structuralnc.formstack.com/forms/hr_admin
52.85.243.11200 OK 160 kB URL User Request GET HTTP/2 structuralnc.formstack.com/forms/hr_admin
IP 52.85.243.11:443
Certificate IssuerAmazon
Subject*.formstack.com
FingerprintFF:49:D3:6E:54:EB:95:A8:21:C5:C5:D4:88:5D:50:EF:5D:1B:EC:E3
ValiditySun, 18 Feb 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Size 160 kB (160193 bytes)
Hash 84c2f2f513a8e4c3b417660f3b4b23d5
9e9d1b471d74af220f4d96632cdec771dac9f42b
c7b86d9e71d550a24a9937e6e4063749b2244f836da71cb3ff051f35fc8f7f06
GET /forms/hr_admin HTTP/1.1
Host: structuralnc.formstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: CloudFront
content-type: text/html; charset=UTF-8
date: Fri, 26 Apr 2024 11:57:07 GMT
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: PHPSESSID=auv6u1c260ik9mja88kgvtmt0c; path=/forms/; secure; HttpOnly
expires: Fri, 26 Apr 2024 11:57:12 GMT
cache-control: public, max-age=5, public
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: Miss from cloudfront
via: 1.1 10ba4f180c8b00c38f956300d7b2f4c8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: Bc2bufBIWcJK09sY5HwUQ4T30X6hZ2dzhvN_SE2d5aaZuBeqnsfPHw==
x-content-type-options: nosniff
X-Firefox-Spdy: h2
static.formstack.com/forms/forms-renderer/builds/public/form_a4a2b3232e.js
52.85.243.11200 OK 588 kB URL GET HTTP/2 static.formstack.com/forms/forms-renderer/builds/public/form_a4a2b3232e.js
IP 52.85.243.11:443
Requested by https://structuralnc.formstack.com/forms/hr_admin
Certificate IssuerAmazon
Subject*.formstack.com
FingerprintFF:49:D3:6E:54:EB:95:A8:21:C5:C5:D4:88:5D:50:EF:5D:1B:EC:E3
ValiditySun, 18 Feb 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65474)
Size 588 kB (587794 bytes)
Hash a4a2b3232e0f32b8eb57fbf0a753aaa8
d9659727a51ba49038e87933f8845bc43c644ce4
0384bc9859e78c4771686c2afd488b87f82262f6f083438ed30be052aa5b623d
GET /forms/forms-renderer/builds/public/form_a4a2b3232e.js HTTP/1.1
Host: static.formstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://structuralnc.formstack.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: CloudFront
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 17:51:29 GMT
last-modified: Thu, 25 Apr 2024 17:48:55 GMT
etag: W/"662a9787-2593b0"
cache-control: public, s-maxage=86400
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 10ba4f180c8b00c38f956300d7b2f4c8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: e51u3b6sHD0t-mVyMQEy2YiuRAE_2Sq2NS_iF___oAlHzmWKZ6BfvQ==
age: 65138
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:443
Requested by https://structuralnc.formstack.com/forms/hr_admin
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://structuralnc.formstack.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:59:27 GMT
expires: Sat, 26 Apr 2025 05:59:27 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
age: 21461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:443
Requested by https://structuralnc.formstack.com/forms/hr_admin
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://structuralnc.formstack.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 15:44:03 GMT
expires: Fri, 25 Apr 2025 15:44:03 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 72785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
structuralnc.formstack.com/live-form/analytics/5741369/firstView
52.85.243.11200 OK 200 B URL POST HTTP/2 structuralnc.formstack.com/live-form/analytics/5741369/firstView
IP 52.85.243.11:443
Requested by https://structuralnc.formstack.com/forms/hr_admin
Certificate IssuerAmazon
Subject*.formstack.com
FingerprintFF:49:D3:6E:54:EB:95:A8:21:C5:C5:D4:88:5D:50:EF:5D:1B:EC:E3
ValiditySun, 18 Feb 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File type HTML document, ASCII text, with no line terminators
Hash 3437aaddcdf6922d623e172c2d6f9278
f69066cf20141ac93418102d3eee7c0225b8a623
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
POST /live-form/analytics/5741369/firstView HTTP/1.1
Host: structuralnc.formstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: xmlhttprequest
Content-Length: 23
Origin: https://structuralnc.formstack.com
DNT: 1
Connection: keep-alive
Referer: https://structuralnc.formstack.com/forms/hr_admin
Cookie: _dd_s=rum=0&expire=1714133528370
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: CloudFront
content-type: application/json
date: Fri, 26 Apr 2024 11:57:08 GMT
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: fsBrowserSessionId=662b9694d6ffa6.08159553; path=/; secure; HttpOnly; SameSite=Lax
access-control-allow-headers: *
access-control-allow-methods: POST
access-control-allow-origin: *
cache-control: public
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: sameorigin
x-cache: Miss from cloudfront
via: 1.1 10ba4f180c8b00c38f956300d7b2f4c8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: XPRpUj05biBc8XJvwl4TjfbUecatsfPCUW6veRRsR-Dj7Xnp0EoGFA==
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.formstack.com/images/favicon/favicon.ico
52.85.243.11200 OK 2.6 kB URL GET HTTP/2 www.formstack.com/images/favicon/favicon.ico
IP 52.85.243.11:443
Requested by https://structuralnc.formstack.com/forms/hr_admin
Certificate IssuerAmazon
Subject*.formstack.com
FingerprintFF:49:D3:6E:54:EB:95:A8:21:C5:C5:D4:88:5D:50:EF:5D:1B:EC:E3
ValiditySun, 18 Feb 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 48x48, 16 colors, 4 bits/pixel, 32x32, 16 colors, 4 bits/pixel
Hash ed1e64b00b11efd900c271939264e186
1a298a688e82401d920442f22077563b7cd62dda
fb24186682efe5c3974d65d9448494158ad474d09a754008f43ed7648accf225
GET /images/favicon/favicon.ico HTTP/1.1
Host: www.formstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://structuralnc.formstack.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: CloudFront
content-type: image/x-icon
content-length: 2614
date: Thu, 25 Apr 2024 17:51:51 GMT
last-modified: Thu, 25 Apr 2024 15:23:22 GMT
etag: "662a756a-a36"
cache-control: public, s-maxage=86400
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 10ba4f180c8b00c38f956300d7b2f4c8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: gcHbUXjyxaufSzpEQ9-uGEckAJ3rH8xiKofBVMaUYKhFrpSCFfWG1g==
age: 65118
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
54.230.111.74200 OK 526 B URL GET HTTP/2 js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
IP 54.230.111.74:443
Requested by https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fstructuralnc.formstack.com%2Fforms%2Fhr_admin&title=HR-ADMIN%20-%20Formstack&referrer=&muid=NA&sid=NA&version=6&preview=false
Certificate IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint0C:7B:EC:2B:0B:A8:81:87:0C:D3:D8:55:B6:26:0F:CB:FA:28:ED:F8
ValidityWed, 27 Mar 2024 00:00:00 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (526), with no line terminators
Hash d96c709017743c0759cf3853d1806ba5
72e21587610c49c8305a55e71f73fa88ed618205
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
GET /v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 526
last-modified: Mon, 22 Apr 2024 20:08:55 GMT
accept-ranges: bytes
server: Cloudfront
date: Fri, 26 Apr 2024 11:36:13 GMT
cache-control: max-age=31536000
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
age: 1258
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -gkjKTMplAQ7QueY3nVq7H_Jx7p9B6-z9rchr9P0Xl5XoGBR12uI7A==
X-Firefox-Spdy: h2
m.stripe.network/inner.html
151.101.0.176 540 B URL m.stripe.network/inner.html
IP 151.101.0.176:0
File type HTML document, ASCII text, with very long lines (930), with no line terminators
Hash 06bfcd88af438673a8bf9b845a11aa6e
d024a745032cbe115526abe648d9fa0f0a10a681
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 11:57:09 GMT
via: 1.1 varnish
age: 189
x-request-id: 8b82bf3d-59e4-4865-92ca-7d5a8fbc8751
x-served-by: cache-hel1410026-HEL
x-cache: HIT
x-cache-hits: 390
x-timer: S1714132629.176456,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 540
X-Firefox-Spdy: h2
m.stripe.network/out-4.5.43.js
151.101.0.176200 OK 16 kB URL GET HTTP/2 m.stripe.network/out-4.5.43.js
IP 151.101.0.176:443
Requested by https://m.stripe.network/inner.html#url=https%3A%2F%2Fstructuralnc.formstack.com%2Fforms%2Fhr_admin&title=HR-ADMIN%20-%20Formstack&referrer=&muid=NA&sid=NA&version=6&preview=false
Certificate IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint0C:7B:EC:2B:0B:A8:81:87:0C:D3:D8:55:B6:26:0F:CB:FA:28:ED:F8
