link.1kday.com/r/1/eyJsaW5rX2lkIjoiNjJJM211NWloalZXeHhucUFQbFoiLCJjb250YWN0X2lkIjoiWDdYSUxRSXdVRjB3ZjIzUGlRSzMiLCJtZXNzYWdlVHlwZSI6InNtcyIsIm1lc3NhZ2VJZCI6IjlYZ3pkTVN0RURTem1MSW93OUFrIiwid29ya2Zsb3dfc3RhdHVzX2lkIjoiMzJlYTYwMzUtYTA5Yi00Y2Y3LTk5YWQtZGFjY2E0YjljN2VkIn0=
34.70.111.192301 Moved Permanently 166 B URL HTTP/1.1 link.1kday.com/r/1/eyJsaW5rX2lkIjoiNjJJM211NWloalZXeHhucUFQbFoiLCJjb250YWN0X2lkIjoiWDdYSUxRSXdVRjB3ZjIzUGlRSzMiLCJtZXNzYWdlVHlwZSI6InNtcyIsIm1lc3NhZ2VJZCI6IjlYZ3pkTVN0RURTem1MSW93OUFrIiwid29ya2Zsb3dfc3RhdHVzX2lkIjoiMzJlYTYwMzUtYTA5Yi00Y2Y3LTk5YWQtZGFjY2E0YjljN2VkIn0=
IP 34.70.111.192:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
Analyzer Verdict Alert fortinet Phishing
GET /r/1/eyJsaW5rX2lkIjoiNjJJM211NWloalZXeHhucUFQbFoiLCJjb250YWN0X2lkIjoiWDdYSUxRSXdVRjB3ZjIzUGlRSzMiLCJtZXNzYWdlVHlwZSI6InNtcyIsIm1lc3NhZ2VJZCI6IjlYZ3pkTVN0RURTem1MSW93OUFrIiwid29ya2Zsb3dfc3RhdHVzX2lkIjoiMzJlYTYwMzUtYTA5Yi00Y2Y3LTk5YWQtZGFjY2E0YjljN2VkIn0= HTTP/1.1
Host: link.1kday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: openresty
Date: Mon, 05 Dec 2022 19:16:11 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://link.1kday.com/r/1/eyJsaW5rX2lkIjoiNjJJM211NWloalZXeHhucUFQbFoiLCJjb250YWN0X2lkIjoiWDdYSUxRSXdVRjB3ZjIzUGlRSzMiLCJtZXNzYWdlVHlwZSI6InNtcyIsIm1lc3NhZ2VJZCI6IjlYZ3pkTVN0RURTem1MSW93OUFrIiwid29ya2Zsb3dfc3RhdHVzX2lkIjoiMzJlYTYwMzUtYTA5Yi00Y2Y3LTk5YWQtZGFjY2E0YjljN2VkIn0=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5582
Expires: Mon, 05 Dec 2022 20:49:13 GMT
Date: Mon, 05 Dec 2022 19:16:11 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3852
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:11 GMT
Last-Modified: Mon, 05 Dec 2022 18:11:59 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11067
Expires: Mon, 05 Dec 2022 22:20:39 GMT
Date: Mon, 05 Dec 2022 19:16:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 18:20:17 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3355
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: XCTrKkrQwilN9eoAGb74J+/JijLzT/02p7SUwWmC1P/tg8yuYau5weyPpDxEsB3A/O5bx98rhkQ=
x-amz-request-id: RKG7ZRGZRKTPPNNC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 18:46:47 GMT
age: 1765
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 19:16:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 19:11:19 GMT
cache-control: public,max-age=3600
age: 293
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3839
Cache-Control: max-age=140079
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:12 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:10:51 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.186.117.16101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.117.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4tG/xlk+AYykP3wZ1R1jPw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: A7v/y/63QoA7z+p/joOrEpgpQXQ=
link.1kday.com/r/1/eyJsaW5rX2lkIjoiNjJJM211NWloalZXeHhucUFQbFoiLCJjb250YWN0X2lkIjoiWDdYSUxRSXdVRjB3ZjIzUGlRSzMiLCJtZXNzYWdlVHlwZSI6InNtcyIsIm1lc3NhZ2VJZCI6IjlYZ3pkTVN0RURTem1MSW93OUFrIiwid29ya2Zsb3dfc3RhdHVzX2lkIjoiMzJlYTYwMzUtYTA5Yi00Y2Y3LTk5YWQtZGFjY2E0YjljN2VkIn0=
34.70.111.192302 Found 294 B URL HTTP/2 link.1kday.com/r/1/eyJsaW5rX2lkIjoiNjJJM211NWloalZXeHhucUFQbFoiLCJjb250YWN0X2lkIjoiWDdYSUxRSXdVRjB3ZjIzUGlRSzMiLCJtZXNzYWdlVHlwZSI6InNtcyIsIm1lc3NhZ2VJZCI6IjlYZ3pkTVN0RURTem1MSW93OUFrIiwid29ya2Zsb3dfc3RhdHVzX2lkIjoiMzJlYTYwMzUtYTA5Yi00Y2Y3LTk5YWQtZGFjY2E0YjljN2VkIn0=
IP 34.70.111.192:0
File type HTML document, ASCII text, with no line terminators
Hash 35ceb6c074f4b5952f7f49f57e96a364
0ed7fdfbc70cefe84b894bf916f046a09efc0607
0fb23865aa70db30f234d19fb90decf4fc5341a46131832c38f4d85cc377f299
Analyzer Verdict Alert fortinet Phishing
GET /r/1/eyJsaW5rX2lkIjoiNjJJM211NWloalZXeHhucUFQbFoiLCJjb250YWN0X2lkIjoiWDdYSUxRSXdVRjB3ZjIzUGlRSzMiLCJtZXNzYWdlVHlwZSI6InNtcyIsIm1lc3NhZ2VJZCI6IjlYZ3pkTVN0RURTem1MSW93OUFrIiwid29ya2Zsb3dfc3RhdHVzX2lkIjoiMzJlYTYwMzUtYTA5Yi00Y2Y3LTk5YWQtZGFjY2E0YjljN2VkIn0= HTTP/1.1
Host: link.1kday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: openresty
date: Mon, 05 Dec 2022 19:16:13 GMT
content-type: text/html; charset=utf-8
content-length: 294
location: https://go.1kday.com/1-landing-page-2813?sessionId=98c429bf-8763-4c6e-821e-4df20b573123&trigger_link=62I3mu5ihjVWxxnqAPlZ
x-powered-by: Express
access-control-allow-origin: *
vary: Accept
x-cloud-trace-context: c1ae579a53b3c94357b876efcafd24ae
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14579
Expires: Mon, 05 Dec 2022 23:19:13 GMT
Date: Mon, 05 Dec 2022 19:16:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14579
Expires: Mon, 05 Dec 2022 23:19:13 GMT
Date: Mon, 05 Dec 2022 19:16:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:42:39 GMT
age: 77615
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:44 GMT
age: 77190
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f71032604eecccf0a81f323a5f96a400
f8866d4f3185bcf7871581d75339998b34d6cf6d
d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mn_L-TMV_ypQZFmolIRm4r5dyj5PpN12jrtafcP9HEkALUPfSzJ38w==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:54 GMT
age: 59420
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 11:06:22 GMT
age: 29392
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:05 GMT
age: 77529
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: joWP2kLWVD0lEy2rMV4Fjm3mJh3mzsPyTWiHDVZZNMy5s_WPViKtCw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
age: 77265
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
go.1kday.com/1-landing-page-2813?sessionId=98c429bf-8763-4c6e-821e-4df20b573123&trigger_link=62I3mu5ihjVWxxnqAPlZ
34.68.234.4200 OK 24 kB URL HTTP/2 go.1kday.com/1-landing-page-2813?sessionId=98c429bf-8763-4c6e-821e-4df20b573123&trigger_link=62I3mu5ihjVWxxnqAPlZ
IP 34.68.234.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14351)
Hash 33a603655250f7f02ac2af29bf5f66fb
35b82973f712b0938294b4196b0497ed9796a697
78cf08022869ba06198aee0a61380944cb68a149cab3a91894f3144e58982aae
GET /1-landing-page-2813?sessionId=98c429bf-8763-4c6e-821e-4df20b573123&trigger_link=62I3mu5ihjVWxxnqAPlZ HTTP/1.1
Host: go.1kday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: openresty
date: Mon, 05 Dec 2022 19:16:14 GMT
content-type: text/html; charset=utf-8
content-length: 23750
x-powered-by: Express
content-encoding: gzip
cache-control: public, max-age=60, s-maxage=120
etag: W/"5cc6-Nbgpc/cSsJOClLQZawSX7ZeWppc"
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/JAUImsI7pVM
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/JAUImsI7pVM
IP 142.250.74.131:0
Hash 981435e29871a1fbbf5a3f3858cebfd4
737222617178817296d67acc791187b3dbe9e65d
f37cd0913365bc14b0b4c129d53018dbe69acc21cc8dd7bba29f0f0d295fabe8
POST /s/gts1d4/JAUImsI7pVM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/EB9-1qt57J8
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/EB9-1qt57J8
IP 142.250.74.131:0
Hash 62c52a31b2e3e918ad6ca7382f1f4886
c9d43850d057af152113cf2f348792d6ba04b99a
29281aa55f3d327a5d8332d511947b8548b84ed51fb10a8e0a7c5c0309e0d8a9
POST /s/gts1d4/EB9-1qt57J8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/EB9-1qt57J8
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/EB9-1qt57J8
IP 142.250.74.131:0
Hash 62c52a31b2e3e918ad6ca7382f1f4886
c9d43850d057af152113cf2f348792d6ba04b99a
29281aa55f3d327a5d8332d511947b8548b84ed51fb10a8e0a7c5c0309e0d8a9
POST /s/gts1d4/EB9-1qt57J8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/EB9-1qt57J8
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/EB9-1qt57J8
IP 142.250.74.131:0
Hash 62c52a31b2e3e918ad6ca7382f1f4886
c9d43850d057af152113cf2f348792d6ba04b99a
29281aa55f3d327a5d8332d511947b8548b84ed51fb10a8e0a7c5c0309e0d8a9
POST /s/gts1d4/EB9-1qt57J8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 83508e2764c69782f1bae91e8b4f62f6
a00ea71e0f3d3be36c287f904ae306e5cb7d32cf
058fcc238e1df7cd76946926f203e4c5cea3f743a259c812199af346c1cbbf43
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3345
Cache-Control: max-age=150395
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Etag: "638ddee8-117"
Expires: Wed, 07 Dec 2022 13:02:49 GMT
Last-Modified: Mon, 05 Dec 2022 12:07:04 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
stcdn.leadconnectorhq.com/_preview/calendar.fd400083.css
35.244.153.18200 OK 231 B URL HTTP/2 stcdn.leadconnectorhq.com/_preview/calendar.fd400083.css
IP 35.244.153.18:0
File type ASCII text, with very long lines (674)
Hash 698ea82da6348756db27cb56aac68a21
0289ec425627c9a3ae813eae3ac2e870bc7ecb0f
f8d5f1a9e73dcd68404a3956ba40afcea0eee55b8c1ca779a6aa4e9f6317c5a8
GET /_preview/calendar.fd400083.css HTTP/1.1
Host: stcdn.leadconnectorhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvkxiY4QemhdbQ1nkUoqOrpIpyPVtGaAV7RRMtUYWKK4GTO2R_Z1iCcvgWHaIIvbwOeSanYIoFk6oPlYTl7KAdTIKgGv5LU
x-goog-generation: 1668415999188001
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 231
content-encoding: gzip
x-goog-hash: crc32c=e/J9YA==, md5=aY6oLaY0h1bbJ8tWqsaKIQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 231
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
server: UploadServer
date: Mon, 14 Nov 2022 08:56:17 GMT
expires: Tue, 14 Nov 2023 08:56:17 GMT
cache-control: public, no-transform, immutable, max-age=31536000
last-modified: Mon, 14 Nov 2022 08:53:19 GMT
etag: "698ea82da6348756db27cb56aac68a21"
content-type: text/css
age: 1851597
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stcdn.leadconnectorhq.com/_preview/default.f5865b9f.css
35.244.153.18200 OK 281 B URL HTTP/2 stcdn.leadconnectorhq.com/_preview/default.f5865b9f.css
IP 35.244.153.18:0
File type ASCII text, with very long lines (443)
Hash 263ea983d06f739864b9e79a17b54c83
00a57918f544a09e74db7560f4abcae76fcacbd5
5b8ab11c6859d5d1f4dc92735a56179f21f8ddf3460defc0bf3b5d223a0eefc3
GET /_preview/default.f5865b9f.css HTTP/1.1
Host: stcdn.leadconnectorhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycds-tiLaULkGGqkVdZVCuS9Lts3gIpYop3Jna9QHp_wRkMBa_E_mYQKY76Ns8gfviUYj-9mmEOGhBm7yDDNH9MrLfA
x-goog-generation: 1670006476369563
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 281
content-encoding: gzip
x-goog-hash: crc32c=fjlG2w==, md5=Jj6pg9Bvc5hkueeaF7VMgw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 281
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
server: UploadServer
date: Sat, 03 Dec 2022 08:18:02 GMT
expires: Sun, 03 Dec 2023 08:18:02 GMT
cache-control: public, no-transform, immutable, max-age=31536000
last-modified: Fri, 02 Dec 2022 18:41:16 GMT
etag: "263ea983d06f739864b9e79a17b54c83"
content-type: text/css
age: 212292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stcdn.leadconnectorhq.com/_preview/entry.11cdb0c0.css
35.244.153.18200 OK 27 kB URL HTTP/2 stcdn.leadconnectorhq.com/_preview/entry.11cdb0c0.css
IP 35.244.153.18:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash fea22a618bdb1cda0a6397e8a94ba454
368a615be6408c5a4d707931080d670b70ed6104
43f152003d5e599d3969bbe5e8e2550546fb55233402274bbfe2085a4c9fb082
GET /_preview/entry.11cdb0c0.css HTTP/1.1
Host: stcdn.leadconnectorhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsutgy3wfC-7avLiKUueeHzrUSCdN7tFnZI90l80IqqHDM-jSmFxAG9IfupnnkyR0Z7hemcxpbxjMSyv52bbsyDLg
x-goog-generation: 1669977110084717
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 27167
content-encoding: gzip
x-goog-hash: crc32c=p7b00Q==, md5=/qIqYYvbHNoKY5foqUukVA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 27167
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
server: UploadServer
date: Fri, 02 Dec 2022 10:33:46 GMT
expires: Sat, 02 Dec 2023 10:33:46 GMT
cache-control: public, no-transform, immutable, max-age=31536000
last-modified: Fri, 02 Dec 2022 10:31:50 GMT
etag: "fea22a618bdb1cda0a6397e8a94ba454"
content-type: text/css
age: 290548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 83508e2764c69782f1bae91e8b4f62f6
a00ea71e0f3d3be36c287f904ae306e5cb7d32cf
058fcc238e1df7cd76946926f203e4c5cea3f743a259c812199af346c1cbbf43
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3345
Cache-Control: max-age=150395
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Etag: "638ddee8-117"
Expires: Wed, 07 Dec 2022 13:02:49 GMT
Last-Modified: Mon, 05 Dec 2022 12:07:04 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 83508e2764c69782f1bae91e8b4f62f6
a00ea71e0f3d3be36c287f904ae306e5cb7d32cf
058fcc238e1df7cd76946926f203e4c5cea3f743a259c812199af346c1cbbf43
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3345
Cache-Control: max-age=150395
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Etag: "638ddee8-117"
Expires: Wed, 07 Dec 2022 13:02:49 GMT
Last-Modified: Mon, 05 Dec 2022 12:07:04 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
stcdn.leadconnectorhq.com/_preview/entry-9a3835e5.mjs
35.244.153.18200 OK 106 kB URL HTTP/2 stcdn.leadconnectorhq.com/_preview/entry-9a3835e5.mjs
IP 35.244.153.18:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 106 kB (106474 bytes)
Hash 4beafa2b4c168c0366b838dad6aa5d50
394edba153b004dcce1165105fc806d7650ede13
d4f576a7478c9010a63f35611e1f46ee818e9430f9601ec3f767e9577c28a231
GET /_preview/entry-9a3835e5.mjs HTTP/1.1
Host: stcdn.leadconnectorhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvoS_yBGRQGGH4vLlU1YxLD0TK614Zb2-YTKT_ZA7B9lKvmpYr_5aROa8fcCEq-rT23xVBjOCfbSzr5NkgFfyqcU0xyLRJo
x-goog-generation: 1669977117580769
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 106474
content-encoding: gzip
x-goog-hash: crc32c=ob/+bQ==, md5=S+r6K0wWjANmuDja1qpdUA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 106474
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 02 Dec 2022 10:33:46 GMT
expires: Sat, 02 Dec 2023 10:33:46 GMT
cache-control: public, no-transform, immutable, max-age=31536000
last-modified: Fri, 02 Dec 2022 10:31:57 GMT
etag: "4beafa2b4c168c0366b838dad6aa5d50"
content-type: application/javascript
age: 290548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stcdn.leadconnectorhq.com/_preview/default-3c130b0c.mjs
35.244.153.18200 OK 511 B URL HTTP/2 stcdn.leadconnectorhq.com/_preview/default-3c130b0c.mjs
IP 35.244.153.18:0
File type Java source, ASCII text, with very long lines (838)
Hash de900b0be1528bf1b5f7cf5037e4ef1f
8861f06bcdb4790f5b446235454679f2b13870a0
0529cb955fc54e0670887c7203a7c7e55634e1c3a6aa25b40b43d6a96b6b0acd
GET /_preview/default-3c130b0c.mjs HTTP/1.1
Host: stcdn.leadconnectorhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycds6cx47yUuAQ7fIXedAH7eXmvrOOHiFfS3p23k2uILjin4sEK5l4bb9NN4AZtT816x2638ahQW5NRKTAEFC2AU-Yh0mSbCo
x-goog-generation: 1669977119109661
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 511
content-encoding: gzip
x-goog-hash: crc32c=jWA4AQ==, md5=3pALC+FSi/G1989QN+TvHw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 511
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 02 Dec 2022 10:33:46 GMT
expires: Sat, 02 Dec 2023 10:33:46 GMT
cache-control: public, no-transform, immutable, max-age=31536000
last-modified: Fri, 02 Dec 2022 10:31:59 GMT
etag: "de900b0be1528bf1b5f7cf5037e4ef1f"
content-type: application/javascript
age: 290548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/EB9-1qt57J8
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/EB9-1qt57J8
IP 142.250.74.131:0
Hash 62c52a31b2e3e918ad6ca7382f1f4886
c9d43850d057af152113cf2f348792d6ba04b99a
29281aa55f3d327a5d8332d511947b8548b84ed51fb10a8e0a7c5c0309e0d8a9
POST /s/gts1d4/EB9-1qt57J8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stcdn.leadconnectorhq.com/_preview/index-45ec5bb8.mjs
35.244.153.18200 OK 348 B URL HTTP/2 stcdn.leadconnectorhq.com/_preview/index-45ec5bb8.mjs
IP 35.244.153.18:0
File type Java source, ASCII text, with very long lines (525)
Hash 3adf017310b253504fc0f3aad31a9af7
0885879ec0ba11cff37ee3ce6456d72ad557a2d4
a1c668f4f51696b56876f96a048c5e4d5675336dbd2027c8ef2e3f23b1b4239b
GET /_preview/index-45ec5bb8.mjs HTTP/1.1
Host: stcdn.leadconnectorhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdu2jAjnKmnslgHOBKHqRbdyM_UYjNkurjp_s5xplZwcJ4qqo7aLT5hUDIfKqms7WQwmcfWiRwHa8-q1yWy_GqwcjVY1nXjF
x-goog-generation: 1669977119549426
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 63592
content-encoding: gzip
x-goog-hash: crc32c=6VMZKQ==, md5=tSAm4jl5FVj61coFfCWEAA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 63592
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 02 Dec 2022 10:33:46 GMT
expires: Sat, 02 Dec 2023 10:33:46 GMT
cache-control: public, no-transform, immutable, max-age=31536000
last-modified: Fri, 02 Dec 2022 10:31:59 GMT
etag: "b52026e239791558fad5ca057c258400"
content-type: application/javascript
age: 290548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 579 B IP 93.184.220.29:0
Hash a062ccdd5c7ef1d9ae6114364517e067
7b5437a935c96a44a5a3a3a5ef257093425eb3c6
4f9c9b9b413ac2cf878f583ab83f438769d32999fdcc512c60bdb30bfd02c4ae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3345
Cache-Control: max-age=150395
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Etag: "638ddee8-117"
Expires: Wed, 07 Dec 2022 13:02:49 GMT
Last-Modified: Mon, 05 Dec 2022 12:07:04 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
stcdn.leadconnectorhq.com/_preview/index-109aa753.mjs
35.244.153.18200 OK 12 kB URL HTTP/2 stcdn.leadconnectorhq.com/_preview/index-109aa753.mjs
IP 35.244.153.18:0
File type ASCII text, with very long lines (39069)
Hash 2741cc66317d6d11952b721a144e87a8
7b94b75d6e5d42eb34ae93b3fffae4755cc16e62
ab8fea2f2dcc723994f7f76b1fba10392ee9f507d454eabcfb8c42a2bb7c5c44
GET /_preview/index-109aa753.mjs HTTP/1.1
Host: stcdn.leadconnectorhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://stcdn.leadconnectorhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvrakyfPShGA7aU44CyIV-Q6PQVilxSlYuw6I31T6dZ6Jc86ve7uuEyjczx_KuH28Nlz-8hLGbJlmhD1G_h2B_YNUJFDiKg
x-goog-generation: 1669977117791768
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 11769
content-encoding: gzip
x-goog-hash: crc32c=xADsdg==, md5=J0HMZjF9bRGVK3IaFE6HqA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 11769
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 02 Dec 2022 10:33:46 GMT
expires: Sat, 02 Dec 2023 10:33:46 GMT
cache-control: public, no-transform, immutable, max-age=31536000
last-modified: Fri, 02 Dec 2022 10:31:57 GMT
etag: "2741cc66317d6d11952b721a144e87a8"
content-type: application/javascript
age: 290548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stcdn.leadconnectorhq.com/_preview/HLConst-a8d4aa62.mjs
35.244.153.18200 OK 459 B URL HTTP/2 stcdn.leadconnectorhq.com/_preview/HLConst-a8d4aa62.mjs
IP 35.244.153.18:0
File type ASCII text, with very long lines (681)
Hash ccb3461de860ede07b761eb5c3edd015
fb3aa6e8895b00b8deeb9dab395ec54ae822ca30
94164b9066fa0bd713b79bf29350f44ea8de484a730256cdc384ca2bc1d70c1b
GET /_preview/HLConst-a8d4aa62.mjs HTTP/1.1
Host: stcdn.leadconnectorhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://stcdn.leadconnectorhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvii6XXKQS7kl7y9FCqPqJbJr39zB9r_5dP_w5nosPOE-RCC3dfUxMd_1LnWEhhHmf6V89S92chxL8fGbgQYppzEd8SBvu9
x-goog-generation: 1668080358056149
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 459
content-encoding: gzip
x-goog-hash: crc32c=KGhSTQ==, md5=zLNGHehg7eB7dh61w+3QFQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 459
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Thu, 10 Nov 2022 11:42:08 GMT
expires: Fri, 10 Nov 2023 11:42:08 GMT
cache-control: public, no-transform, immutable, max-age=31536000
last-modified: Thu, 10 Nov 2022 11:39:18 GMT
etag: "ccb3461de860ede07b761eb5c3edd015"
content-type: application/javascript
age: 2187246
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stcdn.leadconnectorhq.com/_preview/TextElement-6ed27eb4.mjs
35.244.153.18200 OK 27 kB URL HTTP/2 stcdn.leadconnectorhq.com/_preview/TextElement-6ed27eb4.mjs
IP 35.244.153.18:0
File type ASCII text, with very long lines (47242)
Hash a8ee1f301808d50a40260402706139eb
e765b9498fb437daa4b29549f35f9b791563ee22
ff0f0aa29cb131032465b99fdd5a1e32e8b291dfae328a13c25255281f7187f6
GET /_preview/TextElement-6ed27eb4.mjs HTTP/1.1
Host: stcdn.leadconnectorhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://stcdn.leadconnectorhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsmKjGVtW4MhVl2r28A6zkTkg8P2DdUaGTkzmtTaTAtrhyO5qmSt54smcY9SyOFJ10HXyd3pke-d0QxB1w2gkJFsRU4TkyP
x-goog-generation: 1669977117999564
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 26727
content-encoding: gzip
x-goog-hash: crc32c=G0OFfA==, md5=qO4fMBgI1QpAJgQCcGE56w==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 26727
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 02 Dec 2022 10:33:46 GMT
expires: Sat, 02 Dec 2023 10:33:46 GMT
cache-control: public, no-transform, immutable, max-age=31536000
last-modified: Fri, 02 Dec 2022 10:31:58 GMT
etag: "a8ee1f301808d50a40260402706139eb"
content-type: application/javascript
age: 290548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stcdn.leadconnectorhq.com/_preview/FormComponent-957b316e.mjs
35.244.153.18200 OK 10 kB URL HTTP/2 stcdn.leadconnectorhq.com/_preview/FormComponent-957b316e.mjs
IP 35.244.153.18:0
File type Unicode text, UTF-8 text, with very long lines (35017)
Hash c767e6a1095e94eaa68b700c489f2691
c69ac2805b1824369e74c93f21816f8cebc19b33
286842053396fc6ee7a073904dadfb711d70005150c7b91b06648c2207763d26
GET /_preview/FormComponent-957b316e.mjs HTTP/1.1
Host: stcdn.leadconnectorhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://stcdn.leadconnectorhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsBr9Ub7gZ0Dhu2pBA0Vyvw0YZgaNSChPkpVoyz5gOYSfJ4-34UxmXt25ieGCZ5psUCZipru0RBXDdO-KdNsrPDIcxJSye-
x-goog-generation: 1669977116915412
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 10007
content-encoding: gzip
x-goog-hash: crc32c=0MYY+Q==, md5=x2fmoQlelOqmi3AMSJ8mkQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 10007
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 02 Dec 2022 10:33:46 GMT
expires: Sat, 02 Dec 2023 10:33:46 GMT
cache-control: public, no-transform, immutable, max-age=31536000
last-modified: Fri, 02 Dec 2022 10:31:57 GMT
etag: "c767e6a1095e94eaa68b700c489f2691"
content-type: application/javascript
age: 290548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stcdn.leadconnectorhq.com/_preview/CalendarComponent-af5c6a1f.mjs
35.244.153.18200 OK 11 kB URL HTTP/2 stcdn.leadconnectorhq.com/_preview/CalendarComponent-af5c6a1f.mjs
IP 35.244.153.18:0
File type ASCII text, with very long lines (35302)
Hash 5836522162cd8e429f2b28f81aae8d36
eeabd426216e0deb5e11a6bbb4a74acd6730d0ba
3bdb02eccc4faf7c7327ea6a2d18d4a18ae0265d69b4d0c143f54e29f049c090
GET /_preview/CalendarComponent-af5c6a1f.mjs HTTP/1.1
Host: stcdn.leadconnectorhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://stcdn.leadconnectorhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdu95O0e0WHYQ44N1XcNJ4Kc_Se-4801IC9WVmKYlAM23vz_6k4zSN4ci8pdcFgwOMkxRdec4itMhGjImhtkpuOFWggOEbOV
x-goog-generation: 1669977118449661
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 11427
content-encoding: gzip
x-goog-hash: crc32c=hw5Oxg==, md5=WDZSIWLNjkKfKyj4Gq6NNg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 11427
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 02 Dec 2022 10:33:46 GMT
expires: Sat, 02 Dec 2023 10:33:46 GMT
cache-control: public, no-transform, immutable, max-age=31536000
last-modified: Fri, 02 Dec 2022 10:31:58 GMT
etag: "5836522162cd8e429f2b28f81aae8d36"
content-type: application/javascript
age: 290548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stcdn.leadconnectorhq.com/_preview/CalendarComponentv3-3600b05f.mjs
35.244.153.18200 OK 15 kB URL HTTP/2 stcdn.leadconnectorhq.com/_preview/CalendarComponentv3-3600b05f.mjs
IP 35.244.153.18:0
File type ASCII text, with very long lines (45193)
Hash 143320e06f63d555954b3f0f66285216
878978781211ac8ac84552b70cfdf9e75f95d8b0
15368d6f3ec9fb67cb679720ae9181324faf351ecd761f686a9940acdea700f4
GET /_preview/CalendarComponentv3-3600b05f.mjs HTTP/1.1
Host: stcdn.leadconnectorhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://stcdn.leadconnectorhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvWJMZ8o9aMuLwtPPk5hcOR2An2Jj99yyue4T0awEad86XZtLKXVTfzE0CzKOzCXz0v1YugGr761y70yXR-xHnwcWwArpqc
x-goog-generation: 1669977115396574
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 14832
content-encoding: gzip
x-goog-hash: crc32c=7ciSww==, md5=FDMg4G9j1VWVSz8PZihSFg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 14832
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 02 Dec 2022 10:33:46 GMT
expires: Sat, 02 Dec 2023 10:33:46 GMT
cache-control: public, no-transform, immutable, max-age=31536000
last-modified: Fri, 02 Dec 2022 10:31:55 GMT
etag: "143320e06f63d555954b3f0f66285216"
content-type: application/javascript
age: 290548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stcdn.leadconnectorhq.com/_preview/surveyComponent-b8361837.mjs
35.244.153.18200 OK 11 kB URL HTTP/2 stcdn.leadconnectorhq.com/_preview/surveyComponent-b8361837.mjs
IP 35.244.153.18:0
File type Unicode text, UTF-8 text, with very long lines (39947)
Hash 98339f7c227ec3dc9597af0c283159f3
13d2f7a8fb21c2145f0e7d31e17e857aaff46131
c973bd2274191eb27a78e5d9471e27ac6c60185f09f58e8f826fa68dc33f733d
GET /_preview/surveyComponent-b8361837.mjs HTTP/1.1
Host: stcdn.leadconnectorhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://stcdn.leadconnectorhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvQQWHrQX5iQUTN4GiFLTe6gKmWHTIRz66mq-x4sSKJV-iyUtt3fYJdomyE5MBdRfCM9EgEXyWmd9Yp2k36iE4EVaU-whEw
x-goog-generation: 1669977118234595
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 11131
content-encoding: gzip
x-goog-hash: crc32c=V8pHYQ==, md5=mDOffCJ+w9yVl68MKDFZ8w==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 11131
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 02 Dec 2022 10:33:46 GMT
expires: Sat, 02 Dec 2023 10:33:46 GMT
cache-control: public, no-transform, immutable, max-age=31536000
last-modified: Fri, 02 Dec 2022 10:31:58 GMT
etag: "98339f7c227ec3dc9597af0c283159f3"
content-type: application/javascript
age: 290548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 1413
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 430919
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/brands.css
172.64.133.15200 OK 47 kB URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/brands.css
IP 172.64.133.15:0
File type ASCII text, with very long lines (489)
Hash 527037290bf6814b7298f89f1ae1c35a
2304596ac4867f4a1fb73f003dc6d2f2249532ee
4118939a7eb4c75692fcff568cc8cd4717cc78053a7bf806910054d6184aab1f
GET /releases/v5.15.4/css/brands.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:16:14 GMT
content-type: text/css
x-amz-id-2: skXnHpmrUXZcpJG18Jd2Yw9200jvgyHAAQcoOOaaQGIePv84DoxkKaWGOyN6oZQRm6RFy8kC9plcHDjk3VhikA==
x-amz-request-id: 0210QJHGK65HFPSN
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"2c213c9e855a714f04273ad8ddfec94a"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 21401
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQ1G0n4yaXP46QP%2FsTUXMgUh8eyoIi0WfoMGAf5ghedNE5tvmdQ9K1PtiUuLD1uCgtha8VhaokYn9qYd3Zkksia4oDgG9NJhk8xzxO0nzE8VYQbM6%2BhqDqb5TUepsqzFYNLwL9XN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774f1d75da1a23cb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,700%7COpen%20Sans:400,700%7CRaleway:400,700%7CMontserrat:400,700&display=swap
142.250.74.106200 OK 17 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,700%7COpen%20Sans:400,700%7CRaleway:400,700%7CMontserrat:400,700&display=swap
IP 142.250.74.106:0
Hash b8d16a527d0af7e4d17cad558842ad87
fe97f7798cab86e508409ba289129ac2a52cbcc8
8ec954666b3d5c8353b0e23cd689356e82eb33b352a9f38e2e3116fd58cfec0f
GET /css?family=Lato:400,700%7CRoboto:400,700%7COpen%20Sans:400,700%7CRaleway:400,700%7CMontserrat:400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 19:16:14 GMT
date: Mon, 05 Dec 2022 19:16:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.cdn.msgsndr.com/muBKRmyiIz7rQZKHHloS/media/62505a0040dc5d00cad3fcd3.png
35.244.153.18200 OK 137 kB URL HTTP/2 assets.cdn.msgsndr.com/muBKRmyiIz7rQZKHHloS/media/62505a0040dc5d00cad3fcd3.png
IP 35.244.153.18:0
File type PNG image data, 3172 x 2013, 8-bit/color RGBA, non-interlaced\012- data
Size 137 kB (136803 bytes)
Hash e9586caddb4816454c3ce7bdc9c0562d
38ddebc759c5a47862ca939d08a6774c8cd9fc3b
6beebaa75763b0a8ee7673043e2afec18e3b0b2f252768c790221cee6ff3e80e
GET /muBKRmyiIz7rQZKHHloS/media/62505a0040dc5d00cad3fcd3.png HTTP/1.1
Host: assets.cdn.msgsndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvo1hjrEtjP6thlg3qavpcpqP8dxbU06YqZxAinkvf7zhxYnNwrMNpkxCD-wFm0JOfc0HYmdSQOCZHHQ9aUphEPiw
date: Mon, 05 Dec 2022 19:16:14 GMT
cache-control: public,max-age=31622400
last-modified: Fri, 08 Apr 2022 15:51:31 GMT
etag: "e9586caddb4816454c3ce7bdc9c0562d"
x-goog-generation: 1649433091565869
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 136803
content-type: image/png
x-goog-hash: crc32c=0OWL/Q==, md5=6VhsrdtIFkVMPOe9ycBWLQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 136803
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/JAUImsI7pVM
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/JAUImsI7pVM
IP 142.250.74.131:0
Hash 981435e29871a1fbbf5a3f3858cebfd4
737222617178817296d67acc791187b3dbe9e65d
f37cd0913365bc14b0b4c129d53018dbe69acc21cc8dd7bba29f0f0d295fabe8
POST /s/gts1d4/JAUImsI7pVM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.cdn.msgsndr.com/muBKRmyiIz7rQZKHHloS/media/38fb046c-4a4f-4c50-966d-8da0d831b12b.gif
35.244.153.18200 OK 14 kB URL HTTP/2 assets.cdn.msgsndr.com/muBKRmyiIz7rQZKHHloS/media/38fb046c-4a4f-4c50-966d-8da0d831b12b.gif
IP 35.244.153.18:0
File type GIF image data, version 89a, 850 x 49\012- data
Hash 16090702c04db2db6210e31ea956c9ab
d432e8702bb72fb4ae7ac0bad0d094151d3b1b0a
3c82987bb6b7f8c9d0c8c6b659b248b607ff7b996ef0fb58c389c5c0dab15d8b
GET /muBKRmyiIz7rQZKHHloS/media/38fb046c-4a4f-4c50-966d-8da0d831b12b.gif HTTP/1.1
Host: assets.cdn.msgsndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvFu__MVWKiXu_Lx79PZ_ZYYT4rY9hYHaSvcWeZ5VNDAaS8SEqxT5eJS85emf-qf4iXkPzN3d7OwPKVwbPHJBlKoQ
date: Mon, 05 Dec 2022 19:16:14 GMT
cache-control: public,max-age=31622400
last-modified: Fri, 08 Apr 2022 21:43:00 GMT
etag: "16090702c04db2db6210e31ea956c9ab"
x-goog-generation: 1649454180638844
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 14050
x-goog-meta-custom: metadata
content-type: image/gif
x-goog-hash: crc32c=gDnKqQ==, md5=FgkHAsBNsttiEOMeqVbJqw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 14050
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1kday.com/ch2/assets/ch2-favi-gold.png
104.21.68.48200 OK 4.5 kB URL HTTP/2 1kday.com/ch2/assets/ch2-favi-gold.png
IP 104.21.68.48:0
File type PNG image data, 62 x 62, 8-bit/color RGBA, interlaced\012- data
Hash f8b1b47eac8e07c1b010630410d4fe28
ca454406139ca52b4dd92f21cef5b27a46a3b9ad
07f772382dde8d1c491183d7b065efe3395a9e7c88f936dfab699e392a6604b7
GET /ch2/assets/ch2-favi-gold.png HTTP/1.1
Host: 1kday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:16:14 GMT
content-type: image/png
content-length: 4489
last-modified: Thu, 27 Jan 2022 16:51:00 GMT
cache-control: max-age=2592000
expires: Thu, 29 Dec 2022 18:14:53 GMT
cf-cache-status: HIT
age: 522081
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2xKs099eLcYcUgr%2FUOfRj2lSVm3opn2N7qbHKsM838h%2Br0pGtdH%2BEZYU%2FdhtJ%2FFKqGvq3yTUmaFM6Y6OrW18k0uoxI5JWhkaEBn70%2BpzrJ6aLNEB6r%2Bn5C%2B8os%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774f1d781921b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/lzgSNRmeaHU
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/lzgSNRmeaHU
IP 142.250.74.131:0
Hash fbff03d1c387fea4997d317ddc19d15a
207395e28b3c7d1fd98e5791933d8c56ebba03d8
a31f29f1d13bc989183067e39ae54ec4a1d1e6eaa7f7ca3c955f8a33d87c6540
POST /s/gts1d4/lzgSNRmeaHU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/lzgSNRmeaHU
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/lzgSNRmeaHU
IP 142.250.74.131:0
Hash fbff03d1c387fea4997d317ddc19d15a
207395e28b3c7d1fd98e5791933d8c56ebba03d8
a31f29f1d13bc989183067e39ae54ec4a1d1e6eaa7f7ca3c955f8a33d87c6540
POST /s/gts1d4/lzgSNRmeaHU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3915ae99bed676bba76e42bc6c9ccf63
2d74879010a8d654ee64b500c67b579d50ad432e
a67b5a12caf98cdad4dae24ea209c7596f2c2fbce144858340a57c00a79de174
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6156
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Last-Modified: Mon, 05 Dec 2022 17:33:41 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
embed.typeform.com/next/css/widget.css
54.192.99.91200 OK 977 B URL HTTP/2 embed.typeform.com/next/css/widget.css
IP 54.192.99.91:0
File type ASCII text, with very long lines (977), with no line terminators
Hash bfa88540583875439d081b2da923623c
e1d94ac76261c69e52174901069934844508453b
339f82086eb610c04641daa0f9ae1a81c438fd8b0e985704032ed98ee6f5f224
GET /next/css/widget.css HTTP/1.1
Host: embed.typeform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 977
last-modified: Fri, 02 Dec 2022 13:06:56 GMT
x-amz-version-id: Tl.wwzxcT0q8TtS0KD032kJAI0ujDKpr
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Dec 2022 19:11:36 GMT
etag: "bfa88540583875439d081b2da923623c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a62f7ce6b39c676fcfdde0f9a6fcf08e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: z2PHHqiPYbMzy6nyRdF9eBJIPOjDGlGBE79rWjUYwDw3Em7TTIoMaA==
age: 297
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash aa7ecd56c3c322131eba5d6be7effb2f
f38f9f4c39508f003830e886adb08d086fbb6960
91f3e2d10eabed2bcbfca956aa07b988d2d0aa8637b8e318520da24a659a2d13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6223
Cache-Control: max-age=96736
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:14 GMT
Etag: "638d020f-116"
Expires: Tue, 06 Dec 2022 22:08:30 GMT
Last-Modified: Sun, 04 Dec 2022 20:24:47 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
services.msgsndr.com/funnels/stats/event
34.98.115.9204 No Content 0 B URL HTTP/2 services.msgsndr.com/funnels/stats/event
IP 34.98.115.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /funnels/stats/event HTTP/1.1
Host: services.msgsndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: channel,content-type,source,version
Referer: https://go.1kday.com/
Origin: https://go.1kday.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: channel,content-type,source,version
content-length: 0
date: Mon, 05 Dec 2022 19:16:14 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
65.9.54.126200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 65.9.54.126:0
Hash 124aecb504509a0647ec1beec0bdb8b1
5c74160cd48aede69d5e2da47b6d659144c3011c
6c73fa03112a3a878b58d7895da252898fe2014651141cda9bcdaca3e04dc688
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=118129
Date: Mon, 05 Dec 2022 19:16:15 GMT
Etag: "638d633a-1d7"
Expires: Wed, 07 Dec 2022 04:05:04 GMT
Last-Modified: Mon, 05 Dec 2022 03:19:22 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 d42e11d52edd8bb7c6c82444d8414824.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
X-Amz-Cf-Id: T12-cHmcQiefCEDC2r022cMtpQ3nOsP-9oNDXLkra2MS324iC0GirA==
Age: 2742
services.msgsndr.com/attribution_service/user_session_v3/create_session
34.98.115.9200 OK 0 B URL HTTP/2 services.msgsndr.com/attribution_service/user_session_v3/create_session
IP 34.98.115.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /attribution_service/user_session_v3/create_session HTTP/1.1
Host: services.msgsndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://go.1kday.com/
Origin: https://go.1kday.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type
content-length: 0
date: Mon, 05 Dec 2022 19:16:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
services.msgsndr.com/funnels/stats/event
34.98.115.9201 Created 109 B URL HTTP/2 services.msgsndr.com/funnels/stats/event
IP 34.98.115.9:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 33858a7cc37527ac10dfdaffc27469ef
3277845420ffcd2ce9bfca983ec62dac1e8e102d
e18f9add01ef3b3bd7a2aa4dbeb728061b750d88b087895015bdeb8c2a2a86cf
POST /funnels/stats/event HTTP/1.1
Host: services.msgsndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go.1kday.com/
channel: APP
content-type: application/json
source: WEB_USER
version: 2021-04-15
Origin: https://go.1kday.com
Content-Length: 253
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
x-powered-by: Express
access-control-allow-origin: *
content-type: application/json; charset=utf-8
content-length: 109
etag: W/"6d-MneEVCD/zSzpv8qYPsYtrB6OEC0"
vary: Accept-Encoding
date: Mon, 05 Dec 2022 19:16:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
player.vimeo.com/video/716992134?h=fc9beab3d3
162.159.128.61200 OK 6.2 kB URL HTTP/1.1 player.vimeo.com/video/716992134?h=fc9beab3d3
IP 162.159.128.61:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (20054), with no line terminators
Hash 75f72b19b5d2c38cce38896ab1992a3e
371287a44a781cc022eb241fd569fc153bc621a7
b99193e2ee355a726abdf3da860916d5dfb1383288412805bb91a8a32a4b9440
GET /video/716992134?h=fc9beab3d3 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 19:16:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Fri, 15 Dec 1985 19:30:00 GMT
x-host: player-8c6fcccfc-kvmgx
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 0
x-vserver: playproxy-rollout-prod-varnish-2
x-backend-proxy: playproxy3
x-bapp-server: player-8c6fcccfc-kvmgx
Age: 0
X-Served-By: cache-bma1658-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1670267775.938879,VS0,VE204
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=sFpWgqOQ.Jwjeeep8OllQ9ufvTczSik03XaeQbcMLGs-1670267775-0-AaBGyXk0dHCXOYL+38PLyfgu6tI6ctgJfeO9lMe3rKMLHlkYTJCyXoIN7nZoRPcOPsiwqVAM6j9LH0Ah6qS7z1o=; path=/; expires=Mon, 05-Dec-22 19:46:15 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 774f1d7939a7b521-OSL
Content-Encoding: gzip
ocsp.pki.goog/s/gts1d4/lzgSNRmeaHU
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/lzgSNRmeaHU
IP 142.250.74.131:0
Hash fbff03d1c387fea4997d317ddc19d15a
207395e28b3c7d1fd98e5791933d8c56ebba03d8
a31f29f1d13bc989183067e39ae54ec4a1d1e6eaa7f7ca3c955f8a33d87c6540
POST /s/gts1d4/lzgSNRmeaHU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
services.msgsndr.com/attribution_service/user_session_v3/create_session
34.98.115.9200 OK 105 B URL HTTP/2 services.msgsndr.com/attribution_service/user_session_v3/create_session
IP 34.98.115.9:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6319882b4174b77a6bdec3f2ecc8b93f
7afaad99dddbaae3febe3e339d9197824de18f79
8910e3e1293f14ae27d1a3234011003319dc24bf41931bb328b004b596526119
POST /attribution_service/user_session_v3/create_session HTTP/1.1
Host: services.msgsndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go.1kday.com/
Content-Type: application/json
Origin: https://go.1kday.com
Content-Length: 910
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: *
content-type: application/json; charset=utf-8
content-length: 105
etag: W/"69-evqtmd3bquP+vj4znZGXgk3hj3k"
date: Mon, 05 Dec 2022 19:16:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.15.0/css/player.css
151.101.86.109200 OK 21 kB URL HTTP/2 f.vimeocdn.com/p/4.15.0/css/player.css
IP 151.101.86.109:0
File type ASCII text, with very long lines (65495)
Hash a3356aaf136d7161fd55f10f76552bd2
67d2d6a4c6ac5891fc613b2840c9b582fe8ca178
7b3fb287e463827aa07d1d10b45f48581caace0b0261cbbbf84ca7823fd7ec96
GET /p/4.15.0/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Dec 2022 19:16:15 GMT
age: 271448
x-served-by: cache-iad-kcgs7200087-IAD, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 16, 57149
x-timer: S1670267775.315981,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 20766
X-Firefox-Spdy: h2
i.vimeocdn.com/video/1444651325-045de81e51cc9ebfc0681afd6fab25c995a473dbbbf2ec02418cf3ac09fcb265-d.jpg?mw=80&q=85
151.101.86.109200 OK 1.5 kB URL HTTP/2 i.vimeocdn.com/video/1444651325-045de81e51cc9ebfc0681afd6fab25c995a473dbbbf2ec02418cf3ac09fcb265-d.jpg?mw=80&q=85
IP 151.101.86.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x45, components 3\012- data
Hash 6f9e0828ca91fe7d5dd4c9984455e878
4200f30c215461d73e9c82a5e275de6824cb0f3d
06eafec58ee42f8a7db040dfb18014d009e438bd2ecc4d5dc5fc60f7a91630cb
GET /video/1444651325-045de81e51cc9ebfc0681afd6fab25c995a473dbbbf2ec02418cf3ac09fcb265-d.jpg?mw=80&q=85 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
etag: 6f9e0828ca91fe7d5dd4c9984455e878
x-viewmaster-lossless-format: lossy
viewmaster-server: viewmaster-us-east1-7d1b
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Mon, 05 Dec 2022 19:16:15 GMT
age: 966319
x-served-by: cache-dfw-kdfw8210106-DFW, cache-bma1653-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 6, 1
x-timer: S1670267775.352012,VS0,VE1
content-length: 1546
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.15.0/js/player.module.js
151.101.86.109200 OK 117 kB URL HTTP/2 f.vimeocdn.com/p/4.15.0/js/player.module.js
IP 151.101.86.109:0
File type Unicode text, UTF-8 text, with very long lines (65445)
Size 117 kB (116677 bytes)
Hash 97e15950b5afa29600bd6ae9b2dab4ce
be1299de0da9ac8897f245bf84e35fd35cc34989
f956a3aa6edcf78176620eca3cedd8cb697d696ea170f5c840a48b1c5c5ed4e6
GET /p/4.15.0/js/player.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Dec 2022 19:16:15 GMT
age: 271448
x-served-by: cache-iad-kiad7000044-IAD, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 11, 45279
x-timer: S1670267775.342850,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 116677
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash aa7ecd56c3c322131eba5d6be7effb2f
f38f9f4c39508f003830e886adb08d086fbb6960
91f3e2d10eabed2bcbfca956aa07b988d2d0aa8637b8e318520da24a659a2d13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6224
Cache-Control: max-age=96736
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:15 GMT
Etag: "638d020f-116"
Expires: Tue, 06 Dec 2022 22:08:31 GMT
Last-Modified: Sun, 04 Dec 2022 20:24:47 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
f.vimeocdn.com/p/4.15.0/js/vendor.module.js
151.101.86.109200 OK 116 kB URL HTTP/2 f.vimeocdn.com/p/4.15.0/js/vendor.module.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (65457)
Size 116 kB (115907 bytes)
Hash 68e86da9d3e77f566a2265c358f77c22
c5010f1791f13c8813ea189c795db76111a28c3e
54dc3260e92b0821e531454bbb23978bc8ea0ff726081497834b90fdaf6c1f49
GET /p/4.15.0/js/vendor.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://f.vimeocdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Dec 2022 19:16:15 GMT
age: 271448
x-served-by: cache-iad-kjyo7100126-IAD, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 14, 57348
x-timer: S1670267776.533462,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 115907
X-Firefox-Spdy: h2
f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
151.101.86.109200 OK 997 B URL HTTP/2 f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (1839)
Hash b81408535edef4b73951fa7683a0ecb4
2be1041a686c8d5130ce96600bc7ec68538b4cd9
7b68a0f94a2376708329d7fabc0000c92eb45755267bde5dc8983184b77f3ec7
GET /js_opt/modules/utils/vuid.min.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 05 Dec 2022 19:16:15 GMT
age: 1475937
x-served-by: cache-iad-kiad7000106-IAD, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 30, 254518
x-timer: S1670267776.755860,VS0,VE0
vary: Accept-Encoding,x-http-method-override
content-length: 997
X-Firefox-Spdy: h2
i.vimeocdn.com/video/1444651325-045de81e51cc9ebfc0681afd6fab25c995a473dbbbf2ec02418cf3ac09fcb265-d?mw=600&mh=338
151.101.86.109200 OK 11 kB URL HTTP/2 i.vimeocdn.com/video/1444651325-045de81e51cc9ebfc0681afd6fab25c995a473dbbbf2ec02418cf3ac09fcb265-d?mw=600&mh=338
IP 151.101.86.109:0
File type ISO Media, AVIF Image\012- data
Hash 63aa78edef0c921472d4c0de2961883f
4f730785ada02634cfd3b3ba8b185dfb5dcb37f8
f576831946e828ebfdddaf6a05c00f763de279e8cbad3a8c1c525241b95fcbf8
GET /video/1444651325-045de81e51cc9ebfc0681afd6fab25c995a473dbbbf2ec02418cf3ac09fcb265-d?mw=600&mh=338 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 63aa78edef0c921472d4c0de2961883f
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-jtdn
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Mon, 05 Dec 2022 19:16:15 GMT
age: 2175330
x-served-by: cache-dfw-kdfw8210085-DFW, cache-bma1653-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 36, 1
x-timer: S1670267776.755842,VS0,VE1
vary: Accept
content-length: 11040
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/E4colUoO91Q
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/E4colUoO91Q
IP 142.250.74.131:0
Hash aa51b6b096f2a3fce9f91e4acc122484
2f47637464de28cf74161357dc414935987581b4
5fa5d22a54931061c1733b0242bbea9ce72a248ac50d5504460c1a6c86ebcf7e
POST /s/gts1d4/E4colUoO91Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 19:16:16 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.rudderlabs.com/v1/rudder-analytics.min.js
54.230.111.98200 OK 120 kB URL HTTP/2 cdn.rudderlabs.com/v1/rudder-analytics.min.js
IP 54.230.111.98:0
Size 120 kB (120006 bytes)
Hash 3f6702cc9045ff11c25326b5b6820751
e931a2a19ec960706e57db6d3a81bd8023a2c89b
815643e32461973f3ff2698882db391298937834f17a2946cc50a29f35e99172
GET /v1/rudder-analytics.min.js HTTP/1.1
Host: cdn.rudderlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.typeform.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 10:06:46 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 05 Dec 2022 18:19:43 GMT
cache-control: max-age=3600
etag: W/"bb99acbee60c31b2ae36ffe3c42970b8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U_GaFZPTciPfdlWb3HOMfWRzQfr8vIBFi3bGLE4uy6ZVCDkJBa3UUg==
age: 3416
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-test-impression?beacon=1
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-test-impression?beacon=1
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-test-impression?beacon=1 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 116
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Mon, 05 Dec 2022 19:16:16 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=b9d31f1039aac6e338c00c70ee008683dad86edb1670267774
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=b9d31f1039aac6e338c00c70ee008683dad86edb1670267774
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=b9d31f1039aac6e338c00c70ee008683dad86edb1670267774 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1464
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Mon, 05 Dec 2022 19:16:16 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
65.9.54.126200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 65.9.54.126:0
Hash d1342e949a96183a7d6f63a6ca216e2d
5cf7dc3a17485ffde00c22d26dc1392ccf4b7251
c60cb3c01f97600dc5b3fcb8d8e7942ccbabb4aa898ed6215613c5f71add0030
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=110784
Date: Mon, 05 Dec 2022 19:16:17 GMT
Etag: "638d400f-1d7"
Expires: Wed, 07 Dec 2022 02:02:41 GMT
Last-Modified: Mon, 05 Dec 2022 00:49:19 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 d42e11d52edd8bb7c6c82444d8414824.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
X-Amz-Cf-Id: 1wHuPh3qX5tXngjKixs3aKI99-mFi4L0QPQSilFfA2Yf_v6QKEua-g==
Age: 4402
ocsp.sca1b.amazontrust.com/
65.9.54.126200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 65.9.54.126:0
Hash d1342e949a96183a7d6f63a6ca216e2d
5cf7dc3a17485ffde00c22d26dc1392ccf4b7251
c60cb3c01f97600dc5b3fcb8d8e7942ccbabb4aa898ed6215613c5f71add0030
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111238
Date: Mon, 05 Dec 2022 19:16:17 GMT
Etag: "638d400f-1d7"
Expires: Wed, 07 Dec 2022 02:10:15 GMT
Last-Modified: Mon, 05 Dec 2022 00:49:19 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 6528f10684ec39317f94ed2a540d88b4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
X-Amz-Cf-Id: RKH8PMqyHygS9RMcTnKJULrhUNzb9t7M7bVY2Kjv7jlYS0E4qtAPeQ==
Age: 4856
rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/?p=cdn&v=1.21.0
34.233.157.77200 OK 2 B URL HTTP/2 rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/?p=cdn&v=1.21.0
IP 34.233.157.77:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /sourceConfig/?p=cdn&v=1.21.0 HTTP/1.1
Host: rudderstack-control-plane.cdp.prod.data.typeform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://form.typeform.com/to/xG6L3P0v?typeform-embed-id=26556457409103706&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next
Origin: https://form.typeform.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:16:17 GMT
content-type: text/plain; charset=utf-8
content-length: 2
server: uvicorn
vary: Origin
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-max-age: 600
access-control-allow-credentials: true
access-control-allow-origin: https://form.typeform.com
access-control-allow-headers: authorization
X-Firefox-Spdy: h2
rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/?p=cdn&v=1.21.0
34.233.157.77200 OK 610 B URL HTTP/2 rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/?p=cdn&v=1.21.0
IP 34.233.157.77:0
File type JSON data\012- , ASCII text, with very long lines (610), with no line terminators
Hash b472ddb84e71008d7e128aa58199352f
bb19a929d005eb384268d4e73cd994324ffc5db4
1e1bfbb50209ae8693353623fab7eeeef5ae1c0ca5d128a40c3be54099e59028
GET /sourceConfig/?p=cdn&v=1.21.0 HTTP/1.1
Host: rudderstack-control-plane.cdp.prod.data.typeform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://form.typeform.com/to/xG6L3P0v?typeform-embed-id=26556457409103706&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
Origin: https://form.typeform.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:16:17 GMT
content-type: application/json
content-length: 610
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
X-Firefox-Spdy: h2
rudderstack.cdp.prod.data.typeform.com/v1/track
52.202.83.32200 OK 0 B URL HTTP/2 rudderstack.cdp.prod.data.typeform.com/v1/track
IP 52.202.83.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/track HTTP/1.1
Host: rudderstack.cdp.prod.data.typeform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: anonymousid,authorization,content-type
Referer: https://form.typeform.com/to/xG6L3P0v?typeform-embed-id=26556457409103706&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next
Origin: https://form.typeform.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:16:17 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://form.typeform.com
access-control-max-age: 900
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2
rudderstack.cdp.prod.data.typeform.com/v1/track
52.202.83.32200 OK 2 B URL HTTP/2 rudderstack.cdp.prod.data.typeform.com/v1/track
IP 52.202.83.32:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /v1/track HTTP/1.1
Host: rudderstack.cdp.prod.data.typeform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://form.typeform.com/to/xG6L3P0v?typeform-embed-id=26556457409103706&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next
Content-Type: application/json
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
AnonymousId: NWNhOWYwMTQtYjFhZC00MDg5LWEwOGMtMTUzNjQyMWFmMWI4
Content-Length: 2500
Origin: https://form.typeform.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:16:17 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://form.typeform.com
vary: Origin
X-Firefox-Spdy: h2
rudderstack.cdp.prod.data.typeform.com/v1/track
52.202.83.32200 OK 2 B URL HTTP/2 rudderstack.cdp.prod.data.typeform.com/v1/track
IP 52.202.83.32:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /v1/track HTTP/1.1
Host: rudderstack.cdp.prod.data.typeform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://form.typeform.com/to/xG6L3P0v?typeform-embed-id=26556457409103706&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next
Content-Type: application/json
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
AnonymousId: NWNhOWYwMTQtYjFhZC00MDg5LWEwOGMtMTUzNjQyMWFmMWI4
Content-Length: 2151
Origin: https://form.typeform.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:16:18 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://form.typeform.com
vary: Origin
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/solid.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/solid.css
IP 172.64.133.15:0
GET /releases/v5.15.4/css/solid.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:16:14 GMT
content-type: text/css
x-amz-id-2: 1imibt+FuDJ8+9H2nClePZ7C37YhKy1QiuiNLJLx7b3C9FJ9IMLmewKN8OsIFRElubL1Rox42Kk=
x-amz-request-id: 021CHBA73W4NSPAZ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"685a6b10be9f3db25acf78c5e7ba7379"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 21401
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Ki4MouvRHUIiPqYDnIG7ZJs0%2FtIEt3m9nliTGPdXonX%2Fi45APPp0pfXW1DBUB6gxc3ltkjMhr0U03bgP4tpgLMFNh2jS%2FxZvTG5FzSJtByEkj%2Bjh5Ag%2FVu7nmyj3hk%2FIcBxHW0P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774f1d75fa4c23cb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.typeform.com/next/embed.js
54.192.99.91200 OK 0 B URL HTTP/2 embed.typeform.com/next/embed.js
IP 54.192.99.91:0
GET /next/embed.js HTTP/1.1
Host: embed.typeform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Fri, 02 Dec 2022 13:06:56 GMT
x-amz-version-id: 0B1Ax4co.mRx75hbQxjel6kcGe6rLEyE
server: AmazonS3
content-encoding: gzip
date: Mon, 05 Dec 2022 19:11:51 GMT
etag: W/"474bac3a6a65ed47ae02cc9123f10e42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a62f7ce6b39c676fcfdde0f9a6fcf08e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: yKBwDP07Z9g9LJtdGzfouq5QFhn4uFftUmKDVFTUQ89cbaf3wIe5bw==
age: 264
X-Firefox-Spdy: h2
form.typeform.com/to/xG6L3P0v?typeform-embed-id=26556457409103706&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next
104.18.22.9200 OK 0 B URL HTTP/2 form.typeform.com/to/xG6L3P0v?typeform-embed-id=26556457409103706&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next
IP 104.18.22.9:0
GET /to/xG6L3P0v?typeform-embed-id=26556457409103706&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next HTTP/1.1
Host: form.typeform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 19:16:15 GMT
content-type: text/html; charset=utf-8
x-powered-by: 7475-7.12.3
content-security-policy-report-only: report-uri https://typeformforms.report-uri.com/r/t/csp/reportOnly; default-src 'self' https: data: blob: chrome-extension: moz-extension: safari-extension:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' https:; worker-src 'self' blob:; manifest-src public-assets.typeform.com; form-action 'none'; frame-ancestors 'self' http://localhost:* capacitor: iconic: https:; base-uri 'self'; child-src wvjbscheme: https:; connect-src 'self' wss: https: chrome-extension: moz-extension: safari-extension:; style-src 'self' 'unsafe-inline' https:
vary: Accept-Encoding
x-envoy-upstream-service-time: 0
x-varnish: 54685904 57280245
age: 5
x-cache: HIT
x-cache-lookup: HIT
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
access-control-allow-headers: X-Typeform-Key, Content-Type, Authorization, Typeform-Version
access-control-expose-headers: Location, X-Request-Id
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
set-cookie: AWSALBTG=pD47fybrobywBgn8z0gCRmtbbFThI0in3o1reDK2qhv6PKWVa8/mxu3snmGcqK/L+bLpWCQEG6bd7rSpVG37Odwqko4UuS3aWLxz5DWgD9eE9oQcCIjA38XQ0VVTvBfwVIw+QEJJ1SA68ds7JGXNFmUjPvPagfObYyc4G8eA3VkR; Expires=Mon, 12 Dec 2022 19:16:15 GMT; Path=/
AWSALBTGCORS=pD47fybrobywBgn8z0gCRmtbbFThI0in3o1reDK2qhv6PKWVa8/mxu3snmGcqK/L+bLpWCQEG6bd7rSpVG37Odwqko4UuS3aWLxz5DWgD9eE9oQcCIjA38XQ0VVTvBfwVIw+QEJJ1SA68ds7JGXNFmUjPvPagfObYyc4G8eA3VkR; Expires=Mon, 12 Dec 2022 19:16:15 GMT; Path=/; SameSite=None; Secure
__cf_bm=c759l_7etp_LULQSFJpQfJmt_N_mFN.zvI5cTugmdHk-1670267775-0-AYohWxsl5B/TLHdqIyrnzVuS5zUn3zV2cDrnPU7jOmHagCYOZM4HpjtsZcdCRr3EzcYqO6VOseg7ZEE9FV1Tov8=; path=/; expires=Mon, 05-Dec-22 19:46:15 GMT; domain=.typeform.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdruYKVgfX%2FjVpiFfOfClRZVsV1Dyckd626aoUW5KfhT61CV3FsaqiDWuHhhrt9p9ARR00a6iKQKJn9P6RppxCAxYwXgGcwJcNT8OJiMst03o4dsKc5xYWQJpv7AdmIQTSre"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774f1d79b8fe0b41-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2