1a690879d95e5e4c23b2073f4d838018529e5c46029b9297
X-Host: blu134.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Pixelmator 3.0, datetime=2016:10:19 23:10:15], progressive, precision 8, 1024x730, components 3\012- data
Size:   186202
Md5:    126959d58e209552622f1376cc388282
Sha1:   ba3422704471aa06062371a8e6136c2d00dfe4ee
Sha256: 2c25f22fd84edf2d1a690879d95e5e4c23b2073f4d838018529e5c46029b9297
                                        
                                            GET /npm/@widgetic/sdk/lib/sdk.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.7.10
x-jsd-version-type: version
etag: W/"c37e-Q0dXjLRTDHxVFcSCPxxV3knKM0c"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Sep 2022 16:08:43 GMT
age: 7933
x-served-by: cache-fra19180-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 15765
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (50046)
Size:   16733
Md5:    23e427b2266e4278c874594ad6c06998
Sha1:   40dec0c0c83fa89e51735ae50c0fd4949151735f
Sha256: 6d6c399975df3d653167896e02176e067dda9854e044f61e2191034fedc05021
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 16:08:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "FCFE82DC8B11198ECE3C195C584C56CB55C22C70"
Expires: Wed, 07 Sep 2022 02:00:00 GMT
Last-Modified: Tue, 06 Sep 2022 14:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3220
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74687708bafcb4fd-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    53bd8fb65409500fa67a5fde717e6792
Sha1:   da1a391f60248987d1ba2534bf4343cd24f9e6d4
Sha256: 9937f34e37b1b3245d55aeeb2dec8508cc1a2aaab97955685b752bb6c78dea28
                                        
                                            GET /antonioaversano/reviews?rows=1&columns=2 HTTP/1.1 
Host: bookeo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         192.155.93.150
HTTP/2 302 Found
                                        
date: Tue, 06 Sep 2022 16:08:43 GMT
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
location: https://www-151p.bookeo.com/bookeo/reviews_list.html?aguid=3151ULREKC14BC33B56C0&ctlsrc2=FI2JwG5dc5VfBE4LjRixali3AqnWk3oIQBmE7eAQwK8%3D&src=03b&rows=1&columns=2
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 16:08:43 GMT
Last-Modified: Tue, 06 Sep 2022 15:32:06 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: g_A5RiqhaDehSRZXs7aXJ2Wbx7XjjjCbcCjt1uvAin4vLCWzU2f2kw==
Age: 2197

                                        
                                            GET /css/old/fancybox.css?1661444071 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Thu, 25 Aug 2022 15:12:41 GMT
etag: "63079169-f47"
expires: Thu, 08 Sep 2022 16:18:02 GMT
cache-control: max-age=1209600
x-host: grn132.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Sep 2022 16:08:42 GMT
age: 1036239
x-served-by: cache-sjc10079-SJC, cache-bma1675-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 2
x-timer: S1662480522.314057,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1218
X-Firefox-Spdy: h2

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 06 Sep 2022 14:41:12 GMT
expires: Tue, 06 Sep 2022 16:41:12 GMT
cache-control: public, max-age=7200
age: 5251
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32011)
Size:   29004
Md5:    0bb206ca5b255de386c598d8d140226a
Sha1:   e3600294bf50d61ffc677c00c08ff5909b6a0371
Sha256: 68b4481e156d4ee12e9df144448155ddcf248d432937cfc5a88a4f7e98ca3405
                                        
                                            GET /ga.js HTTP/1.1 
Host: ssl.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Tue, 06 Sep 2022 14:17:11 GMT
expires: Tue, 06 Sep 2022 16:17:11 GMT
cache-control: public, max-age=7200
age: 6692
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1305)
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.thecacaoconnection.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Cookie: is_mobile=0; language=en; _snow_ses.4e1b=*; _snow_id.4e1b=c6b8f820-a85e-474b-b7c6-9ab1316a1e06.1662480518.1.1662480518.1662480518.7924fa0c-14d5-4cf8-b627-bfee29c950b7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.70
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Server: nginx
Date: Tue, 06 Sep 2022 16:08:43 GMT
Content-Length: 1406
Connection: keep-alive
Last-Modified: Tue, 29 Oct 2019 03:43:55 GMT
x-rgw-object-type: Normal
ETag: "4bc0e938416567494b8f8a8be44239be"
x-amz-request-id: tx00000000000001c5efc0f-0062ee050b-bfe27ea-sfo1
X-Storage-Bucket: z8b45
X-Storage-Object: 8b457f228839214983ea5384997d34e45cb1906da0fd3a4c048a5c5294ef9d5b
X-Host: blu13.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16\012- data
Size:   1406
Md5:    4bc0e938416567494b8f8a8be44239be
Sha1:   3b16320ebceed59603005bb95e77f4260356ecd7
Sha256: 8b457f228839214983ea5384997d34e45cb1906da0fd3a4c048a5c5294ef9d5b
                                        
                                            POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1 
Host: www.thecacaoconnection.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://www.thecacaoconnection.com
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Cookie: is_mobile=0; language=en; _snow_ses.4e1b=*; _snow_id.4e1b=c6b8f820-a85e-474b-b7c6-9ab1316a1e06.1662480518.1.1662480518.1662480518.7924fa0c-14d5-4cf8-b627-bfee29c950b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.70
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Tue, 06 Sep 2022 16:08:43 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu107.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=36
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Size:   348
Md5:    a944dd688c99d2901d6719be713271c0
Sha1:   4f5454d5d434829baf46671638610791758725d9
Sha256: adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
                                        
                                            GET /uploads/1/6/8/9/16899824/background-images/391088568.jpg HTTP/1.1 
Host: www.thecacaoconnection.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.70
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 06 Sep 2022 16:08:43 GMT
Content-Length: 447131
Connection: keep-alive
Last-Modified: Thu, 15 Nov 2018 12:34:08 GMT
x-rgw-object-type: Normal
ETag: "b65a145c62078e100898a59993204780"
x-amz-request-id: tx0000000000000370bbc5a-006317708b-c0351c8-sfo1
X-Storage-Bucket: z4585
X-Storage-Object: 458569d5ef325d2d8a2615c452bafbb4f399db800430ae26feb7f5a1ebff8d1c
X-Host: grn84.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 2000x1330, components 3\012- data
Size:   447131
Md5:    b65a145c62078e100898a59993204780
Sha1:   3a49e9d7d79b077fd916dcc71499ff5bf88e0de0
Sha256: 458569d5ef325d2d8a2615c452bafbb4f399db800430ae26feb7f5a1ebff8d1c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1384
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 16:08:44 GMT
Last-Modified: Tue, 06 Sep 2022 15:45:40 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.thecacaoconnection.com/
Origin: https://www.thecacaoconnection.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.82.13.103
HTTP/2 200 OK
                                        
date: Tue, 06 Sep 2022 16:08:44 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.thecacaoconnection.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   45951
Md5:    21ebc1072590db8c549e83bae12b3a3c
Sha1:   f4208715d16f2a40471883952986131a20a12e5c
Sha256: bfca0e41ebba93caa6135046280351995af5da15c09cf84caa31d05d1c1e04bb
                                        
                                            POST /ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getMiniCart] HTTP/1.1 
Host: www.thecacaoconnection.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 69
Origin: https://www.thecacaoconnection.com
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Cookie: is_mobile=0; language=en; _snow_ses.4e1b=*; _snow_id.4e1b=c6b8f820-a85e-474b-b7c6-9ab1316a1e06.1662480518.1.1662480518.1662480518.7924fa0c-14d5-4cf8-b627-bfee29c950b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.70
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Tue, 06 Sep 2022 16:08:43 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn123.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 2074
Keep-Alive: timeout=10, max=41
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2074), with no line terminators
Size:   2074
Md5:    c58d3bdb02389f378a0f56f57f45f6b9
Sha1:   770f10ecffb683182072609525c51ed7ef8578cd
Sha256: 6647ffb3e7ef913c8bfaf6458e2791c921f7a65bc3fbf3519284921d6486b0d1
                                        
                                            POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1796
Origin: https://www.thecacaoconnection.com
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.82.13.103
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
date: Tue, 06 Sep 2022 16:08:44 GMT
content-length: 2
server: nginx
set-cookie: sp=22fcdd4a-c968-4671-8a42-513d54dfc967; Expires=Wed, 06 Sep 2023 16:08:44 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.thecacaoconnection.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            GET /bookeo/reviews_list.html?aguid=3151ULREKC14BC33B56C0&ctlsrc2=FI2JwG5dc5VfBE4LjRixali3AqnWk3oIQBmE7eAQwK8%3D&src=03b&rows=1&columns=2 HTTP/1.1 
Host: www-151p.bookeo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.thecacaoconnection.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         104.192.226.138
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Date: Tue, 06 Sep 2022 16:08:44 GMT
X-Bookeo-ResponseId: 151p_183138fa3f3
Strict-Transport-Security: max-age=31536000
Set-Cookie: AXIOMID=154wqnacjmzljw6a33i3nqos958415; Path=/; Expires=Wed, 07-Sep-2022 00:28:44 GMT; Max-Age=30000; Secure; HttpOnly; SameSite=None
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Language: en-US
Vary: Accept-Encoding, User-Agent
Content-Encoding: gzip
Content-Length: 1600


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   1600
Md5:    e1ce091ae6838c2281815e8deba69a03
Sha1:   2b4705e83db65f720a58fe0859af77dd0874ba82
Sha256: 5c4129976912e18845efcdf315cc2caeecba895910691101fd1e48890bec819f
                                        
                                            POST /6 HTTP/1.1 
Host: m.stripe.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2296
Origin: https://m.stripe.network
Connection: keep-alive
Referer: https://m.stripe.network/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.34.194.100
HTTP/2 200 OK
content-type: application/json;charset=utf-8
                                        
server: nginx
date: Tue, 06 Sep 2022 16:08:44 GMT
content-length: 156
set-cookie: m=7b14bf17-fb0c-43ac-81f6-fc5eb70e211e10d2b1;Expires=Thu, 05-Sep-2024 16:08:44 GMT;Secure;HttpOnly; SameSite=None
x-content-type-options: nosniff
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31556926; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   156
Md5:    6dd37df813bac0a1c5b892a2e3e26ffe
Sha1:   f3d6d16b479914f19bf1b50d1a76d8524855df59
Sha256: db4967f3f4ed89b86e7fab0c6410d35d563b8879c3dd7154336941f2695a98e5
                                        
                                            GET /subscribe/form-settings?u=d223fcb3f8e743c9a31dbbf89&id=3a48cfb1de&u=d223fcb3f8e743c9a31dbbf89&id=3a48cfb1de&c=dojo_request_script_callbacks.dojo_request_script0 HTTP/1.1 
Host: mc.us8.list-manage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.24.122
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: openresty
content-length: 1226
x-ua-compatible: IE=edge,chrome=1
referrer-policy: same-origin
content-encoding: gzip
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 620
cache-control: max-age=290
expires: Tue, 06 Sep 2022 16:13:34 GMT
date: Tue, 06 Sep 2022 16:08:44 GMT
vary: Accept-Encoding
set-cookie: _mcid=1.c93612e5e5ecc8025f601ec9de164cf8.cca8c7172e6372b7bc3bd6fff4d68ef1ba0cb305cdbb41c09a48509043e8d2c7; expires=Wed, 06-Sep-2023 16:08:44 GMT; Max-Age=31536000; path=/ _mc_anon_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ _abck=A9389707031D506D3C8E1C3BC302877F~-1~YAAQrU0kFz6IWvyCAQAAAaWPEwi4jzUeFjix6tHVCXSWhs9xw0En0eGtJApXb1E1zRKt1MHs9hWHI2vfujL9O/YsRmaSXXYsPlt2PinVwCgsUhLiOtJFhPsYBtmtyW2Jvd9yFusylX1QklgEQnRpvrW6Nlj/kCsnZ8PFnKBro7BXL/SEnP7/OrrPgMbtPdtuPTeHND4yvdTA97nf7L27MGrH5mO2atbPhX0OpR35YKK/NfVGpE0As2iIyFaxjgjvQ+xpk5YTOgQEvykuAdZI4fcuroR26ZCb/GJyQ7WVrPSVNbCWCwgtj9qtKrswllDK2s5fzZbfLq/dPvFktPEg9ZbnhyyW1y569+He2rOJb5DrWEDa6HXOAE4MlPFN+aw8dA==~-1~-1~-1; Domain=.list-manage.com; Path=/; Expires=Wed, 06 Sep 2023 16:08:44 GMT; Max-Age=31536000; SameSite=None; Secure ak_bmsc=CC919A2244EE6A67A5D7370460EF5216~000000000000000000000000000000~YAAQrU0kFz+IWvyCAQAAAaWPExEkFc8rDvwQr2UK/MEBp64N84klzLwO5O4DBqTnnzPDtOree/cC2Iim6/XG7VdbyuUrQZgallpntZrV6N9NAJbU9SUgHZJXexYh2BaPReHMdipHEp5eR59NiJT8LE18wD+LDc4+LTs6dwrnb7L+3IAHVyOSQ2d7tlu9NxX5INk5bcHB25UOBA2Kl9iQ4++b3f5QCr+xBH+SZRXgN9mDJ5KOgCx7LUrhrD8l3ki9FpRfYzxN+KEWWxw2QEd+3f0Oj7198vkLZszfJIaCaS4k/nyrztl+uAz/aFK2maVpO5Fk4gosg8S1aEyCfsRk00VmDRl0yiMrj0PqwgbMtKqf3Yi6J5c2Jv9Q9e64eU7Zan0YTy0mLbcCALu6rduYmf5v; Domain=.us8.list-manage.com; Path=/; Expires=Tue, 06 Sep 2022 18:08:43 GMT; Max-Age=7199; SameSite=None; Secure; HttpOnly bm_sz=2374046AE0BDE79C86F0181826A0DF67~YAAQrU0kF0CIWvyCAQAAAaWPExGI7ax8DJlEMOf8hEDQQQolMvr7D4jHe3ySWQoR++4BDnFFVHXrGsZHKk7bHJYrY+flYGHiCAyZbiEUDrl3H8+AsYqj1GRqEGX5NzK6oV2n+Argt2O62WdZJbWwJGGDzI7qS28CxSXEUM13LE812WisNUD1SPHp0fcQ+YFaa4m6SAyyfj2xxDZCmMMPSl/uICdEKRaNTtF66PZrZKU53z4b8PloagjcUuDDVOMH7rDqMogEisJ8ACJycqBUvljYq7KO4GUEAXRTY0Bj3VOsCClOMHoO9A==~4408118~3621430; Domain=.list-manage.com; Path=/; Expires=Tue, 06 Sep 2022 20:08:43 GMT; Max-Age=14399; SameSite=None; Secure
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2653), with no line terminators
Size:   1226
Md5:    f7c2221b9052d2188af3e3328abdde25
Sha1:   fd15839c002abe2cf9716381b72c19357056b411
Sha256: a32ed749bae9463c201f4fc6151243f9aa69b6a5efebdde73b2c09543dead36d
                                        
                                            GET /js/signup-forms/popup/unique-methods/079edf446cb10dc5225dfe31714cd182fefedaf3/popup.js HTTP/1.1 
Host: downloads.mailchimp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.95
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 23 Jun 2022 13:56:31 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 05 Sep 2022 19:12:53 GMT
ETag: W/"fb8bd57028aa5fdb4ef666437e4717f7"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: a02fa7beRBtBIN3W7_tIIaYm3mHMDXP-IEUzWLAUcACLXxjJDXo6Nw==
Age: 75352
Vary: Accept-Encoding, Origin


--- Additional Info ---
Magic:  ASCII text, with very long lines (65526)
Size:   30974
Md5:    d88472e454a8ff75b47bbad97b0a5fc6
Sha1:   b7be4dc841c80b2ae9ff9db7f79dc9ea9cc46324
Sha256: 9397d6dc78066c63fcc9605c3825c76fd79b2c49ee509e6f6eadd2426eb15299
                                        
                                            GET /css/signup-forms/popup/079edf446cb10dc5225dfe31714cd182fefedaf3/common.css HTTP/1.1 
Host: downloads.mailchimp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.95
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 05 Sep 2022 19:53:42 GMT
Last-Modified: Thu, 23 Jun 2022 13:56:31 GMT
ETag: W/"82e72d627b04e1654282023cca1d1e69"
Server: AmazonS3
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7ItDxuzyCVeOZ4JUVvdOPtDSa9tBaNy1mo8-BaAUqcz7buHJKJJN2w==
Age: 72903
Vary: Accept-Encoding, Origin


--- Additional Info ---
Magic:  ASCII text
Size:   2603
Md5:    5e4789e49ab7f14e47d25f6d47c3d2ac
Sha1:   2365e3104a719fb8b01dc4f0e24b727002374585
Sha256: 32fc8a30611eebc0b9e794adc8a0b505b61c4ad088d3fae7459657a6716ffc72
                                        
                                            GET /css/signup-forms/popup/079edf446cb10dc5225dfe31714cd182fefedaf3/banner.css HTTP/1.1 
Host: downloads.mailchimp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.95
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 05 Sep 2022 19:50:49 GMT
Last-Modified: Thu, 23 Jun 2022 13:56:31 GMT
ETag: W/"78d1bdd981816cfbeb6954a85f9efa58"
Server: AmazonS3
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BMNktRNzmtI1dVzgLEKYeFLUu1EnrNO3xJ0h79KedKp71xbjkSszIA==
Age: 73076
Vary: Accept-Encoding, Origin


--- Additional Info ---
Magic:  ASCII text
Size:   460
Md5:    e765f22f0baed2d07e209cf894da2342
Sha1:   4acfd7bd758e265e069f4c573ff1001ce9825e11
Sha256: 341803c8d7e82655d0acd7b1ad2b03acfdf2ed22018db6f6e7be0c46d5183619
                                        
                                            GET /css/signup-forms/popup/079edf446cb10dc5225dfe31714cd182fefedaf3/layout-2.css HTTP/1.1 
Host: downloads.mailchimp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.95
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 05 Sep 2022 19:10:33 GMT
Last-Modified: Thu, 23 Jun 2022 13:56:31 GMT
ETag: W/"38f50a83c6d5d15facb231447fa1ac56"
Server: AmazonS3
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XeUbgIWSL1Yn8AE_TXuqX6iU4LGdf-c5WJcDdSWQpkUBFKI5o--F6g==
Age: 75492
Vary: Accept-Encoding, Origin


--- Additional Info ---
Magic:  ASCII text
Size:   455
Md5:    cf00c7e6b7868062bf758deaa7b83864
Sha1:   cff15cad13c248593f1810ca4ee885e1c883c684
Sha256: 0557ff79eeacb19e8553149dd9c71e906d41f4646cb88005fc08df4ee485a5d4
                                        
                                            GET /css/signup-forms/popup/079edf446cb10dc5225dfe31714cd182fefedaf3/modal.css HTTP/1.1 
Host: downloads.mailchimp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.95
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 05 Sep 2022 23:24:32 GMT
Last-Modified: Thu, 23 Jun 2022 13:56:31 GMT
ETag: W/"aa6f4416185bd7f299dd89e11dac117f"
Server: AmazonS3
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SkNvRbS97wcN8cII8HyGsmJcvdRuinN8bDfaF-cqvj3OO48q6P84lw==
Age: 60253
Vary: Accept-Encoding, Origin


--- Additional Info ---
Magic:  ASCII text
Size:   945
Md5:    cff4710f863e85980b11cdc1a67e45e5
Sha1:   272b6b68af6d70bd7e1b69b251ac5821cf3daa25
Sha256: 8a3b8e717762c3e251de403a2f6b06da68e2fce957e10474b0a75c1f610799c3
                                        
                                            GET /bookeo/css-13.2.33/customerui2/bundle_customer_ui2.css?bp_a=3151ULREKC14BC33B56C0&bp_v=0 HTTP/1.1 
Host: www-151p.bookeo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www-151p.bookeo.com/
Connection: keep-alive
Cookie: AXIOMID=154wqnacjmzljw6a33i3nqos958415
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         104.192.226.138
HTTP/1.1 200 OK
Content-Type: text/css;charset=utf-8
                                        
Date: Tue, 06 Sep 2022 16:08:44 GMT
X-Bookeo-ResponseId: 151p_183138fa4ad
Strict-Transport-Security: max-age=31536000
Expires: Wed, 30 Aug 2023 08:14:48 GMT
Cache-Control: public, max-age=7776000, no-transform
Last-Modified: Wed, 31 Aug 2022 08:14:48 GMT
Content-Encoding: gzip
Content-Length: 37981


--- Additional Info ---
Magic:  ASCII text, with very long lines (65350), with CRLF line terminators
Size:   37981
Md5:    9470b5f70ec8bdf59a723df19e5493f4
Sha1:   4454a2d6bd43fb63443be34d3585474c02d8bbdf
Sha256: adbf3cfc80bba9646dac68419f1ad0b89bf1a99a182ca2483a25cf19ddadd337
                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www-151p.bookeo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 08:31:01 GMT
expires: Wed, 06 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
age: 27463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            GET /bookeo/simg-ui3/next.gif HTTP/1.1 
Host: www-151p.bookeo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www-151p.bookeo.com/
Connection: keep-alive
Cookie: AXIOMID=154wqnacjmzljw6a33i3nqos958415
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         104.192.226.138
HTTP/1.1 200 OK
Content-Type: image/gif;charset=utf-8
                                        
Date: Tue, 06 Sep 2022 16:08:44 GMT
X-Bookeo-ResponseId: 151p_183138fa685
Strict-Transport-Security: max-age=31536000
Expires: Wed, 30 Aug 2023 08:14:48 GMT
Cache-Control: public, max-age=7776000, no-transform
Last-Modified: Wed, 31 Aug 2022 07:43:33 GMT
Accept-Ranges: bytes
Content-Length: 854


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 16\012- data
Size:   854
Md5:    6bd411802aa6f845789851a63d443b5f
Sha1:   e370b0752fc232af5ac2629e5380c7a644c4588e
Sha256: c8757a4613153d0b78f8642ca4351d7213480b12d09230dfc58d1b7963351120
                                        
                                            GET /bookeo/css-13.2.33/customerui2/cssfonts/emu.ttf HTTP/1.1 
Host: www-151p.bookeo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www-151p.bookeo.com/bookeo/css-13.2.33/customerui2/bundle_customer_ui2.css?bp_a=3151ULREKC14BC33B56C0&bp_v=0
Cookie: AXIOMID=154wqnacjmzljw6a33i3nqos958415
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         104.192.226.138
HTTP/1.1 200 OK
                                        
Date: Tue, 06 Sep 2022 16:08:45 GMT
X-Bookeo-ResponseId: 151p_183138fa703
Strict-Transport-Security: max-age=31536000
Expires: Wed, 30 Aug 2023 08:14:48 GMT
Cache-Control: public, max-age=7776000, no-transform
Last-Modified: Wed, 31 Aug 2022 07:43:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding, User-Agent
Content-Encoding: gzip
Content-Length: 11612


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, emu \012- data
Size:   11612
Md5:    e7dacb99ea4507d3680d7ffb819b57e8
Sha1:   ab1f5d9d39f288f64031dab20d87b50817995d6a
Sha256: f66cf2247fd1efe88f648b3375c0a224d677b3eb165c35853c0d376af2d48ba5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2829
Cache-Control: max-age=108560
Date: Tue, 06 Sep 2022 16:08:45 GMT
Etag: "63166a90-1d7"
Expires: Wed, 07 Sep 2022 22:18:05 GMT
Last-Modified: Mon, 05 Sep 2022 21:30:56 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /plugins/like.php?href=https://www.facebook.com/thecacaoconnection&width&layout=standard&action=like&show_faces=true&share=true&height=80 HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgetic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: OGOalVW7eQQdegEbmBCPP1nxM9KH/vUmpuT4PEvyWmtQ93uI/Yz5Rz4B9qIpke456sm3Zun3UXBKYOPeEpzAZg==
content-length: 0
date: Tue, 06 Sep 2022 16:08:45 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   4919
Md5:    cacae7402da3e20faf444a550583f535
Sha1:   33236d87761deeb82ba93331d1d5977f09dbf34e
Sha256: c19604924e1cde84e378c724bfcd4a45987a7aa84a41ac00c181f795ab946f28
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2829
Cache-Control: max-age=108560
Date: Tue, 06 Sep 2022 16:08:45 GMT
Etag: "63166a90-1d7"
Expires: Wed, 07 Sep 2022 22:18:05 GMT
Last-Modified: Mon, 05 Sep 2022 21:30:56 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   4214
Md5:    198d24701c8956b845a6304d09e7acb3
Sha1:   9cee396153435b515240378ddab7c0e18caa931f
Sha256: f5a090345a08255f33087c76c4bf5a4dac4638cacebbb84c7e15452581c3a3ca
                                        
                                            POST /ajax/api/JsonRPC/Membership/?Membership[Member::get_account_information] HTTP/1.1 
Host: www.thecacaoconnection.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 79
Origin: https://www.thecacaoconnection.com
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Cookie: is_mobile=0; language=en; _snow_ses.4e1b=*; _snow_id.4e1b=c6b8f820-a85e-474b-b7c6-9ab1316a1e06.1662480518.1.1662480518.1662480518.7924fa0c-14d5-4cf8-b627-bfee29c950b7; _ga=GA1.2.997752067.1662480518; _gid=GA1.2.1759495841.1662480518; _gat_gtag_UA_161573962_1=1; __stripe_mid=ea9fe1f1-c4ef-41d9-afe7-23e3cfbc8b67112f36; __stripe_sid=25755b9c-a66b-49a2-b44e-d88716d9f41c6ec65b; distinct_id=10212568_1662480519576_4852
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.70
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Tue, 06 Sep 2022 16:08:45 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
Set-Cookie: site_session=6317708d574b10.81415137; path=/ language=en; expires=Tue, 20-Sep-2022 16:08:45 GMT; Max-Age=1209600; path=/
X-Host: blu42.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 186
Keep-Alive: timeout=10, max=66
Connection: Keep-Alive


--- Additional Info ---
Magic:  data
Size:   3749
Md5:    522808df8a06d90815164f7361555d3f
Sha1:   33705d722fbe4f6d62808c9c8570dc1dbe9022c0
Sha256: de3a32e1fa311212592f324025ddacca427ddab6ead8538efa9e0100953dfb3b
                                        
                                            POST /ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getShoppingCart] HTTP/1.1 
Host: www.thecacaoconnection.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 73
Origin: https://www.thecacaoconnection.com
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Cookie: is_mobile=0; language=en; _snow_ses.4e1b=*; _snow_id.4e1b=c6b8f820-a85e-474b-b7c6-9ab1316a1e06.1662480518.1.1662480518.1662480518.7924fa0c-14d5-4cf8-b627-bfee29c950b7; _ga=GA1.2.997752067.1662480518; _gid=GA1.2.1759495841.1662480518; _gat_gtag_UA_161573962_1=1; __stripe_mid=ea9fe1f1-c4ef-41d9-afe7-23e3cfbc8b67112f36; __stripe_sid=25755b9c-a66b-49a2-b44e-d88716d9f41c6ec65b; distinct_id=10212568_1662480519576_4852
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         199.34.228.70
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Tue, 06 Sep 2022 16:08:45 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
Set-Cookie: language=en; expires=Tue, 20-Sep-2022 16:08:45 GMT; Max-Age=1209600; path=/
X-Host: blu86.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 184
Keep-Alive: timeout=10, max=73
Connection: Keep-Alive


--- Additional Info ---
Magic:  data
Size:   12427
Md5:    4ec401c8ad4929905fc69548dd6d6fb6
Sha1:   7b08c6f2887757c49a4c010566333ff3aea8c6cb
Sha256: 8f6ef0f2065d11a6996d4433cae9d977567d4fcac4b9cab45ffd8196ae1096b2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5775
x-amzn-requestid: dc0a6d9c-5aec-44a3-be54-69cec17f9de1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYfxE0noAMFz0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166dfe-6c8ec4b03fc761d81c988132;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z3WamVQsZqAoYnfPZ0rgyYXGzs1jsv56D1oF4Wzva-H-T8a-xPU8mg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:00:00 GMT
age: 65330
etag: "3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   42869
Md5:    db8daf99e19433939b26718ea40e48fd
Sha1:   d79b870a17bf736e4cfce13244a4e72bbc52841a
Sha256: e7e6c8e12136d72a364f197532c73865c0fe49259f2efcf0f743b8bc22dd502b
                                        
                                            GET /css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 16:08:42 GMT
date: Tue, 06 Sep 2022 16:08:42 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Dancing+Script:400,700&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 16:08:42 GMT
date: Tue, 06 Sep 2022 16:08:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /out-4.5.42.js HTTP/1.1 
Host: m.stripe.network
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.stripe.network/inner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.75
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
date: Tue, 06 Sep 2022 16:04:04 GMT
cache-control: max-age=300, public
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oUdqMAkWVnnzFTVYypWHKq7tjWTjSjm1TYuk1jaIrqvwTmysjEMQuQ==
age: 281
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/beeketing.js?20220906 HTTP/1.1 
Host: sdk.beeketing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.91.43
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 16:08:43 GMT
cache-control: max-age=300, public, s-maxage=300
cf-bgj: minify
cf-polished: origSize=343800
etag: W/"60814dc5-53ef8"
expires: Tue, 06 Sep 2022 16:10:42 GMT
last-modified: Thu, 22 Apr 2021 10:19:49 GMT
pragma: public
cf-cache-status: HIT
age: 181
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4lbzWD6Zag0h7m%2Fg7ULO3CbEH5Dr9YNBPQz%2Be8dyaWpUIDm0Xi%2FINAuZOPT4nEKk5k0WiYbCVFzkzC54ZWLaidXFnzjuZGd2e8VWY0x5BdD8I1UiZ3%2F3JH2Z%2BVZuPP6QYNhFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746877056f67b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /v1/feature-switch/get-data/frontend/10212568 HTTP/1.1 
Host: gapi.beeketing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.thecacaoconnection.com
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.91.43
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 06 Sep 2022 16:08:45 GMT
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.thecacaoconnection.com
cache-control: public, max-age=300, stale-while-revalidate=60, stale-if-error=60
etag: W/"YVDAJBPJQMCYORVSLKEM"
x-proto-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zv3xbFE9KUIWPxIbhwWBmiGru96n2z0Ktv%2FardJSFCVqxT85t%2FHP90e0QtupdcIh7g%2FGGkJer4zm9JKoFJXmlMjazwgxwjF1Am%2BGF0LHAk%2FpJFKx0kCx6xSpEA57TRFTKtgxtBc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74687712c8931c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wbl/app/53f6253e09c7e204038b4567?wbl[wid]=9b0f9cdd-3a90-413f-8772-2bf0e78fb570&wbl[uid]=16899824&wbl[sid]=545251651309897158&prod&autoscale= HTTP/1.1 
Host: widgetic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.thecacaoconnection.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         104.21.80.216
HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
                                        
date: Tue, 06 Sep 2022 16:08:43 GMT
location: https://widgetic.com/api/v2/compositions/5d7885e0ecb2a1db108b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.thecacaoconnection.com
x-powered-by: Express
cache-control: private, no-cache
vary: Accept
x-varnish: 704519958
age: 0
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HsDT2e72JPAuOiz8KpqbyWs7ynwgeV%2BdGCO0%2BhW1E9ac6Gte1lYYcQQH7I9pd3g1wSL1ElU8jiUmb%2Bl%2BOsOR11W6nHPS5v7qq%2BhXhUL7nXCImQMnlKzAS%2BB9qsZfjGs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74687705fa230b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---