Report - go.m1.advisortohr.com/track/click/SlC9x_G0E5uQGsQGnu0U7pxJLjM/1/aHR0cHM6Ly9jbGF0aWQuaW8vd2ViaW5hci9pcnMtcmVsZWFzZXMtbmV3LTIwMjMtZm9ybXMtdy00LXctNHItYW5kLXB1YmxpY2F0aW9ucy0xNS1hbXAtMTUtdA==/?md5=58gu4QY

Report Overview

Submitted URL
go.m1.advisortohr.com/track/click/SlC9x_G0E5uQGsQGnu0U7pxJLjM/1/aHR0cHM6Ly9jbGF0aWQuaW8vd2ViaW5hci9pcnMtcmVsZWFzZXMtbmV3LTIwMjMtZm9ybXMtdy00LXctNHItYW5kLXB1YmxpY2F0aW9ucy0xNS1hbXAtMTUtdA==/?md5=58gu4QY_q1zYqp0gxHgloA
IP
96.44.175.237
ASN
#8100 ASN-QUADRANET-GLOBAL
Submitted
2023-02-20 22:42:19
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
4
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	377 B	78 kB	142.250.74.40
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-13T06:17:54Z	383 B	66 kB	151.101.129.229
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	1.7 kB	36 kB	142.250.74.106
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	2.4 kB	163 kB	216.58.207.227
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	835 B	349 B	157.240.200.35
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	952 B	440 B	216.239.32.36
clatid.io	unknown	2020-02-19T09:05:40Z	2023-03-13T10:56:27Z	663 B	811 B	188.114.96.1
cdn.quilljs.com	30496	2014-11-10T09:38:17Z	2023-03-12T23:49:08Z	379 B	486 B	216.24.57.3
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
go.m1.advisortohr.com	unknown	2022-07-14T22:42:47Z	2023-03-13T15:15:03Z	547 B	703 B	96.44.175.237
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.4 kB	2.8 kB	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.187.102.159
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	368 B	1.9 kB	104.18.20.226
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.4 kB	95.101.11.115
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	3.8 kB	10 kB	216.58.211.3
unpkg.com	11693	2016-01-08T00:26:01Z	2023-03-13T08:09:51Z	762 B	13 kB	104.16.123.175
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-13T05:09:29Z	367 B	29 kB	157.240.200.14
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	1.6 kB	172 kB	34.120.237.76
embed.tawk.to	8650	2014-03-19T22:03:49Z	2023-03-13T08:30:57Z	2.5 kB	128 kB	104.22.25.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-20 22:42:09	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-20 22:42:09	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-20 22:42:11	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-20 22:42:11	medium	Client IP	Internal IP	ET DNS Query for .to TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (28)

	URL	Size	First Seen	Last Seen
	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js	2.3 kB	2023-03-12	2023-11-18
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:42:52 Last Seen2023-11-18 22:03:39 Times Seen90 Hash de21d01e9f8b6cc35ea67267d0ba80ec 6cc42e299703a1a1fca03a97b268adf1fa830107 da3edd648fc579bc07c4b1b1bb3ba1e8258ae308049a311e5966464295eb0e51 Loading...

	clatid.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-26
Pretty URL clatid.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 02:42:02 Times Seen54993 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js	78 kB	2023-03-07	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-01-03 04:29:13 Times Seen8812 Hash 7dcb496e4882926f93f2e73fa87062c0 f84d8f772336f305bbbd882a1e5d48d9aa8bd16a 5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-4fe9d5dd.js	942 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-4fe9d5dd.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-03 21:40:45 Times Seen7224 Hash 5f434bdd806571a4e1b385bee9316ff6 ca69e13015a6b7769e4174179dc8befd4c543c43 fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867 Loading...

	clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_campaign=432&utm_content=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_medium=email&utm_source=newsletter&utm_term=campaign-432	130 B	2023-03-09	2024-01-04
Pretty URL clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_campaign=432&utm_content=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_medium=email&utm_source=newsletter&utm_term=campaign-432 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:09:59 Last Seen2024-01-04 18:27:04 Times Seen213 Hash c904369157c015caace09da9af84a1a1 59e62d9eac963de202d4d83be7369ef3d8a4cb69 ab24d7c5c8f133c94f7e6cfd5cfaccb5638846d7155da92f59ae05fd8c9258e7 Loading...

	www.googletagmanager.com/gtag/js?id=G-FG42PV0X3V	220 kB	2023-03-14	2023-03-14
Pretty URL www.googletagmanager.com/gtag/js?id=G-FG42PV0X3V IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 06:06:41 Last Seen2023-03-14 06:06:41 Times Seen1 Hash eedcee588e3503eaefd196eeaa34e918 80f2e91c74a969c415c924aaa50cb0253e20cd37 a2396290162d6b7e3372691eb02f4ef82f5a357b3097e1376c63bbc5c5596845 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js	151 B	2023-03-07	2024-04-26
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-04-26 01:36:27 Times Seen46607 Hash e736e189edb5d0d9d5b8e7f23dd9114a bcabee193f13756fa9154fc492fe420c47140343 13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd Loading...

	clatid.io/assets/js/tabs.js	775 B	2023-03-09	2024-02-16
Pretty URL clatid.io/assets/js/tabs.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:09:59 Last Seen2024-02-16 16:11:33 Times Seen464 Hash 1c8c8adce8b55bf5871417329e1d2b4e b5744f28ad9dd7eb777839f17e7b6a2efa92a21a 5f4c084ac3822d17ec093138525213aa4d277d323d8cc5ca99e28c5c837660ab Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2c78ba82.js	7.1 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2c78ba82.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:09 Last Seen2023-12-01 20:53:29 Times Seen7234 Hash fac25ff2d2c405e1ac7e156dca1f819c 9e7c83d4eefe4f64b4f1c43d15f21b248697a125 97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0 Loading...

	clatid.io/assets/js/main.js	11 kB	2023-03-09	2024-01-04
Pretty URL clatid.io/assets/js/main.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:09:59 Last Seen2024-01-04 18:27:04 Times Seen403 Hash 8b09d9f02d2926ed8124110cb08c5602 63557c1f01737423bac1621b33f5f68aadc14294 fc4f3003926309a56f5fcbd0d7c941027493e4e77af12678b17b7c30afecab50 Loading...

	clatid.io/assets/js/mobile-menu.js	1.1 kB	2023-03-09	2024-02-16
Pretty URL clatid.io/assets/js/mobile-menu.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:09:59 Last Seen2024-02-16 16:11:33 Times Seen466 Hash 7eb35ff41b520abef4530583d069b6a5 5af68dbb2e4ff0f8f6b348bc40f6ffdd37dab6ef de51ff4cdc7495a1ab3e915ee3e8729995dec77a3af03aa9f7dcf72f33ba4c12 Loading...

	connect.facebook.net/signals/config/176102314131786?v=2.9.96&r=stable	386 kB	2023-03-13	2023-04-20
Pretty URL connect.facebook.net/signals/config/176102314131786?v=2.9.96&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:57:07 Last Seen2023-04-20 22:18:33 Times Seen40 Hash d4e335edbb5f437adb8985cd2acab0b1 0e299bb766588f88973d0ff0bd4c8c8dceaed967 ec3845448b0f50a7688cccf4fc96babab936d6778223e911fb6eb46220ff5735 Loading...

	embed.tawk.to/5fb6212e920fc91564c878d5/default	2.1 kB	2023-03-12	2023-03-25
Pretty URL embed.tawk.to/5fb6212e920fc91564c878d5/default IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:29:36 Last Seen2023-03-25 22:34:58 Times Seen3 Hash ea748e85b2d4a89f92772fce27f75849 1b31040bac374a793a267aef8854f6cc1e32d9d0 a395d84b41b17365cceea9e375b5a8d356627db5d71cd79ebaa55db2d0e7d72a Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js	211 kB	2023-03-08	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:02:52 Last Seen2024-01-03 04:29:13 Times Seen92 Hash 70dac54eca3bb2143032bc4db3237623 b072b86acccf5e05a52ebfbff58ec2961b200063 299a4f2bad31c68a87c725376227e4e71d3fa3be5ac21776509b6a526bfd603b Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/languages/en.js	17 kB	2023-03-07	2024-02-05
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/languages/en.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:47 Last Seen2024-02-05 02:14:35 Times Seen39084 Hash 585ba00b2c167b90c210161454f843b5 89ee8372cc6d5eb307cf5840b70d8f3dab3c57f2 e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-696bc286.js	17 kB	2023-03-12	2023-03-26
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-696bc286.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:42:52 Last Seen2023-03-26 05:57:29 Times Seen71 Hash 2aa8e4d8fcf9760a324a8b2e7902f6ca c7ddf3bed7920c5970f812b9e4771dd238ad688b e3bbf1d795232665eceff33610ed6876b9d83db71364782c2d9bbe26a1753ae9 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-32507910.js	74 kB	2023-03-12	2023-03-26
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-32507910.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:42:52 Last Seen2023-03-26 05:57:29 Times Seen69 Hash b931365947ecaea657544f82994716af a1104369fe02f29d54aee7a1c429998e8bb2a6ae d5545096f7c7a5c5b9e151ed1127b929098806899b9f910e547f3cbcbbbdcfc7 Loading...

	clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_campaign=432&utm_content=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_medium=email&utm_source=newsletter&utm_term=campaign-432	444 B	2023-03-09	2024-01-04
Pretty URL clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_campaign=432&utm_content=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_medium=email&utm_source=newsletter&utm_term=campaign-432 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:09:59 Last Seen2024-01-04 18:27:04 Times Seen213 Hash 01258ae5f79f5dcce31f69917dfed7dd 0205e6e39442e9e5b16e78d1de06b6cfb6c0181f f81b1372d9c184fb58e80b5f453667a309324c22ede4b1be3062ef25194cb0ea Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2d0b9454.js	546 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2d0b9454.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2023-12-03 21:40:45 Times Seen7208 Hash 09c3819d373bd4178a620d721429fada fc407211bc5ed4384dc85e981c5947f727254bd9 48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c Loading...

	clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_campaign=432&utm_content=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_medium=email&utm_source=newsletter&utm_term=campaign-432	161 B	2023-03-09	2024-01-04
Pretty URL clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_campaign=432&utm_content=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_medium=email&utm_source=newsletter&utm_term=campaign-432 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:09:59 Last Seen2024-01-04 18:27:04 Times Seen213 Hash e6a962ba8067999f575b9cd4ecdbe69a 2505272224e7a954eac72aa64cfdc8feb1d8fadb a58c7ea33eade156c7dbaab987f870cb1c22fe2d0590711f85f35555e2c85ceb Loading...

	clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_campaign=432&utm_content=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_medium=email&utm_source=newsletter&utm_term=campaign-432	900 B	2023-03-12	2023-03-26
Pretty URL clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_campaign=432&utm_content=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_medium=email&utm_source=newsletter&utm_term=campaign-432 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:29:36 Last Seen2023-03-26 14:40:24 Times Seen2 Hash de80a5a1c6270ab457fee75ad5584638 135f2759586faac7586f2348e746de3608799221 477e66968bfe02bf8577bd4a96462173e06cd3ab06320f3adbc9d95b371aa067 Loading...

	connect.facebook.net/en_US/fbevents.js	109 kB	2023-03-14	2023-10-19
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 00:30:04 Last Seen2023-10-19 02:58:15 Times Seen11 Hash 467eb094cd171743fc97afdaa813ee31 e3c70cc60cc406293f2eefbadeebc1791942632f dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js	121 B	2023-03-07	2024-04-26
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-26 01:36:27 Times Seen45925 Hash da5bb1dc647470204df0e49f5afac2de f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8 705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-48f46bef.js	16 kB	2023-03-12	2023-03-26
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-48f46bef.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:42:52 Last Seen2023-03-26 05:57:29 Times Seen71 Hash d9f3d1c4504d77c3e7c2e3e2f126fd9b 42baf889b87715cca0f7de5211de4e5d4164b89a 87e512de8c063410a12ffdd7c34124de2dade5a644ed49bb66213ca3e26dde4b Loading...

	clatid.io/assets/js/aos.js	14 kB	2023-03-07	2024-04-25
Pretty URL clatid.io/assets/js/aos.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:30 Last Seen2024-04-25 23:26:46 Times Seen1704 Hash aa20b6e0418d20fb86b071e670b2b207 e38950c1bce65e9f048e305b3567ff90a0c923e3 dd1f9acf13b12f189da475e0f23c7c505767859ab620aac636964974093c281d Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f163fcd0.js	11 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f163fcd0.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-01 20:53:29 Times Seen11867 Hash a92075fd9ac5ba130387a80453676099 4b5b13cf9479b8311d574356e53f8da74200c57a 544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js	196 kB	2023-03-12	2023-11-18
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:42:52 Last Seen2023-11-18 22:03:40 Times Seen90 Hash 385105148a50079bafff97e9c9476109 558ea15aa711b8f2501237fa286ec104db90fbf2 e76be61057b7d805440ba2693d2c357f9a828fa8bda74170b9ac70b58af626d7 Loading...

	clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_campaign=432&utm_content=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_medium=email&utm_source=newsletter&utm_term=campaign-432	392 B	2023-03-09	2024-01-04
Pretty URL clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_campaign=432&utm_content=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_medium=email&utm_source=newsletter&utm_term=campaign-432 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:09:59 Last Seen2024-01-04 18:27:04 Times Seen213 Hash 0c038e946467b187f4d6dad3dbead365 47046fd17c1bb6bebd4684881a337e9f106a4612 6737c6183f6a9ef72fb66616290f95e5678116f6eb2f93180e5a66ff3da141ea Loading...