ValidityWed, 27 Mar 2024 00:00:00 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 69cb7809b5011312e716f29b3d19dce6
833dabfb546d57065aeba7190b5ee5a2428dfa47
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
GET /out-4.5.43.js HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.stripe.network/inner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 11:57:09 GMT
via: 1.1 varnish
age: 224
x-request-id: df3f6d13-031e-4858-830e-323fa8bdcfa6
x-served-by: cache-hel1410026-HEL
x-cache: HIT
x-cache-hits: 463
x-timer: S1714132629.286904,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 15509
X-Firefox-Spdy: h2
m.stripe.com/6
44.237.131.121200 OK 156 B IP 44.237.131.121:443
Requested by https://m.stripe.network/inner.html#url=https%3A%2F%2Fstructuralnc.formstack.com%2Fforms%2Fhr_admin&title=HR-ADMIN%20-%20Formstack&referrer=&muid=NA&sid=NA&version=6&preview=false
Certificate IssuerDigiCert Inc
Subjectm.stripe.com
Fingerprint1F:77:3A:2D:0A:6F:20:07:BB:34:22:BC:B6:D0:39:6D:93:AC:D5:DB
ValidityTue, 16 Apr 2024 00:00:00 GMT - Thu, 18 Jul 2024 23:59:59 GMT
Hash 70f26d63db12510b3e069357cdbee5f9
fd706208db55212d46dfa9fa8adb51ea32466ccd
7ae4560705681b3c00fe42ef84527a670a0d1ce600b6689e17a1c54b67b22427
POST /6 HTTP/1.1
Host: m.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 3192
Origin: https://m.stripe.network
DNT: 1
Connection: keep-alive
Referer: https://m.stripe.network/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 11:57:10 GMT
content-length: 156
set-cookie: m=47983572-5a51-4ebd-b85e-ffaffa9d64e26d3037;Expires=Sun, 26-Apr-2026 11:57:10 GMT;Secure;HttpOnly; SameSite=None
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1714132630079921
x-stripe-server-envoy-upstream-service-time-ms: 2
x-envoy-attempt-count: 1
x-stripe-bg-intended-route-color: green
x-stripe-client-envoy-start-time-us: 1714132630079429
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
X-Firefox-Spdy: h2
m.stripe.com/6
44.237.131.121200 OK 156 B IP 44.237.131.121:443
Requested by https://m.stripe.network/inner.html#url=https%3A%2F%2Fstructuralnc.formstack.com%2Fforms%2Fhr_admin&title=HR-ADMIN%20-%20Formstack&referrer=&muid=NA&sid=NA&version=6&preview=false
Certificate IssuerDigiCert Inc
Subjectm.stripe.com
Fingerprint1F:77:3A:2D:0A:6F:20:07:BB:34:22:BC:B6:D0:39:6D:93:AC:D5:DB
ValidityTue, 16 Apr 2024 00:00:00 GMT - Thu, 18 Jul 2024 23:59:59 GMT
Hash 70f26d63db12510b3e069357cdbee5f9
fd706208db55212d46dfa9fa8adb51ea32466ccd
7ae4560705681b3c00fe42ef84527a670a0d1ce600b6689e17a1c54b67b22427
POST /6 HTTP/1.1
Host: m.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 668
Origin: https://m.stripe.network
DNT: 1
Connection: keep-alive
Referer: https://m.stripe.network/
Cookie: m=47983572-5a51-4ebd-b85e-ffaffa9d64e26d3037
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 11:57:13 GMT
content-length: 156
set-cookie: m=47983572-5a51-4ebd-b85e-ffaffa9d64e26d3037;Expires=Sun, 26-Apr-2026 11:57:13 GMT;Secure;HttpOnly; SameSite=None
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1714132633411424
x-stripe-server-envoy-upstream-service-time-ms: 2
x-envoy-attempt-count: 1
x-stripe-bg-intended-route-color: green
x-stripe-client-envoy-start-time-us: 1714132633411074
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
X-Firefox-Spdy: h2
structuralnc.formstack.com/live-form/analytics/5741369/touch
52.85.243.11200 OK 7.7 kB URL POST HTTP/2 structuralnc.formstack.com/live-form/analytics/5741369/touch
IP 52.85.243.11:443
Requested by https://structuralnc.formstack.com/forms/hr_admin
Certificate IssuerAmazon
Subject*.formstack.com
FingerprintFF:49:D3:6E:54:EB:95:A8:21:C5:C5:D4:88:5D:50:EF:5D:1B:EC:E3
ValiditySun, 18 Feb 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Hash 954b7b395f5bc24e32053e3c387f640e
34844e75825dc521617e86486aba82c9150c2cb2
69fbf49684e3f0554bd2bec9d9ee882846ad44c88feed048277d72e89698a433
POST /live-form/analytics/5741369/touch HTTP/1.1
Host: structuralnc.formstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: xmlhttprequest
Content-Length: 25
Origin: https://structuralnc.formstack.com
DNT: 1
Connection: keep-alive
Referer: https://structuralnc.formstack.com/forms/hr_admin
Cookie: _dd_s=rum=0&expire=1714133528370; fsBrowserSessionId=662b9694d6ffa6.08159553; __stripe_mid=a80e8214-f78a-40dd-b2e0-94bdf58595ada07579; __stripe_sid=7287874d-a3b1-4222-964f-3982646b6805679cd3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: CloudFront
content-type: application/json; charset=UTF-8
date: Fri, 26 Apr 2024 11:57:14 GMT
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-headers: *
access-control-allow-methods: POST
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache, no-store, public
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: sameorigin
x-cache: Miss from cloudfront
via: 1.1 10ba4f180c8b00c38f956300d7b2f4c8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: MtEX4qplcMWqAQHUPxWa--4LK03ET5FXB2FzUdtkLDHDW7GpLnhNpw==
x-content-type-options: nosniff
X-Firefox-Spdy: h2
structuralnc.formstack.com/live-form/analytics/5741369/bottleneck
52.85.243.11200 OK 6.2 kB URL POST HTTP/2 structuralnc.formstack.com/live-form/analytics/5741369/bottleneck
IP 52.85.243.11:443
Requested by https://structuralnc.formstack.com/forms/hr_admin
Certificate IssuerAmazon
Subject*.formstack.com
FingerprintFF:49:D3:6E:54:EB:95:A8:21:C5:C5:D4:88:5D:50:EF:5D:1B:EC:E3
ValiditySun, 18 Feb 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3
Hash 1c966c07d2abda1ef5c1fce1cbef8cae
2c532649f3a5463ed2d5b9beacb26a193ee65ac4
9a128878afa29d5d57b8530c6ce830ce1c9aa89811518cc566ef2652f1beeffd
POST /live-form/analytics/5741369/bottleneck HTTP/1.1
Host: structuralnc.formstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: xmlhttprequest
Content-Length: 80
Origin: https://structuralnc.formstack.com
DNT: 1
Connection: keep-alive
Referer: https://structuralnc.formstack.com/forms/hr_admin
Cookie: _dd_s=rum=0&expire=1714133535797; fsBrowserSessionId=662b9694d6ffa6.08159553; __stripe_mid=a80e8214-f78a-40dd-b2e0-94bdf58595ada07579; __stripe_sid=7287874d-a3b1-4222-964f-3982646b6805679cd3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: CloudFront
content-type: application/json
date: Fri, 26 Apr 2024 11:57:16 GMT
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-headers: *
access-control-allow-methods: POST
access-control-allow-origin: *
cache-control: public
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: sameorigin
x-cache: Miss from cloudfront
via: 1.1 10ba4f180c8b00c38f956300d7b2f4c8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 1AZzp0jMyih6in9R5YtywyeyBkRpRxHVUIWLT2ejKF89odE2rMu50g==
x-content-type-options: nosniff
X-Firefox-Spdy: h2
js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
54.230.111.74200 OK 200 B URL GET HTTP/2 js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
IP 54.230.111.74:443
Requested by https://structuralnc.formstack.com/forms/hr_admin
Certificate IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint0C:7B:EC:2B:0B:A8:81:87:0C:D3:D8:55:B6:26:0F:CB:FA:28:ED:F8
ValidityWed, 27 Mar 2024 00:00:00 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type HTML document, ASCII text, with no line terminators
Hash 17d1120334cb0cb3cd8a62fc03671010
b40ef341ad651dcdb89d6a510fe324a79e18fc37
b37c9e71ffd7587b59be57d9644c546deae50598348d3f057ef3e971d2d7285c
GET /v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://structuralnc.formstack.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 200
last-modified: Mon, 22 Apr 2024 20:08:56 GMT
accept-ranges: bytes
server: Cloudfront
date: Fri, 26 Apr 2024 11:28:27 GMT
cache-control: max-age=31536000
etag: "3437aaddcdf6922d623e172c2d6f9278"
vary: Accept-Encoding
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
age: 1731
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-origin: *
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hjQLdkeBeI1rLdlgNebdC8XtyZ3Fo0zHV0U9hgXjfJ_7H7YEMtCg8w==
X-Firefox-Spdy: h2
js.stripe.com/v3
54.230.111.74200 OK 619 kB IP 54.230.111.74:443
Requested by https://structuralnc.formstack.com/forms/hr_admin
Certificate IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint0C:7B:EC:2B:0B:A8:81:87:0C:D3:D8:55:B6:26:0F:CB:FA:28:ED:F8
ValidityWed, 27 Mar 2024 00:00:00 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Size 619 kB (619110 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3 HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://structuralnc.formstack.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Thu, 25 Apr 2024 20:46:59 GMT
server: Cloudfront
content-encoding: br
date: Fri, 26 Apr 2024 11:57:04 GMT
cache-control: max-age=60
etag: W/"ab703f8a4e4b3f86bcbaa07728267fcd"
vary: Accept-Encoding
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
age: 8
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YH3Fc-tpluE-N1KQ2vu6vmQxuKN36jMEPvoYfSJWvI--t9k1QgV6Ug==
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:400,700
142.250.74.106200 OK 1.4 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Lato:400,700
IP 142.250.74.106:443
Requested by https://structuralnc.formstack.com/forms/hr_admin
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File type ASCII text, with very long lines (1474), with no line terminators
Hash 73d13bdd1ab78f594cb774a9319a64f2
b998b7afc14655aed45dbdd4120eda96a2aa4427
5645753d1916f250c3f7c8658a2616db7c616ae6ec7d1dc0e3f9f1a2bb7ab47a
GET /css?family=Lato:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://structuralnc.formstack.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 11:57:08 GMT
date: Fri, 26 Apr 2024 11:57:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
m.stripe.network/inner.html
151.101.0.176200 OK 930 B URL GET HTTP/2 m.stripe.network/inner.html
IP 151.101.0.176:443
Requested by https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fstructuralnc.formstack.com%2Fforms%2Fhr_admin&title=HR-ADMIN%20-%20Formstack&referrer=&muid=NA&sid=NA&version=6&preview=false
Certificate IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint0C:7B:EC:2B:0B:A8:81:87:0C:D3:D8:55:B6:26:0F:CB:FA:28:ED:F8
ValidityWed, 27 Mar 2024 00:00:00 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (950), with no line terminators
Hash f965fbd577896cec85e53f8723dd00c1
8f1efde6d3060695e8c4b15570dcc602d5217836
8203a3820f68e42441db1690aee0059757efb30a2862add5dd250f106f1a08e2
GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 11:57:09 GMT
via: 1.1 varnish
age: 189
x-request-id: 8b82bf3d-59e4-4865-92ca-7d5a8fbc8751
x-served-by: cache-hel1410026-HEL
x-cache: HIT
x-cache-hits: 390
x-timer: S1714132629.176456,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 540
X-Firefox-Spdy: h2
structuralnc.formstack.com/forms/index.php
52.85.243.11302 Found 0 B URL User Request POST HTTP/2 structuralnc.formstack.com/forms/index.php
IP 52.85.243.11:443
Certificate IssuerAmazon
Subject*.formstack.com
FingerprintFF:49:D3:6E:54:EB:95:A8:21:C5:C5:D4:88:5D:50:EF:5D:1B:EC:E3
ValiditySun, 18 Feb 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /forms/index.php HTTP/1.1
Host: structuralnc.formstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------271759053611470967104023761446
Content-Length: 2241
Origin: https://structuralnc.formstack.com
DNT: 1
Connection: keep-alive
Referer: https://structuralnc.formstack.com/forms/hr_admin
Cookie: PHPSESSID=auv6u1c260ik9mja88kgvtmt0c; _dd_s=rum=0&expire=1714133540663; fsBrowserSessionId=662b9694d6ffa6.08159553; __stripe_mid=a80e8214-f78a-40dd-b2e0-94bdf58595ada07579; __stripe_sid=7287874d-a3b1-4222-964f-3982646b6805679cd3
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: CloudFront
content-type: text/html; charset=UTF-8
location: https://hr-admin.compliancesection.online/?Gllo=rzP
date: Fri, 26 Apr 2024 11:57:21 GMT
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-fs-submission-id: 1219251237
access-control-expose-headers: X-Fs-Submission-Id
cache-control: no-store, no-cache, must-revalidate, public
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: Miss from cloudfront
via: 1.1 10ba4f180c8b00c38f956300d7b2f4c8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: iHI-9jHehzlBBq5gv8v8DgUWm6f_z8rumqSfeGw3PtguZb0N1oWugQ==
x-content-type-options: nosniff
X-Firefox-Spdy: h2
hr-admin.compliancesection.online/?Gllo=rzP
0.0.0.0 0 B URL User Request GET hr-admin.compliancesection.online/?Gllo=rzP
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /?Gllo=rzP HTTP/1.1
Host: hr-admin.compliancesection.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://structuralnc.formstack.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache