Report - flowcode.com/p/TB0ikmgLN?fc=0

Report Overview

Submitted URL
flowcode.com/p/TB0ikmgLN?fc=0
IP
104.18.31.101
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-14 19:09:21
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - Microsoft

Detections

urlquery
1
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-10T08:04:05Z	508 B	7.2 kB	104.17.25.14
flowcode.com	71563	2017-04-21T23:20:38Z	2023-03-11T03:59:04Z	818 B	1.6 kB	104.18.31.101
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-10T05:11:37Z	483 B	24 kB	69.16.175.10
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-10T13:32:40Z	1.0 kB	1.9 kB	104.18.10.207
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.4 kB	6.2 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	343 B	700 B	142.250.74.35
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	433 B	1.8 kB	142.250.74.10
capitalwesthomecontract.s3.us-west-004.backblazeb2.com	unknown			1.0 kB	883 kB	149.137.129.254
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-10T15:05:48Z	430 B	31 kB	216.58.211.10
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	56 kB	34.120.237.76
stackpath.bootstrapcdn.com	2467	2018-06-15T22:36:43Z	2023-03-10T09:31:27Z	436 B	917 B	104.18.10.207
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.4 kB	2.8 kB	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	54.149.219.22
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	49 kB	2023-03-07	2024-04-26
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-26 22:55:05 Times Seen137276 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	capitalwesthomecontract.s3.us-west-004.backblazeb2.com/capital+westhomes+proposal/proposal.html	204 kB	2023-03-08	2024-01-14
Pretty URL capitalwesthomecontract.s3.us-west-004.backblazeb2.com/capital+westhomes+proposal/proposal.html IP 149.137.129.254 ASN #40401 BACKBLAZE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:39:53 Last Seen2024-01-14 14:44:58 Times Seen26 Hash 125e9c7026daba9b87bbc1954ada15a1 1e862dca89017c7a778077a2376734b7bc529232 7afab3adfaf6ba094421d35465d23e6c593a03b51b812db11c51ee737afda6d6 Loading...

	capitalwesthomecontract.s3.us-west-004.backblazeb2.com/capital+westhomes+proposal/proposal.html	3.6 kB	2023-03-11	2023-03-11
Pretty URL capitalwesthomecontract.s3.us-west-004.backblazeb2.com/capital+westhomes+proposal/proposal.html IP 149.137.129.254 ASN #40401 BACKBLAZE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:03:19 Last Seen2023-03-11 12:03:19 Times Seen1 Hash 6750f42915cd6e5f2e0808b66aff6e75 6c61f7b6780cf8d031e148ce5023dcbc505a3ee8 727de5029c2f55b0e14c90434a1a3a325cd56922b28dc0eff3ca48780805dc24 Loading...

	code.jquery.com/jquery-3.2.1.slim.min.js	70 kB	2023-03-07	2024-04-26
Pretty URL code.jquery.com/jquery-3.2.1.slim.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-04-26 22:55:05 Times Seen106617 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	51 kB	2023-03-07	2024-04-26
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-26 23:21:50 Times Seen244872 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	19 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-26 22:55:05 Times Seen111975 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	86 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 216.58.211.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 23:21:50 Times Seen384932 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

HTTP Transactions (34)

	URL	IP	Response	Size
	flowcode.com/p/TB0ikmgLN?fc=0	104.18.31.101	301 Moved Permanently	0 B
URL HTTP/1.1 flowcode.com/p/TB0ikmgLN?fc=0 IP 104.18.31.101:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /p/TB0ikmgLN?fc=0 HTTP/1.1 Host: flowcode.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 301 Moved Permanently Date: Mon, 14 Nov 2022 19:09:09 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Mon, 14 Nov 2022 20:09:09 GMT Location: https://flowcode.com/p/TB0ikmgLN?fc=0 Server-Timing: cf-q-config;dur=7.9999954323284e-06 Vary: Accept-Encoding Set-Cookie: __cf_bm=rHNW21N0vm9wqfBhiniaFoZDWmj2LsvB.sHKplHITzY-1668452949-0-AWwNXoYS9L2lOD+QCvqU937/Qy5VvRqkEQ3s55XXHlGEISST1pqzNY0TlPutZFiHiql2D0iqTlnrYhI+b7xzq+4=; path=/; expires=Mon, 14-Nov-22 19:39:09 GMT; domain=.flowcode.com; HttpOnly; SameSite=None _cfuvid=PaVGfsfHiUv.jrsH8JQLD6tp4RMCrlNGr6Ax6610O3A-1668452949965-0-604800000; path=/; domain=.flowcode.com; HttpOnly Server: cloudflare CF-RAY: 76a20a392928fac4-OSL

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7786cd9bd97e024b3a1d16215defaad2 786ddbb74b0b6bd9270622dbe0258d6caee407c1 9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0" Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2350 Expires: Mon, 14 Nov 2022 19:48:20 GMT Date: Mon, 14 Nov 2022 19:09:10 GMT Connection: keep-alive`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 832aecaba9f06ee2d39d4d4bea65f13c 7195d6ffadfdbc6fc8e92c63ae28d4a3038a72dc a437509314a97065de6c7b9e5e2b4b61f0234b45f5f5bf2649cbdf499577bfd3 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 3218 Cache-Control: max-age=144945 Content-Type: application/ocsp-response Date: Mon, 14 Nov 2022 19:09:10 GMT Etag: "637218f5-1d7" Expires: Wed, 16 Nov 2022 11:24:55 GMT Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT Server: ECS (ska/F712) X-Cache: HIT Content-Length: 471`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 8c15cef160d1514fc977ed4c4e97086c ffe4ce3199658a1fc7a45d1607df40ef3911621d db1a82d8a2bacc0257b87efec0c365c1b769700fa27ce928321e082505f1d72a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DB1A82D8A2BACC0257B87EFEC0C365C1B769700FA27CE928321E082505F1D72A" Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5004 Expires: Mon, 14 Nov 2022 20:32:34 GMT Date: Mon, 14 Nov 2022 19:09:10 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	34.102.187.140	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 34.102.187.140:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 4736bac84ca28f2b1e961159fb4ea098 1319612979f53896fcfeacd4215c2715d4951e4c 5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Mon, 14 Nov 2022 18:44:34 GMT cache-control: public,max-age=3600 content-type: application/json age: 1476 alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: 7GqhLUGhR02vmSZ3T3ZPm1YZzOk//GoRnB+cAcHnnYjMJfFvDhvN0xgpWodTpYUKNO8940WUYAc= x-amz-request-id: 0WTAYHQZE34AKY06 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Mon, 14 Nov 2022 18:51:13 GMT age: 1077 last-modified: Fri, 30 Sep 2022 18:50:55 GMT etag: "67d5a988edcda47bc3b3b3f65d32b4b6" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Mon, 14 Nov 2022 19:09:10 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 81e78142eb5b67b012555c7262456f25 593fe469b3d2ea3e0899d620ce66fc0a6388b755 2926f10485fe2e246816aa1e5d83358f3b0f35d25f62149b0190dba323a3d6b6 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2926F10485FE2E246816AA1E5D83358F3B0F35D25F62149B0190DBA323A3D6B6" Last-Modified: Sat, 12 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6349 Expires: Mon, 14 Nov 2022 20:54:59 GMT Date: Mon, 14 Nov 2022 19:09:10 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	34.102.187.140	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 34.102.187.140:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Mon, 14 Nov 2022 18:44:48 GMT cache-control: public,max-age=3600 age: 1462 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json alt-svc: clear X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 3200044057cb585f1a435c0efece61c8 8305d5b5891288aa9996b4b4ca6fce2265413194 df45704534a24928e7659a6d8cd1b5ac9ffa9b224b02b34a2d6aed5ef69fd586 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 4541 Cache-Control: max-age=141211 Content-Type: application/ocsp-response Date: Mon, 14 Nov 2022 19:09:11 GMT Etag: "63720535-1d7" Expires: Wed, 16 Nov 2022 10:22:42 GMT Last-Modified: Mon, 14 Nov 2022 09:07:01 GMT Server: ECS (ska/F712) X-Cache: HIT Content-Length: 471`

	ocsp.pki.goog/gts1c3	142.250.74.35	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.35:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash b2d6aeeb303eaefc4cc6900e30da3b1b 4c3c027013211aa1b987006d0eb6c72f18c6a657 f542eab7c032d6c5f59710ee8993a01537e0fa2bf3882a6a699de85bba020999 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 14 Nov 2022 19:09:11 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.googleapis.com/css?family=Open+Sans:600	142.250.74.10	200 OK	1.1 kB
URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:600 IP 142.250.74.10:0 ASN #15169 GOOGLE File type data Size 1.1 kB (1075 bytes) Hash efa743868469b1ca5d83015ca15be2d2 82eaa4322621a7239f04ab177b608c477f194ef9 af38cc495f47bdd44173cbf8b3f3d4dd7a07b9ee26a95810804e9067e7d4c231 HTTP Headers `GET /css?family=Open+Sans:600 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://capitalwesthomecontract.s3.us-west-004.backblazeb2.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Mon, 14 Nov 2022 19:09:11 GMT date: Mon, 14 Nov 2022 19:09:11 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	push.services.mozilla.com/	54.149.219.22	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 54.149.219.22:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: t6JGdViGNkkpUA8rXs6KjA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: GZpfN4pJqprlydsDukWRqZKSesA=`

	ocsp.digicert.com/	93.184.220.29	200 OK	279 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 279 B (279 bytes) Hash 34f976ad436e17a2aa284b0a9fb9f6fa ef6eef563d855b72ea08c1046974f5cc7894461a d69ba01e7d7a7f201542e43a9fe53b0661c65f2b8d489aa4672aa567fecf6db2 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 4443 Cache-Control: max-age=133573 Content-Type: application/ocsp-response Date: Mon, 14 Nov 2022 19:09:11 GMT Etag: "6371e7c1-117" Expires: Wed, 16 Nov 2022 08:15:24 GMT Last-Modified: Mon, 14 Nov 2022 07:01:21 GMT Server: ECS (ska/F712) X-Cache: HIT Content-Length: 279`

	capitalwesthomecontract.s3.us-west-004.backblazeb2.com/capital+westhomes+proposal/proposal.html	149.137.129.254	200	882 kB
URL HTTP/1.1 capitalwesthomecontract.s3.us-west-004.backblazeb2.com/capital+westhomes+proposal/proposal.html IP 149.137.129.254:0 ASN #40401 BACKBLAZE File type HTML document text\012- HTML document, ASCII text, with very long lines (49885), with CRLF line terminators Size 882 kB (882331 bytes) Hash bd18095ef009f855849b04af921143e3 b693574b47cae36ea83ab9ea73f97c6138461c28 ed2bd4b47f7e541aa4a931d0fe0e812eeea5950464a000e24cb9c1919645eeb6 HTTP Headers GET /capital+westhomes+proposal/proposal.html HTTP/1.1 Host: capitalwesthomecontract.s3.us-west-004.backblazeb2.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 `HTTP/1.1 200 Accept-Ranges: bytes Last-Modified: Mon, 14 Nov 2022 15:46:29 GMT ETag: "bd18095ef009f855849b04af921143e3" x-amz-meta-src_last_modified_millis: 1668103359689 x-amz-request-id: 84185dab145b2968 x-amz-id-2: aMikxFmWjMG8yxTVCZFUz1DZgZi80CDbu x-amz-version-id: 4_z32915eb0d2157d63864f0416_f1090db069c123b2c_d20221114_m154629_c004_v0402000_t0044_u01668440789834 Content-Type: text/html Content-Length: 882331 Date: Mon, 14 Nov 2022 19:09:10 GMT Keep-Alive: timeout=5 Connection: keep-alive`

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	104.17.25.14	200 OK	6.2 kB
URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.25.14:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (19015) Size 6.2 kB (6157 bytes) Hash 7b4114faa411d059a9a5ac4b5b4d9dee 277da4486916fa3a4ab3375f47bc98f58dbf90f6 60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9 HTTP Headers `GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://capitalwesthomecontract.s3.us-west-004.backblazeb2.com Connection: keep-alive Referer: https://capitalwesthomecontract.s3.us-west-004.backblazeb2.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 14 Nov 2022 19:09:11 GMT content-type: application/javascript; charset=utf-8 content-length: 6157 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03fa9-4af4" last-modified: Mon, 04 May 2020 16:15:37 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 265494 expires: Sat, 04 Nov 2023 19:09:11 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6A8%2BROUJhVVppcB%2FI7zukupkgqSgGvZC3uA%2BSisVOfCa9MwUgyN%2BU0i5LkcUKVAGgUd4gPqMUSazPA%2FHpIbnmYffI0F1j5UEuj3k%2FoUTScltWYWX97wT7RSLL%2BiERwmR37HzaqjF"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 76a20a452f7ab50c-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	279 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 279 B (279 bytes) Hash 34f976ad436e17a2aa284b0a9fb9f6fa ef6eef563d855b72ea08c1046974f5cc7894461a d69ba01e7d7a7f201542e43a9fe53b0661c65f2b8d489aa4672aa567fecf6db2 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 4443 Cache-Control: max-age=133573 Content-Type: application/ocsp-response Date: Mon, 14 Nov 2022 19:09:11 GMT Etag: "6371e7c1-117" Expires: Wed, 16 Nov 2022 08:15:24 GMT Last-Modified: Mon, 14 Nov 2022 07:01:21 GMT Server: ECS (ska/F712) X-Cache: HIT Content-Length: 279`

	code.jquery.com/jquery-3.2.1.slim.min.js	69.16.175.10	200 OK	24 kB
URL HTTP/2 code.jquery.com/jquery-3.2.1.slim.min.js IP 69.16.175.10:0 ASN #20446 STACKPATH-CDN File type ASCII text, with very long lines (32012) Size 24 kB (23856 bytes) Hash 30f5157a965bc792a83e9bacfe265f03 8330886371fe27f3cbac509e0ac9712207574c66 4d12cab1f84ec2ac780bc8e0d865d9c61025be579c78d6532d76f0574d17fca0 HTTP Headers `GET /jquery-3.2.1.slim.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://capitalwesthomecontract.s3.us-west-004.backblazeb2.com Connection: keep-alive Referer: https://capitalwesthomecontract.s3.us-west-004.backblazeb2.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Mon, 14 Nov 2022 19:09:11 GMT content-encoding: gzip content-length: 23856 content-type: application/javascript; charset=utf-8 last-modified: Fri, 12 Aug 2022 13:47:02 GMT accept-ranges: bytes server: nginx etag: W/"62f659d6-10fdd" cache-control: max-age=315360000, public access-control-allow-origin: * vary: Accept-Encoding x-hw: 1668452951.dop206.sk1.t,1668452951.cds260.sk1.hn,1668452951.cds235.sk1.c X-Firefox-Spdy: h2`

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	216.58.211.10	200 OK	30 kB
URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 216.58.211.10:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (32065) Size 30 kB (30028 bytes) Hash 6d973c8b7e2439d958e09c0a1ab9fe50 05ae0830200c20b9a2dfd5a825adc400481a60fb f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894 HTTP Headers `GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://capitalwesthomecontract.s3.us-west-004.backblazeb2.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 30028 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 11 Nov 2022 02:19:26 GMT expires: Sat, 11 Nov 2023 02:19:26 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 last-modified: Tue, 03 Mar 2020 19:15:00 GMT content-type: text/javascript; charset=UTF-8 age: 319785 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	capitalwesthomecontract.s3.us-west-004.backblazeb2.com/favicon.ico	149.137.129.254	404	137 B
URL HTTP/1.1 capitalwesthomecontract.s3.us-west-004.backblazeb2.com/favicon.ico IP 149.137.129.254:0 ASN #40401 BACKBLAZE File type XML 1.0 document text\012- XML document, ASCII text Size 137 B (137 bytes) Hash 6d33936199285d83ba585e6971af4c4c 5c01f6bf2d9e155daa6ca22931432592ab87b88b ea2c3fae4cff55a6bf253d466b93e75b1208eb023c39eef8f79f8e3b7e66e2e8 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: capitalwesthomecontract.s3.us-west-004.backblazeb2.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://capitalwesthomecontract.s3.us-west-004.backblazeb2.com/capital+westhomes+proposal/proposal.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 404 x-amz-request-id: e1f6832aefeb4b9d x-amz-id-2: aMs4x7WWJMIoyHTXYZHoz4zZZZlc0dDb6 Cache-Control: max-age=0, no-cache, no-store Content-Type: application/xml Content-Length: 137 Date: Mon, 14 Nov 2022 19:09:11 GMT Keep-Alive: timeout=5 Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 929d046b7cbed155022099e982ba0592 18ff58f5b4d98748552d6604bdcba9c57eb8f412 3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9" Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6607 Expires: Mon, 14 Nov 2022 20:59:19 GMT Date: Mon, 14 Nov 2022 19:09:12 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 929d046b7cbed155022099e982ba0592 18ff58f5b4d98748552d6604bdcba9c57eb8f412 3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9" Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6607 Expires: Mon, 14 Nov 2022 20:59:19 GMT Date: Mon, 14 Nov 2022 19:09:12 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 929d046b7cbed155022099e982ba0592 18ff58f5b4d98748552d6604bdcba9c57eb8f412 3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9" Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6607 Expires: Mon, 14 Nov 2022 20:59:19 GMT Date: Mon, 14 Nov 2022 19:09:12 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 929d046b7cbed155022099e982ba0592 18ff58f5b4d98748552d6604bdcba9c57eb8f412 3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9" Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6607 Expires: Mon, 14 Nov 2022 20:59:19 GMT Date: Mon, 14 Nov 2022 19:09:12 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg	34.120.237.76	200 OK	7.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.5 kB (7494 bytes) Hash dfc7286992b2cebdf1ebb58f85576e61 a49a1bf9716e32979810931d04d1f84216d096c1 7c5288d4ae39202e00c7fd482faa10b5610d31edf0bba9fc69fa4fc1f422b837 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7494 x-amzn-requestid: b07e424a-c11e-442f-8636-e0670cb6f864 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bd8heGBtoAMFYQA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-636f0e09-7dcda14e5077563d726752ae;Sampled=0 x-amzn-remapped-date: Sat, 12 Nov 2022 03:07:53 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: VXu3wEUmBJjK6YiXRFYVAuZ3h-ApKkvK1miRBXpo6faKsx8OOXu0JQ== via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google date: Mon, 14 Nov 2022 03:14:47 GMT age: 57265 etag: "a49a1bf9716e32979810931d04d1f84216d096c1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68733d52-6c87-4ac4-ba56-bc5f74ff782b.jpeg	34.120.237.76	200 OK	9.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68733d52-6c87-4ac4-ba56-bc5f74ff782b.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.9 kB (9921 bytes) Hash ac5583760066002adcbba078f6dd1be4 39ca30395586cf1a0a0fa739f7279af807f548a3 cb5986e3330858716cd290297a81d77e371b838637fc57eece94810211715a7c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68733d52-6c87-4ac4-ba56-bc5f74ff782b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9921 x-amzn-requestid: 933f6aa6-3bec-4f71-aba8-ef9e77942ae9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bjycgGB-oAMFsDQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6371644f-47d26359464b62b7276316e6;Sampled=0 x-amzn-remapped-date: Sun, 13 Nov 2022 21:40:31 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 9DG6rCPdRRiHKrAVXztWJwZlUYYCb893lXH8YDzEMGSEUbeaVkABWw== via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google date: Sun, 13 Nov 2022 22:04:26 GMT age: 75886 etag: "39ca30395586cf1a0a0fa739f7279af807f548a3" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg	34.120.237.76	200 OK	6.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.5 kB (6535 bytes) Hash a0db3498954921b58948ad8a4e7fd49f 6b618c3ff6e589f9e01650bd0a619acb70d8004e fa3baa9e32e455ab2eeefab0c76714bf0ff5f67a5ccd7c10b3f5c21d8138c5cf HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6535 x-amzn-requestid: 3333aa65-c0c7-4704-9af1-fb0a49f830fb x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bjyDtHbhoAMFSsg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637163b1-51c3e4513240b7e5662b8e6e;Sampled=0 x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 6dTOcWIKFuo-Thf3zUH_1WY70yFyQkj3w2xPrb6Ntjf8TUFPVG-_lA== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google date: Sun, 13 Nov 2022 22:01:14 GMT age: 76078 etag: "6b618c3ff6e589f9e01650bd0a619acb70d8004e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F213417cd-cf64-4d28-ae86-bd6f16cecb3b.jpeg	34.120.237.76	200 OK	9.3 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F213417cd-cf64-4d28-ae86-bd6f16cecb3b.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.3 kB (9322 bytes) Hash 6f1e763f44800e4de06d69a3b2af74da 35afe48832221fe42de30260b9bcb15867109031 5f234c025d1f586b4364d2ef8c2818d3d4d441691444bb885e89f4c150b3d2a5 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F213417cd-cf64-4d28-ae86-bd6f16cecb3b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9322 x-amzn-requestid: 0becd817-a29e-46bf-b9d6-2d18e12f5fe9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bjyDvE8DoAMFsiw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637163b1-5b4bf1674c4edf80458cf53f;Sampled=0 x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: 6eUvvtJ48e5eRUJffmsuc9-blgv2dHt-Lsemnf-i8mLQ9CpY0Y94sQ== via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google date: Sun, 13 Nov 2022 22:13:29 GMT age: 75343 etag: "35afe48832221fe42de30260b9bcb15867109031" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (11715 bytes) Hash cd5bdc050716bb76afe8090fc81617e7 5109c156b180727767fc03c411190ccc0d3fb5fc 9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11715 x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bdMhUHkpIAMFfJg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0 x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA== via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google date: Sun, 13 Nov 2022 21:52:43 GMT age: 76589 etag: "5109c156b180727767fc03c411190ccc0d3fb5fc" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa23e03e8-7a4b-473b-801f-39322d374478.jpeg	34.120.237.76	200 OK	5.1 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa23e03e8-7a4b-473b-801f-39322d374478.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.1 kB (5149 bytes) Hash 31a009393081c25d9afbde558a278ebf bf8de6c00f579baa320456bd0e79ab80978008bc 90e81f6a10d3dbc56a45e9cfd65dbcd6bddf9e3ab526b4cca270bc2f26404950 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa23e03e8-7a4b-473b-801f-39322d374478.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5149 x-amzn-requestid: f9b58134-4474-4ba5-bc90-368568c30eb4 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bNaeqGAZoAMF9Ww= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6368712a-4f7bbb4743f15dc2471fba0c;Sampled=0 x-amzn-remapped-date: Mon, 07 Nov 2022 02:44:58 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: R-wKxHkN3mhPg5hGlsMSmENk1tERrZrO83Ohro0OmuKUQ5bC2tgTiw== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google date: Mon, 14 Nov 2022 08:14:40 GMT age: 39272 etag: "bf8de6c00f579baa320456bd0e79ab80978008bc" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css	104.18.10.207	200 OK	0 B
URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css IP 104.18.10.207:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://capitalwesthomecontract.s3.us-west-004.backblazeb2.com Connection: keep-alive Referer: https://capitalwesthomecontract.s3.us-west-004.backblazeb2.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK date: Mon, 14 Nov 2022 19:09:11 GMT content-type: text/css; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 etag: W/"450fc463b8b1a349df717056fbb3e078" last-modified: Mon, 25 Jan 2021 22:04:04 GMT cdn-cachedat: 08/20/2022 02:36:43 cdn-proxyver: 1.02 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 601 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-requestid: a110de6191893a215319236faff8dedb cdn-cache: HIT cf-cache-status: MISS strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 76a20a446b15b4ee-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	104.18.10.207	200 OK	0 B
URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 104.18.10.207:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1 Host: stackpath.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://capitalwesthomecontract.s3.us-west-004.backblazeb2.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 14 Nov 2022 19:09:11 GMT content-type: application/javascript; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 last-modified: Mon, 25 Jan 2021 22:04:06 GMT cdn-cachedat: 11/15/2021 23:30:00 cdn-proxyver: 1.0 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 723 cdn-status: 200 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-requestid: a35b0179a28ed953258d0fb41376a09c cdn-cache: HIT cf-cache-status: HIT age: 11496799 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 76a20a452aca1c16-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	104.18.10.207	200 OK	0 B
URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.10.207:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://capitalwesthomecontract.s3.us-west-004.backblazeb2.com Connection: keep-alive Referer: https://capitalwesthomecontract.s3.us-west-004.backblazeb2.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK date: Mon, 14 Nov 2022 19:09:11 GMT content-type: application/javascript; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17" last-modified: Mon, 25 Jan 2021 22:04:04 GMT cdn-cachedat: 08/20/2022 02:32:25 cdn-proxyver: 1.02 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 601 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-requestid: 9734d33b73362d9eb4d5de8e109e63c9 cdn-cache: HIT cf-cache-status: MISS strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 76a20a44fbf1b4ee-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	flowcode.com/p/TB0ikmgLN?fc=0	104.18.30.101	302 Found	0 B
URL HTTP/2 flowcode.com/p/TB0ikmgLN?fc=0 IP 104.18.30.101:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /p/TB0ikmgLN?fc=0 HTTP/1.1 Host: flowcode.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/2 302 Found date: Mon, 14 Nov 2022 19:09:10 GMT content-type: text/html; charset=utf-8 location: https://capitalwesthomecontract.s3.us-west-004.backblazeb2.com/capital+westhomes+proposal/proposal.html expires: Thu, 01 Jan 1970 00:00:00 UTC pragma: no-cache strict-transport-security: max-age=2592000; includeSubDomains; preload cf-cache-status: DYNAMIC set-cookie: __cf_bm=AHm5awTXC9x42qHs6rXv5NTHVfeMZr6b4ckNMjW2GPs-1668452950-0-Acep5ee0j18lfDDXy8XdCkrZIEJVAnJLUoYLVd9PmlKm3JFT1m+yXmL6mO4BEBigYLLWk+z1yxbHqTe6U26lnWU=; path=/; expires=Mon, 14-Nov-22 19:39:10 GMT; domain=.flowcode.com; HttpOnly; Secure; SameSite=None _cfuvid=8hfvliZ33tNnJYbiubgxIb0K7Ywf5V09MgCfDsjUjzk-1668452950449-0-604800000; path=/; domain=.flowcode.com; HttpOnly; Secure; SameSite=None server: cloudflare cf-ray: 76a20a3b6e2ffab4-OSL X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (34)

URL HTTP/1.1

IP

ASN

File type

Size