HTTP Transactions (57)

	URL	IP	Response	Size
	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 378d97dfed95fd35bca9d8699e56151a 46f96f400be9e5208ccbad84540a7855c9994bef b86917bafe1d5d6f762dbbe5af0b906ce61e505539b5fe2a1e49b09d500a90c6 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "B86917BAFE1D5D6F762DBBE5AF0B906CE61E505539B5FE2A1E49B09D500A90C6" Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10100 Expires: Tue, 21 Feb 2023 01:30:28 GMT Date: Mon, 20 Feb 2023 22:42:08 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 97d7dde89cca188d19690d7bf759d034 7ec36525c8b5e8e278f0c5f26da3316687d89041 f8b500f9b1e8188807aab20f8e2540b5b2e888b13ff5f6f6211bbc28056f23e8 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "F8B500F9B1E8188807AAB20F8E2540B5B2E888B13FF5F6F6211BBC28056F23E8" Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3985 Expires: Mon, 20 Feb 2023 23:48:33 GMT Date: Mon, 20 Feb 2023 22:42:08 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash b44c4b5daa307a355e7bab1c83c1ca82 dbd14cd873f1dd4502f277b3f51cb7bc8da0c080 fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Mon, 20 Feb 2023 21:53:37 GMT content-type: application/json age: 2911 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 48b5fafb12e15fbede4669b549518d50 ee82e527d3c45ebbc1865cd56b93e1be5ac933db 94036245b7831c01d3112f661bd909369c9b3af89ab37be7fb07f2254a7df7d5 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "94036245B7831C01D3112F661BD909369C9B3AF89AB37BE7FB07F2254A7DF7D5" Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5849 Expires: Tue, 21 Feb 2023 00:19:37 GMT Date: Mon, 20 Feb 2023 22:42:08 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e76071a28ee566dababb3834f46d68ed aebb4e68c1ba2de0f90025283e8ed8470944fde0 78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: F8FzkL1EXHZ1k/5/aBXGUs+6PWLmbqRicYdHnz09d4w03SEZHI/QiRgqXlLxAYzuza5NQKByIts= x-amz-request-id: PT0Q2FWM140A829Z x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 via: 1.1 google date: Mon, 20 Feb 2023 21:52:27 GMT age: 2981 last-modified: Sun, 29 Jan 2023 18:44:47 GMT etag: "e76071a28ee566dababb3834f46d68ed" content-type: binary/octet-stream content-length: 5348 cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	go.m1.advisortohr.com/track/click/SlC9x_G0E5uQGsQGnu0U7pxJLjM/1/aHR0cHM6Ly9jbGF0aWQuaW8vd2ViaW5hci9pcnMtcmVsZWFzZXMtbmV3LTIwMjMtZm9ybXMtdy00LXctNHItYW5kLXB1YmxpY2F0aW9ucy0xNS1hbXAtMTUtdA==/?md5=58gu4QY_q1zYqp0gxHgloA	96.44.175.237	302 Found	285 B
URL HTTP/1.1 go.m1.advisortohr.com/track/click/SlC9x_G0E5uQGsQGnu0U7pxJLjM/1/aHR0cHM6Ly9jbGF0aWQuaW8vd2ViaW5hci9pcnMtcmVsZWFzZXMtbmV3LTIwMjMtZm9ybXMtdy00LXctNHItYW5kLXB1YmxpY2F0aW9ucy0xNS1hbXAtMTUtdA==/?md5=58gu4QY_q1zYqp0gxHgloA IP 96.44.175.237:0 ASN #8100 ASN-QUADRANET-GLOBAL File type HTML document, ASCII text Size 285 B (285 bytes) Hash 6419d8f8c278bff78290b59ebccc4069 49e212e6a80b0d98d149ba6ab1921b28cf52f951 988d7b30f6b116a2ce17c5290a1c9f10f307b449e6396649ae93f65dbf3e0689 HTTP Headers GET /track/click/SlC9x_G0E5uQGsQGnu0U7pxJLjM/1/aHR0cHM6Ly9jbGF0aWQuaW8vd2ViaW5hci9pcnMtcmVsZWFzZXMtbmV3LTIwMjMtZm9ybXMtdy00LXctNHItYW5kLXB1YmxpY2F0aW9ucy0xNS1hbXAtMTUtdA==/?md5=58gu4QY_q1zYqp0gxHgloA HTTP/1.1 Host: go.m1.advisortohr.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1 `HTTP/1.1 302 Found Server: nginx/1.18.0 Date: Mon, 20 Feb 2023 22:42:08 GMT Content-Type: text/html; charset=utf-8 Content-Length: 285 Connection: keep-alive location: https://clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_campaign=432&utm_content=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_medium=email&utm_source=newsletter&utm_term=campaign-432`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Mon, 20 Feb 2023 22:42:08 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	ocsp.digicert.com/	93.184.220.29	200 OK	278 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 278 B (278 bytes) Hash 6d06914bcb6130b6c307781d33f4c3a3 a952cabd0af85cde50fcbbd40fc419bdf08b0b0e bba23928229df33c60910d3720dd95e8637609820d8c856c92d30a4fe372e4e8 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: max-age=161703 Content-Type: application/ocsp-response Date: Mon, 20 Feb 2023 22:42:08 GMT Etag: "63f3cbe7-116" Expires: Wed, 22 Feb 2023 19:37:11 GMT Last-Modified: Mon, 20 Feb 2023 19:37:11 GMT Server: nginx Content-Length: 278`

	ocsp.digicert.com/	93.184.220.29	200 OK	278 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 278 B (278 bytes) Hash 6d06914bcb6130b6c307781d33f4c3a3 a952cabd0af85cde50fcbbd40fc419bdf08b0b0e bba23928229df33c60910d3720dd95e8637609820d8c856c92d30a4fe372e4e8 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 1 Cache-Control: max-age=161703 Content-Type: application/ocsp-response Date: Mon, 20 Feb 2023 22:42:09 GMT Etag: "63f3cbe7-116" Expires: Wed, 22 Feb 2023 19:37:12 GMT Last-Modified: Mon, 20 Feb 2023 19:37:11 GMT Server: ECS (ska/F70E) X-Cache: HIT Content-Length: 278`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 407d753a19cf29f7e27cbabf2541ca22 fe7158003086e2aeef7a0260d3d3ec1146c75279 01c56979cebd97e7d0f83354f75f2772a502d6e41d1e49852d37bb997b23afd0 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 20 Feb 2023 22:42:09 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	95.101.11.115	200 OK	826 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 826 B (826 bytes) Hash 94b84a37f780f2130ef911ac7b1950cd dd701f86b814c764363e5aeb09fee104f04b6eeb cd597371a147f44077c58f64f6ae66996fdb884b5afbbc4a8b476b897ae84497 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "95FBDA97FA8888818F8105D6EBEBAEE20F4C1891D6B082FD504C2EC94F4D2E91" Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8528 Expires: Tue, 21 Feb 2023 01:04:17 GMT Date: Mon, 20 Feb 2023 22:42:09 GMT Connection: keep-alive`

	www.googletagmanager.com/gtag/js?id=G-FG42PV0X3V	142.250.74.40	200 OK	77 kB
URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-FG42PV0X3V IP 142.250.74.40:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (19467) Size 77 kB (77338 bytes) Hash ab03b09362a74c074a42ef91c973722e 2cf14b45ef648e9b7b84f2e6e060b9572bc08dcd 0f6ac040aa04569a1cf62ab4f54e7c16bd5fc7d8f6003da8bd557e980f2f0a2f HTTP Headers `GET /gtag/js?id=G-FG42PV0X3V HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Mon, 20 Feb 2023 22:42:09 GMT expires: Mon, 20 Feb 2023 22:42:09 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 77338 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 791e968cee662a01bec431c498be07a0 5c71afdd7015734d07be2df1ad79e28ef1646ae2 6ccf96b85392ec77423ec2f2b756909a0de6480867502680d35036e95964b712 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 20 Feb 2023 22:42:09 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 93cef9f2eb211432473c352a470795d4 4b33962b10cd73cabd05b5faa46a97e97ee57b48 95fbda97fa8888818f8105d6ebebaee20f4c1891d6b082fd504c2ec94f4d2e91 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "95FBDA97FA8888818F8105D6EBEBAEE20F4C1891D6B082FD504C2EC94F4D2E91" Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8528 Expires: Tue, 21 Feb 2023 01:04:17 GMT Date: Mon, 20 Feb 2023 22:42:09 GMT Connection: keep-alive`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 791e968cee662a01bec431c498be07a0 5c71afdd7015734d07be2df1ad79e28ef1646ae2 6ccf96b85392ec77423ec2f2b756909a0de6480867502680d35036e95964b712 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 20 Feb 2023 22:42:09 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 791e968cee662a01bec431c498be07a0 5c71afdd7015734d07be2df1ad79e28ef1646ae2 6ccf96b85392ec77423ec2f2b756909a0de6480867502680d35036e95964b712 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 20 Feb 2023 22:42:09 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	2.7 kB
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 2.7 kB (2710 bytes) Hash 95c30fe8c0584d4c0036d6f86ee07212 88332f7e95f5ad3fc3c593c2030634f216414bd2 56b69c50da2df9b910845aa08104770a7293da5c13c554f8aa2520d7ed14695e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 20 Feb 2023 22:42:09 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	849 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 849 B (849 bytes) Hash 9270a656bc87a3dfb59149b611d6e694 04d160327076f4b4ee9fb2988d853d56c0dbe8eb 3cb519e6c47f79d6be161466a321a5aa78dcc52f6ae940b6e60b2c5e4fd0b295 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 20 Feb 2023 22:42:09 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 94d194d4728ee415fb180610c25cb8cb 9b6a935fd24c43f427d6377d2d278592dcbcb372 cada2d0987669f945549c8f526568c04c4e0a3b662fb2c3efd30efe3a40e2577 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "CADA2D0987669F945549C8F526568C04C4E0A3B662FB2C3EFD30EFE3A40E2577" Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4937 Expires: Tue, 21 Feb 2023 00:04:26 GMT Date: Mon, 20 Feb 2023 22:42:09 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Last-Modified, Alert, Backoff, Content-Type, Pragma, Expires, Cache-Control, Retry-After, ETag content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Mon, 20 Feb 2023 21:51:26 GMT age: 3043 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	fonts.googleapis.com/css2?family=Rubik:wght@400;500;700;900&family=Ubuntu:wght@400;500;700&display=swap	142.250.74.106	200 OK	1.6 kB
URL HTTP/2 fonts.googleapis.com/css2?family=Rubik:wght@400;500;700;900&family=Ubuntu:wght@400;500;700&display=swap IP 142.250.74.106:0 ASN #15169 GOOGLE File type data Size 1.6 kB (1558 bytes) Hash c83cdcf712eeb29fc2b54fbaa386a51b 975d7e5fb68f074d1c06bd491d4f630d9c241900 c816366b0d6ec5b2fedb218fcb27c09714c7f517fd71c218fde2cc97147c87b0 HTTP Headers `GET /css2?family=Rubik:wght@400;500;700;900&family=Ubuntu:wght@400;500;700&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Mon, 20 Feb 2023 22:42:09 GMT date: Mon, 20 Feb 2023 22:42:09 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash eb6812b24009877ada00df19070fefe5 4968938416cd623d3bb66bfe9f9eae61d85e033e 7c35cb57ce31c8bbccb9d0e234e637266398316ca114f69bbe6e2c306b5e0cd0 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 20 Feb 2023 22:42:09 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash eb6812b24009877ada00df19070fefe5 4968938416cd623d3bb66bfe9f9eae61d85e033e 7c35cb57ce31c8bbccb9d0e234e637266398316ca114f69bbe6e2c306b5e0cd0 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 20 Feb 2023 22:42:09 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash eb6812b24009877ada00df19070fefe5 4968938416cd623d3bb66bfe9f9eae61d85e033e 7c35cb57ce31c8bbccb9d0e234e637266398316ca114f69bbe6e2c306b5e0cd0 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 20 Feb 2023 22:42:09 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash eb6812b24009877ada00df19070fefe5 4968938416cd623d3bb66bfe9f9eae61d85e033e 7c35cb57ce31c8bbccb9d0e234e637266398316ca114f69bbe6e2c306b5e0cd0 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 20 Feb 2023 22:42:09 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,600,700	142.250.74.106	200 OK	32 kB
URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,600,700 IP 142.250.74.106:0 ASN #15169 GOOGLE File type data Size 32 kB (31620 bytes) Hash cfc500a8f426605ea2465b72f25644b2 bc8e00505030bfb2b28d4643fed3ed9b0061c40c 09b28d78ef79002ae32742c185b41ba09cb327f2fa16919331acec39f3aacd9d HTTP Headers `GET /css?family=Montserrat:300,300i,400,400i,500,600,700 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Mon, 20 Feb 2023 22:42:09 GMT date: Mon, 20 Feb 2023 22:42:09 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2	216.58.207.227	200 OK	55 kB
URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type data Size 55 kB (54852 bytes) Hash b83d264b3baad20828848a655489c1bb 68aa7e660dce528951829dfb01aa45d2cac962cc 970f2d13a17ed2fcb1bc0f777d722970caf8db8348ad901a0c31139b1f6cbedf HTTP Headers `GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://clatid.io Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 7816 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 14 Feb 2023 02:42:37 GMT expires: Wed, 14 Feb 2024 02:42:37 GMT cache-control: public, max-age=31536000 age: 590372 last-modified: Wed, 27 Apr 2022 16:11:40 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2	216.58.207.227	200 OK	30 kB
URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 30480, version 1.0\012- data Size 30 kB (30480 bytes) Hash 0e7e5f9d3a8ef121149827180b790b5c 0e9f9333078e5df9245630ff6f68ba1d9da3c403 e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c HTTP Headers `GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://clatid.io Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 30480 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 15 Feb 2023 12:57:43 GMT expires: Thu, 15 Feb 2024 12:57:43 GMT cache-control: public, max-age=31536000 last-modified: Wed, 27 Apr 2022 16:04:03 GMT content-type: font/woff2 age: 467066 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2	216.58.207.227	200 OK	34 kB
URL HTTP/2 fonts.gstatic.com/s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 34112, version 1.0\012- data Size 34 kB (34112 bytes) Hash c21e7acd53a6d80fa451f1af92d9a492 4096e12b96fa2549e4f169044a49b6ec60214008 6a0d96c353719068401ebbedf7f58e3be1232756327243922b6ab9690a3591bd HTTP Headers `GET /s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://clatid.io Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 34112 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 16 Feb 2023 17:30:28 GMT expires: Fri, 16 Feb 2024 17:30:28 GMT cache-control: public, max-age=31536000 last-modified: Wed, 07 Dec 2022 18:11:50 GMT content-type: font/woff2 age: 364301 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2	216.58.207.227	200 OK	32 kB
URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data Size 32 kB (31760 bytes) Hash fda4d0b623999af43148ba34c3b1ff73 ca5496af89720cc3e94e6279132f252b7cd471a6 33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38 HTTP Headers `GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://clatid.io Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 31760 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 18 Feb 2023 10:20:31 GMT expires: Sun, 18 Feb 2024 10:20:31 GMT cache-control: public, max-age=31536000 age: 217298 last-modified: Mon, 11 Jul 2022 18:54:16 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2	216.58.207.227	200 OK	7.9 kB
URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data Size 7.9 kB (7884 bytes) Hash 9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f HTTP Headers `GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://clatid.io Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 7884 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 20 Feb 2023 04:05:31 GMT expires: Tue, 20 Feb 2024 04:05:31 GMT cache-control: public, max-age=31536000 age: 66998 last-modified: Wed, 27 Apr 2022 17:03:52 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	unpkg.com/swiper@6.2.0/swiper-bundle.min.css	104.16.123.175	200 OK	12 kB
URL HTTP/2 unpkg.com/swiper@6.2.0/swiper-bundle.min.css IP 104.16.123.175:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (13425) Size 12 kB (12030 bytes) Hash 8b176ff438273ff46a716c7ff5eefbb3 59a101f5f8543951d4310ef9c84171caed525d00 28c4be5a6aebb466069e8a6878deb620937ccd4ad8c6e95c2ae57414a5f79f57 HTTP Headers `GET /swiper@6.2.0/swiper-bundle.min.css HTTP/1.1 Host: unpkg.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 20 Feb 2023 22:42:09 GMT content-type: text/css; charset=utf-8 access-control-allow-origin: * cache-control: public, max-age=31536000 last-modified: Sat, 26 Oct 1985 08:15:00 GMT etag: W/"3571-KdIeCc9LyEtELLuICwCrVgE4iKk" via: 1.1 fly.io fly-request-id: 01G0WJWY1H04DM2V5ET2SE8E2Q-fra cf-cache-status: HIT age: 26706165 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 79cac0f74ddfb4eb-OSL content-encoding: br X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash eb6812b24009877ada00df19070fefe5 4968938416cd623d3bb66bfe9f9eae61d85e033e 7c35cb57ce31c8bbccb9d0e234e637266398316ca114f69bbe6e2c306b5e0cd0 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 20 Feb 2023 22:42:09 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash b510c08b72e922bbb9b68c74ca9c44b5 85950fbdb09c57b3531f401c3dc72b5a27f8d552 5abeebb812ed9b46fc3ac98fb948b151fa922c8f2a4ac99a60e6b561cbfaa586 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 4364 Cache-Control: max-age=157752 Content-Type: application/ocsp-response Date: Mon, 20 Feb 2023 22:42:09 GMT Etag: "63f3ab6d-1d7" Expires: Wed, 22 Feb 2023 18:31:21 GMT Last-Modified: Mon, 20 Feb 2023 17:18:37 GMT Server: ECS (ska/F70E) X-Cache: HIT Content-Length: 471`

	connect.facebook.net/en_US/fbevents.js	157.240.200.14	200 OK	28 kB
URL HTTP/2 connect.facebook.net/en_US/fbevents.js IP 157.240.200.14:0 ASN #32934 FACEBOOK File type ASCII text, with very long lines (64348) Size 28 kB (27843 bytes) Hash be5a1814429d0a129322abda3791987f 9e0eeee65e17a9c6df149ed1f01d3d7194833fd8 75afa897dd6f4b97b0697589569c7c4f87e32b79addf981febc78a4ff741210e HTTP Headers `GET /en_US/fbevents.js HTTP/1.1 Host: connect.facebook.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK vary: Accept-Encoding content-encoding: gzip content-type: application/x-javascript; charset=utf-8 report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report" cross-origin-opener-policy: same-origin-allow-popups pragma: public cache-control: public, max-age=1200 expires: Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options: nosniff x-xss-protection: 0 x-frame-options: DENY strict-transport-security: max-age=31536000; preload; includeSubDomains x-fb-debug: ExPlkrn1LfBOgcx9vZjvslgyv8oesNrtApmlWcpxTI1ZCihu9K8D7mfQGYzqF8ttetNjpVHe1G1tvQBROBxbWA== content-length: 27843 x-fb-trip-id: 1679558926 date: Mon, 20 Feb 2023 22:42:09 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash b510c08b72e922bbb9b68c74ca9c44b5 85950fbdb09c57b3531f401c3dc72b5a27f8d552 5abeebb812ed9b46fc3ac98fb948b151fa922c8f2a4ac99a60e6b561cbfaa586 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 4364 Cache-Control: max-age=157752 Content-Type: application/ocsp-response Date: Mon, 20 Feb 2023 22:42:09 GMT Etag: "63f3ab6d-1d7" Expires: Wed, 22 Feb 2023 18:31:21 GMT Last-Modified: Mon, 20 Feb 2023 17:18:37 GMT Server: ECS (ska/F70E) X-Cache: HIT Content-Length: 471`

	push.services.mozilla.com/	54.187.102.159	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 54.187.102.159:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: Ss5k9BuAhFmVqfjg/mS/rw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: iwgdmREIU1pgm8cRQ3jpbU+BtPE=`

	www.facebook.com/tr/?id=176102314131786&ev=PageView&dl=https%3A%2F%2Fclatid.io%2Fwebinar%2Firs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t%3Fslid%3DSlC9x_G0E5uQGsQGnu0U7pxJLjM%26utm_campaign%3D432%26utm_content%3DSlC9x_G0E5uQGsQGnu0U7pxJLjM%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dcampaign-432&rl=&if=false&ts=1676932930361&sw=1280&sh=1024&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676932930359.466824509&it=1676932930037&coo=false&rqm=GET	157.240.200.35	200 OK	0 B
URL HTTP/2 www.facebook.com/tr/?id=176102314131786&ev=PageView&dl=https%3A%2F%2Fclatid.io%2Fwebinar%2Firs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t%3Fslid%3DSlC9x_G0E5uQGsQGnu0U7pxJLjM%26utm_campaign%3D432%26utm_content%3DSlC9x_G0E5uQGsQGnu0U7pxJLjM%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dcampaign-432&rl=&if=false&ts=1676932930361&sw=1280&sh=1024&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676932930359.466824509&it=1676932930037&coo=false&rqm=GET IP 157.240.200.35:0 ASN #32934 FACEBOOK File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tr/?id=176102314131786&ev=PageView&dl=https%3A%2F%2Fclatid.io%2Fwebinar%2Firs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t%3Fslid%3DSlC9x_G0E5uQGsQGnu0U7pxJLjM%26utm_campaign%3D432%26utm_content%3DSlC9x_G0E5uQGsQGnu0U7pxJLjM%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dcampaign-432&rl=&if=false&ts=1676932930361&sw=1280&sh=1024&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676932930359.466824509&it=1676932930037&coo=false&rqm=GET HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site `HTTP/2 200 OK content-type: text/plain access-control-allow-origin: access-control-allow-credentials: true strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin content-length: 0 server: proxygen-bolt alt-svc: h3=":443"; ma=86400 date: Mon, 20 Feb 2023 22:42:10 GMT X-Firefox-Spdy: h2`

	region1.google-analytics.com/g/collect?v=2&tid=G-FG42PV0X3V&gtm=45je32f0&_p=976249184&cid=1690469353.1676932930&ul=en-us&sr=1280x1024&_s=1&sid=1676932929&sct=1&seg=0&dl=https%3A%2F%2Fclatid.io%2Fwebinar%2Firs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t%3Fslid%3DSlC9x_G0E5uQGsQGnu0U7pxJLjM%26utm_campaign%3D432%26utm_content%3DSlC9x_G0E5uQGsQGnu0U7pxJLjM%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dcampaign-432&dt=IRS%20Releases%20New%202023%20Forms%20W-4%2C%20W-4R%20And%20Publications%2015%20%26%2015-T&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1	216.239.32.36	204 No Content	0 B
URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-FG42PV0X3V&gtm=45je32f0&_p=976249184&cid=1690469353.1676932930&ul=en-us&sr=1280x1024&_s=1&sid=1676932929&sct=1&seg=0&dl=https%3A%2F%2Fclatid.io%2Fwebinar%2Firs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t%3Fslid%3DSlC9x_G0E5uQGsQGnu0U7pxJLjM%26utm_campaign%3D432%26utm_content%3DSlC9x_G0E5uQGsQGnu0U7pxJLjM%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dcampaign-432&dt=IRS%20Releases%20New%202023%20Forms%20W-4%2C%20W-4R%20And%20Publications%2015%20%26%2015-T&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 IP 216.239.32.36:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /g/collect?v=2&tid=G-FG42PV0X3V&gtm=45je32f0&_p=976249184&cid=1690469353.1676932930&ul=en-us&sr=1280x1024&_s=1&sid=1676932929&sct=1&seg=0&dl=https%3A%2F%2Fclatid.io%2Fwebinar%2Firs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t%3Fslid%3DSlC9x_G0E5uQGsQGnu0U7pxJLjM%26utm_campaign%3D432%26utm_content%3DSlC9x_G0E5uQGsQGnu0U7pxJLjM%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dcampaign-432&dt=IRS%20Releases%20New%202023%20Forms%20W-4%2C%20W-4R%20And%20Publications%2015%20%26%2015-T&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 Host: region1.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://clatid.io Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 `HTTP/2 204 No Content access-control-allow-origin: https://clatid.io date: Mon, 20 Feb 2023 22:42:10 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 3cb7960c629af2d4a5325cec8696f40b eb04e882f528f56fc09206f741d490a4b091a6dd df3a27c510b477ae3411c0c178fb36d8291503db40f64d22a3fa18061c0ec2b0 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DF3A27C510B477AE3411C0C178FB36D8291503DB40F64D22A3FA18061C0EC2B0" Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2444 Expires: Mon, 20 Feb 2023 23:22:55 GMT Date: Mon, 20 Feb 2023 22:42:11 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 3cb7960c629af2d4a5325cec8696f40b eb04e882f528f56fc09206f741d490a4b091a6dd df3a27c510b477ae3411c0c178fb36d8291503db40f64d22a3fa18061c0ec2b0 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DF3A27C510B477AE3411C0C178FB36D8291503DB40F64D22A3FA18061C0EC2B0" Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2444 Expires: Mon, 20 Feb 2023 23:22:55 GMT Date: Mon, 20 Feb 2023 22:42:11 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab351cbb-a2e7-4cfc-98c1-27b050c4a953.jpeg	34.120.237.76	200 OK	5.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab351cbb-a2e7-4cfc-98c1-27b050c4a953.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.9 kB (5892 bytes) Hash 95fbadd2b80d0475dfdab31719d3d287 1d07fbe47cad3030280bf032685987ac5bdf020d fea40980c06d9598417d890087a43d675fba5b241b7c5657f69ad11ab9139ba5 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab351cbb-a2e7-4cfc-98c1-27b050c4a953.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5892 x-amzn-requestid: 05cb8c26-2885-4ef2-a72d-08da53420531 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: AhfZRFjnIAMFaIQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63f07907-62c57cb50dad629c103a6a2b;Sampled=0 x-amzn-remapped-date: Sat, 18 Feb 2023 07:06:47 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 3uIyEK55ISeEr64Dvuc2T32_rOFF27oM0WXnvTfIODeN43S_gL2_hA== via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google date: Mon, 20 Feb 2023 07:32:10 GMT age: 54601 etag: "1d07fbe47cad3030280bf032685987ac5bdf020d" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp	34.120.237.76	200 OK	117 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp IP 34.120.237.76:0 ASN #15169 GOOGLE File type gzip compressed data, from Unix\012- data Size 117 kB (117196 bytes) Hash 0447c4a87bbd7e0680b6a8860b3e69a4 b8a0fa042b51236dccb2fbcc99b545eeaa98bd1b 098f9194dd214b8bf75d9ced5a729764e64078e9dd97cc963fd7d8c77cfcb548 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6879 x-amzn-requestid: 18c46562-f8d9-4f7f-8ea0-1bb46e206f80 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ANnahEWgIAMFwYg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e885dc-50a7cfe4693b4efb038ce1a7;Sampled=0 x-amzn-remapped-date: Sun, 12 Feb 2023 06:23:24 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: qwK1XWOYMXy8qna9sVCV7q__QKMko9KXa8towbYhIj1EolPbqEuIHQ== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google date: Mon, 20 Feb 2023 15:01:26 GMT age: 27645 etag: "87917d3cf520d73b7b1029f44505e7700413d51d" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js	104.22.25.131	200 OK	71 kB
URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js IP 104.22.25.131:0 ASN #13335 CLOUDFLARENET File type Unicode text, UTF-8 text, with very long lines (65464) Size 71 kB (71447 bytes) Hash dd0f91c32280d50e545a56105e0e0785 ddc40505f96aa7dfb8bade01006ab3d1f37c0b75 f3df13a2fa5dd804c0c69205e08c93c8bbc908cbe75bb73e0f16bfc9188e2fb3 HTTP Headers `GET /_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js HTTP/1.1 Host: embed.tawk.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://clatid.io Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Mon, 20 Feb 2023 22:42:10 GMT content-type: application/javascript last-modified: Fri, 06 Jan 2023 01:49:34 GMT etag: W/"70dac54eca3bb2143032bc4db3237623" access-control-allow-origin: * cache-control: public, max-age=2592000, immutable x-cache-status: HIT strict-transport-security: max-age=0; includeSubDomains; preload cf-cache-status: MISS vary: Accept-Encoding x-content-type-options: nosniff server: cloudflare cf-ray: 79cac0fefce30afa-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js	104.22.25.131	200 OK	49 kB
URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js IP 104.22.25.131:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (65466) Size 49 kB (49295 bytes) Hash 13adef6db602b6849fb35f038267abba 6b48c7ccdd33b232ea3f60c3185ceee0b01d9b05 e4e71c653dc887a3269d422effde3927c8c65452b06a3116f576fb261ff13943 HTTP Headers `GET /_s/v4/app/63b77dcd282/js/twk-chunk-common.js HTTP/1.1 Host: embed.tawk.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://clatid.io Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Mon, 20 Feb 2023 22:42:10 GMT content-type: application/javascript last-modified: Fri, 06 Jan 2023 01:49:34 GMT etag: W/"385105148a50079bafff97e9c9476109" access-control-allow-origin: * cache-control: public, max-age=2592000, immutable x-cache-status: HIT strict-transport-security: max-age=0; includeSubDomains; preload cf-cache-status: MISS vary: Accept-Encoding x-content-type-options: nosniff server: cloudflare cf-ray: 79cac0fefce60afa-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js	104.22.25.131	200 OK	4.2 kB
URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js IP 104.22.25.131:0 ASN #13335 CLOUDFLARENET File type ASCII text, with no line terminators Size 4.2 kB (4238 bytes) Hash 2e5601ae7b005dda3dbcd8a4afe8ae27 d4e1e816325e68114c50e513fec96ca6b3ba8a4e 16968ff2fdd2ce8ecd6ab5266ced866f9d9aeb0701f6f443ecb0d866fcbaddd5 HTTP Headers `GET /_s/v4/app/63b77dcd282/js/twk-main.js HTTP/1.1 Host: embed.tawk.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://clatid.io Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Mon, 20 Feb 2023 22:42:10 GMT content-type: application/javascript last-modified: Fri, 06 Jan 2023 01:49:34 GMT etag: W/"da5bb1dc647470204df0e49f5afac2de" access-control-allow-origin: * cache-control: public, max-age=2592000, immutable x-cache-status: HIT strict-transport-security: max-age=0; includeSubDomains; preload cf-cache-status: MISS vary: Accept-Encoding x-content-type-options: nosniff server: cloudflare cf-ray: 79cac0feecd30afa-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cd4fbee-8eae-4308-9cc0-885fef5cbfc1.gif	34.120.237.76	200 OK	46 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cd4fbee-8eae-4308-9cc0-885fef5cbfc1.gif IP 34.120.237.76:0 ASN #15169 GOOGLE File type GIF image data, version 89a, 296 x 148\012- data Size 46 kB (45521 bytes) Hash fe9decbee7c293c45a657f489964041f 04efd208a90c04eeea4920a04baabaff18624f89 031836ab1af10d8bcd644ad93e3eeab999efd7cc3b654f3f69b144656ba1598a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cd4fbee-8eae-4308-9cc0-885fef5cbfc1.gif HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 45521 x-amzn-requestid: 539ccaa9-b3c2-4720-8121-77962d40e3c7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: AUT2dFvwIAMFcig= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63eb335c-5914dc324bad492d48299dc0;Sampled=0 x-amzn-remapped-date: Tue, 14 Feb 2023 07:08:12 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 9lh0JPLe_pev6F9ZJsVqA-Uvq_fNOHy9qJ_itW_tuWV1Fc55OM_PhA== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google date: Sun, 19 Feb 2023 22:45:52 GMT etag: "04efd208a90c04eeea4920a04baabaff18624f89" content-type: image/gif age: 86179 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js	151.101.129.229	200 OK	65 kB
URL HTTP/2 cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js IP 151.101.129.229:0 ASN #54113 FASTLY File type data Size 65 kB (65224 bytes) Hash 6f0eaad2eb8458cfface61e5a43f4828 aa06b785546e619a75b4c96b1f86d327fa6fd72b db98999ec838e63141988364906c2a804f1811d70972f4c564914beac3add1fe HTTP Headers `GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1 Host: cdn.jsdelivr.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: * timing-allow-origin: * cache-control: public, max-age=31536000, s-maxage=31536000, immutable cross-origin-resource-policy: cross-origin x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload content-type: application/javascript; charset=utf-8 etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU" content-encoding: gzip accept-ranges: bytes date: Mon, 20 Feb 2023 22:42:11 GMT age: 29079288 x-served-by: cache-fra19156-FRA, cache-bma1650-BMA x-cache: HIT, HIT vary: Accept-Encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length: 53889 X-Firefox-Spdy: h2

	ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4	104.18.20.226	200 OK	1.5 kB
URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 IP 104.18.20.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1462 bytes) Hash 199d6ef0990ba148c216adf8f3f89440 29a4a8745d1768bc23a97a6b553f07503fe7efe3 18d6ada7ed7e55a3547d73e7febf01f16162967c4432f2df968421648b73cf7f HTTP Headers `POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Mon, 20 Feb 2023 22:42:11 GMT Content-Type: application/ocsp-response Transfer-Encoding: chunked Connection: keep-alive Etag: "D485D80FD91A8C0CDD5336CBB8F7EA7CBB088900" Expires: Tue, 21 Feb 2023 09:00:00 GMT Last-Modified: Mon, 20 Feb 2023 21:00:00 UTC Cache-Control: s-maxage=3600, public, no-transform, must-revalidate CF-Cache-Status: HIT Age: 1395 Vary: Accept-Encoding Server: cloudflare CF-RAY: 79cac1081c300b49-OSL`

	unpkg.com/aos@2.3.1/dist/aos.css	104.16.123.175	200 OK	0 B
URL HTTP/2 unpkg.com/aos@2.3.1/dist/aos.css IP 104.16.123.175:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /aos@2.3.1/dist/aos.css HTTP/1.1 Host: unpkg.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 20 Feb 2023 22:42:09 GMT content-type: text/css; charset=utf-8 access-control-allow-origin: * cache-control: public, max-age=31536000 last-modified: Thu, 17 May 2018 22:11:13 GMT etag: W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA" via: 1.1 fly.io fly-request-id: 01G754J040XBCARD93ACQA76A4-fra cf-cache-status: HIT age: 19976602 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 79cac0f74ddbb4eb-OSL content-encoding: br X-Firefox-Spdy: h2

	cdn.quilljs.com/1.3.6/quill.snow.css	216.24.57.3	200 OK	0 B
URL HTTP/2 cdn.quilljs.com/1.3.6/quill.snow.css IP 216.24.57.3:0 ASN #397273 RENDER File type Size 0 B (0 bytes) Hash HTTP Headers `GET /1.3.6/quill.snow.css HTTP/1.1 Host: cdn.quilljs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Mon, 20 Feb 2023 22:42:09 GMT content-type: text/css; charset=utf-8 cf-ray: 79cac0f7fa8db515-OSL access-control-allow-origin: * age: 232 cache-control: public, max-age=604800 etag: W/"9b536bda67650c506df72197baec4c01" last-modified: Tue, 16 Mar 2021 22:22:46 UTC vary: Accept-Encoding cf-cache-status: HIT x-content-type-options: nosniff server: cloudflare content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2`

	fonts.googleapis.com/css?family=Poppins:300,400,500,600,700&display=swap	142.250.74.106	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300,400,500,600,700&display=swap IP 142.250.74.106:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Poppins:300,400,500,600,700&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Mon, 20 Feb 2023 22:42:09 GMT date: Mon, 20 Feb 2023 22:42:09 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js	104.22.25.131	200 OK	0 B
URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js IP 104.22.25.131:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /_s/v4/app/63b77dcd282/js/twk-vendor.js HTTP/1.1 Host: embed.tawk.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://clatid.io Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Mon, 20 Feb 2023 22:42:10 GMT content-type: application/javascript last-modified: Fri, 06 Jan 2023 01:49:34 GMT etag: W/"7dcb496e4882926f93f2e73fa87062c0" access-control-allow-origin: * cache-control: public, max-age=2592000, immutable x-cache-status: HIT strict-transport-security: max-age=0; includeSubDomains; preload cf-cache-status: MISS vary: Accept-Encoding x-content-type-options: nosniff server: cloudflare cf-ray: 79cac0fefce20afa-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_campaign=432&utm_content=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_medium=email&utm_source=newsletter&utm_term=campaign-432	188.114.96.1	200 OK	0 B
URL HTTP/2 clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_campaign=432&utm_content=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_medium=email&utm_source=newsletter&utm_term=campaign-432 IP 188.114.96.1:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_campaign=432&utm_content=SlC9x_G0E5uQGsQGnu0U7pxJLjM&utm_medium=email&utm_source=newsletter&utm_term=campaign-432 HTTP/1.1 Host: clatid.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 200 OK date: Mon, 20 Feb 2023 22:42:09 GMT content-type: text/html; charset=UTF-8 x-powered-by: PHP/7.4.26 expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache set-cookie: PHPSESSID=1bbqni6080v62udoth9cb8bgii; path=/ vary: Accept-Encoding,User-Agent cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQbmiIZ7spj8QvhYvfF2LIelGz%2B5ukTHZWYh7KblPSZdCFh1tM4hNwJ1Rd2pVn5A4oDqPx%2FZ%2BY3g2mqL1h3bHKKJWnk%2FhFxHoDpqVr1VWU8uz9RlbbBMwhdJweU%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 79cac0f5be97b503-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	embed.tawk.to/5fb6212e920fc91564c878d5/default	104.22.25.131	200 OK	0 B
URL HTTP/2 embed.tawk.to/5fb6212e920fc91564c878d5/default IP 104.22.25.131:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /5fb6212e920fc91564c878d5/default HTTP/1.1 Host: embed.tawk.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://clatid.io Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Mon, 20 Feb 2023 22:42:10 GMT content-type: application/x-javascript access-control-allow-origin: * cache-control: public, max-age=7200, s-maxage=3600 etag: W/"stable-v4-63b77dcd282" vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains; preload cf-cache-status: MISS x-content-type-options: nosniff server: cloudflare cf-ray: 79cac0fa18cd0afa-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2`

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js	104.22.25.131	200 OK	0 B
URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js IP 104.22.25.131:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /_s/v4/app/63b77dcd282/js/twk-runtime.js HTTP/1.1 Host: embed.tawk.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://clatid.io Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Mon, 20 Feb 2023 22:42:10 GMT content-type: application/javascript last-modified: Fri, 06 Jan 2023 01:49:34 GMT etag: W/"de21d01e9f8b6cc35ea67267d0ba80ec" access-control-allow-origin: * cache-control: public, max-age=2592000, immutable x-cache-status: HIT strict-transport-security: max-age=0; includeSubDomains; preload cf-cache-status: MISS vary: Accept-Encoding x-content-type-options: nosniff server: cloudflare cf-ray: 79cac0ff0ceb0afa-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Josefin+Sans:300,300i,400,400i,600,600i,700,700i	142.250.74.106	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Josefin+Sans:300,300i,400,400i,600,600i,700,700i IP 142.250.74.106:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Josefin+Sans:300,300i,400,400i,600,600i,700,700i HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Mon, 20 Feb 2023 22:42:09 GMT date: Mon, 20 Feb 2023 22:42:09 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (28)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML