r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9ce33c47154f4826255fe9bbe54d72be
e10a363c007a6d15ed43eb35b4e5c246d85c5eed
cf423db1a8ad1dce1b5c25f6025d14411b4a46e95a6001288949f046e244bc24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF423DB1A8AD1DCE1B5C25F6025D14411B4A46E95A6001288949F046E244BC24"
Last-Modified: Fri, 10 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15904
Expires: Sun, 12 Mar 2023 12:15:22 GMT
Date: Sun, 12 Mar 2023 07:50:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 99824e6e553dd5649b1d199589a6dab2
00b2c24f6ef22620045c3b2ef7a63ea9ac8cc0a2
3a4695284040436fd256023da7d39bab8b16f8a2d4f7105c0f995f610dcab2d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A4695284040436FD256023DA7D39BAB8B16F8A2D4F7105C0F995F610DCAB2D2"
Last-Modified: Thu, 09 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3096
Expires: Sun, 12 Mar 2023 08:41:54 GMT
Date: Sun, 12 Mar 2023 07:50:18 GMT
Connection: keep-alive
talansbs.com/http:/talansbs.com/?p=92%27;
23.229.220.229301 Moved Permanently 0 B URL HTTP/1.1 talansbs.com/http:/talansbs.com/?p=92%27;
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /http:/talansbs.com/?p=92%27; HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 12 Mar 2023 07:50:18 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
X-Pingback: http://talansbs.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 12 Mar 2023 07:09:12 GMT
content-type: application/json
age: 2466
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 33723bd3cb2d70f8f86442863df61ec1
ee9f60025e885c09ff570c4e8f641bcc25ff83f0
dc794aeea289e16c4f217e2e3379cc434b6071badbf9ab6d64884707eafee538
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC794AEEA289E16C4F217E2E3379CC434B6071BADBF9AB6D64884707EAFEE538"
Last-Modified: Thu, 09 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10142
Expires: Sun, 12 Mar 2023 10:39:20 GMT
Date: Sun, 12 Mar 2023 07:50:18 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Hu3DjSxHZL/yXkxDbjZ+qm/LaMymjB7B5YxYjlixJPqQqFsyrwIVpNguP5iSIwCTwSQcJS5zZTA=
x-amz-request-id: EXHZXXGPEX7HYS0K
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 12 Mar 2023 07:19:36 GMT
age: 1842
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 12 Mar 2023 07:50:18 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
talansbs.com/small-business/is-overfunding-holding-you-back/
23.229.220.229200 OK 8.0 kB URL HTTP/1.1 talansbs.com/small-business/is-overfunding-holding-you-back/
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1403), with CRLF, LF line terminators
Hash ea6bd024b550b6d4cbd448f6459169bd
9e45afa669034e0f7c16df8e1b4695d8ec90f7ad
62ceddc03f39f66b969f2d6ed8d79ced2f70534f487938aaff9aeb160892d3ae
Analyzer Verdict Alert fortinet Malware
GET /small-business/is-overfunding-holding-you-back/ HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:18 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
X-Pingback: http://talansbs.com/xmlrpc.php
Link: <http://wp.me/p1E8mN-1u>; rel=shortlink
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7998
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
platform.twitter.com/widgets.js?ver=3.6
93.184.220.66200 OK 28 kB URL HTTP/1.1 platform.twitter.com/widgets.js?ver=3.6
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (38752)
Hash 8aa708f5eebf10bd82e942dabf1623a5
326a6d469222302a80ecf29039e7837d8870ee47
fcfdc2930fdd7f4b3c7f0c1308ce2e89fcc5082ae6a0a1e16ecf0f7e417f1368
GET /widgets.js?ver=3.6 HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 786
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Sun, 12 Mar 2023 07:50:18 GMT
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F708)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 27630
s.gravatar.com/js/gprofiles.js?ver=2023Maraa
192.0.73.2200 OK 7.4 kB URL HTTP/1.1 s.gravatar.com/js/gprofiles.js?ver=2023Maraa
IP 192.0.73.2:0
File type ASCII text, with very long lines (24043), with no line terminators
Hash b94596ffc2746c0e33c2039215531592
6a6fde47cda13c98489c70905c18b815910d1c4d
4e98be196118a9cd8e66c910fae42a8a45d6781f360996eadc691263d6193462
GET /js/gprofiles.js?ver=2023Maraa HTTP/1.1
Host: s.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 07:50:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 11:48:47 GMT
ETag: W/"6323111f-5deb"
Content-Encoding: gzip
Expires: Sun, 19 Mar 2023 07:50:18 GMT
Cache-Control: max-age=604800
s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202310
192.0.77.32200 OK 3.2 kB URL HTTP/1.1 s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202310
IP 192.0.77.32:0
File type ASCII text, with very long lines (2788)
Hash 844b0e2ae8eba4159dd5edd8efbde50c
757861da25bea58b1bc03203f65ae93673cfc065
ef84d445c23339e2c3742857d7e020c89d639f1ddc434b6f6a585ac9907bbb92
GET /wp-content/js/devicepx-jetpack.js?ver=202310 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 07:50:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"5c066eb1-52b6"
Content-Encoding: gzip
Expires: Mon, 04 Mar 2024 23:59:47 GMT
Cache-Control: max-age=31536000
X-ac: 4.arn _dca MISS
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-nc: HIT arn 1
cdn.wibiya.com/Toolbars/dir_0862/Toolbar_862127/Loader_862127.js?ver=3.6
188.114.96.1301 Moved Permanently 244 B URL HTTP/1.1 cdn.wibiya.com/Toolbars/dir_0862/Toolbar_862127/Loader_862127.js?ver=3.6
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 649e5855d0179b9929070c5c19859e81
bbecd8e3f922a2c118717c2ddcf2e5a39361c877
68ca7309190a7a96832234b18d279960a5806f6a3ab9a641d323c1b193569707
GET /Toolbars/dir_0862/Toolbar_862127/Loader_862127.js?ver=3.6 HTTP/1.1
Host: cdn.wibiya.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 12 Mar 2023 07:50:18 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.tealdit.com/toolbar/v1.js
Cache-Control: max-age=2678400
CF-Cache-Status: HIT
Age: 126
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tInaMlIidFsXAsD0%2FX6tBkJXjLliV10OKcleuqP4rq0n7Tp3HS0shbrC4%2FSha7KvT65cfrKMnCiZ%2FDTkjoieQdozOlo488sCkFXBaOLUStocShkfiQsDHtYt%2FVVxOA89YA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a6a720fa888fac0-OSL
alt-svc: h2=":443"; ma=60
apis.google.com/js/plusone.js?ver=3.6
172.217.21.174200 OK 21 kB URL HTTP/1.1 apis.google.com/js/plusone.js?ver=3.6
IP 172.217.21.174:0
File type ASCII text, with very long lines (1429)
Hash 1eb3db7a5eb87f9d75294ef8872f77a9
acfbf73b2bb7a9cdee3e14b864166c4363ce0ecf
a73a1977494fbcda1e304d48c0c8eb831418334a117270408e04cfecaefbdf11
GET /js/plusone.js?ver=3.6 HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
Timing-Allow-Origin: *
Content-Length: 21023
Date: Sun, 12 Mar 2023 07:50:18 GMT
Expires: Sun, 12 Mar 2023 07:50:18 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "0fc9cb8ed4f547b2"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
stats.wordpress.com/e-202310.js
192.0.78.26301 Moved Permanently 162 B URL HTTP/1.1 stats.wordpress.com/e-202310.js
IP 192.0.78.26:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /e-202310.js HTTP/1.1
Host: stats.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 07:50:18 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://stats.wordpress.com/e-202310.js
X-ac: 3.arn _dca BYPASS
talansbs.com/wp-content/themes/talanThemever3/script.js
23.229.220.229200 OK 2.1 kB URL HTTP/1.1 talansbs.com/wp-content/themes/talanThemever3/script.js
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash d84911a5c89c989273713f1d3f8a7731
35073377101e6502602d01e3ff903c95d70ccf88
49e5d2dd4042804c2d21a34dfe408a84d7c8d81f31fd4029dc0a55bd588f2f7d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/talanThemever3/script.js HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:18 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:53 GMT
ETag: "73083cd-1bf7-5ce4314f0a840-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2144
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.tealdit.com/toolbar/v1.js
104.21.72.39301 Moved Permanently 0 B URL HTTP/1.1 www.tealdit.com/toolbar/v1.js
IP 104.21.72.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /toolbar/v1.js HTTP/1.1
Host: www.tealdit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://talansbs.com/
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 12 Mar 2023 07:50:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 12 Mar 2023 08:50:18 GMT
Location: https://www.tealdit.com/toolbar/v1.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AslBEeE3zm1Y1ctRMyXPRQkr3fIn0AN6F4uDGVcdCAUeQIsMiQ2JhFTysWJ59qrI0ZvJB00Wc0vdySP5%2FyNvqWfM70qcm0QJcut9aEBNBxhWmLDj%2BUB%2FDKzCaq7xc4KXgHI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a6a72101808b500-OSL
alt-svc: h2=":443"; ma=60
twitter.com/statuses/user_timeline/talansbs.json?callback=twitterCallback2&count=4
104.244.42.129301 Moved Permanently 0 B URL HTTP/1.1 twitter.com/statuses/user_timeline/talansbs.json?callback=twitterCallback2&count=4
IP 104.244.42.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /statuses/user_timeline/talansbs.json?callback=twitterCallback2&count=4 HTTP/1.1
Host: twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 301 Moved Permanently
perf: 7626143928
location: https://twitter.com/statuses/user_timeline/talansbs.json?callback=twitterCallback2&count=4
cache-control: no-cache, no-store, max-age=0
content-length: 0
x-transaction-id: 67b2fc93db9974c0
x-response-time: 102
x-connection-hash: b21faeec40355639344187a8adb5db42b8263a94a923def8c9ee03afc6b0e85f
date: Sun, 12 Mar 2023 07:50:18 GMT
server: tsa_o
twitter.com/javascripts/blogger.js
104.244.42.129301 Moved Permanently 0 B URL HTTP/1.1 twitter.com/javascripts/blogger.js
IP 104.244.42.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /javascripts/blogger.js HTTP/1.1
Host: twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 301 Moved Permanently
perf: 7626143928
location: https://twitter.com/javascripts/blogger.js
cache-control: no-cache, no-store, max-age=0
content-length: 0
x-transaction-id: a9ca48f888b1918d
x-response-time: 111
x-connection-hash: 10f41e8f053f88c2f5ddc5cc9fde74b954354d30c62e5fbd06d608046acad385
date: Sun, 12 Mar 2023 07:50:18 GMT
server: tsa_o
talansbs.com/Scripts/swfobject_modified.js
23.229.220.229404 Not Found 18 kB URL HTTP/1.1 talansbs.com/Scripts/swfobject_modified.js
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (354), with CRLF, LF line terminators
Hash 03a58ca593e3dc6cd7711aab9b372190
bf50a8e192df4299dda8c72a6b854bd19ae34527
198208def6f837b65bd7055d83ff33296897713c4d36348cc33442c1eb1421e4
Analyzer Verdict Alert fortinet Malware
GET /Scripts/swfobject_modified.js HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 404 Not Found
Date: Sun, 12 Mar 2023 07:50:18 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
X-Pingback: http://talansbs.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.33.119.27200 OK 3.1 kB IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a922a85370305f446f0f4d9f93f08fd1
e5b1f86ef876aa216a0c3625a036920ebb71dccf
69c16bd8fe058825b5532bd6d52475b2f48d251e93b3cf858abc52ee8f8c2b69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C910268B5C4F0244540C5570056673F8CBE4A0979F301363CB56DC359C147DF"
Last-Modified: Sun, 12 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18038
Expires: Sun, 12 Mar 2023 12:50:56 GMT
Date: Sun, 12 Mar 2023 07:50:18 GMT
Connection: keep-alive
talansbs.com/wp-content/plugins/the-events-calendar/resources/events.css?ver=1.6.5
23.229.220.229200 OK 1.6 kB URL HTTP/1.1 talansbs.com/wp-content/plugins/the-events-calendar/resources/events.css?ver=1.6.5
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
Hash a94fc862b1ced5ebbeb60219e46f2662
1a765fda845d5a56b02d76bad3c8f583172f2ead
4a7db9bdae5db200bc4cd65765d797050bb92682e35aa94fae4b923f3e195e9f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/the-events-calendar/resources/events.css?ver=1.6.5 HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:18 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 13 Oct 2021 21:59:50 GMT
ETag: "7307b50-13f7-5ce4314c2e180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1578
Keep-Alive: timeout=5
Content-Type: text/css
talansbs.com/wp-content/themes/talanThemever3/style.css
23.229.220.229200 OK 4.6 kB URL HTTP/1.1 talansbs.com/wp-content/themes/talanThemever3/style.css
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 85222d22e94a5e3f72619c7016164634
8825a824f0316fb335c576d9116820cd036c243c
8e4135c9b2c423f0bfdee0d395f56c612f1c0e818db92cba818e03e35d56e866
GET /wp-content/themes/talanThemever3/style.css HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:18 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 13 Oct 2021 21:59:53 GMT
ETag: "7308401-5ecf-5ce4314f0a840-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4637
Keep-Alive: timeout=5
Content-Type: text/css
talansbs.com/wp-content/plugins/contact-form-7/styles.css?ver=2.4.5
23.229.220.229200 OK 400 B URL HTTP/1.1 talansbs.com/wp-content/plugins/contact-form-7/styles.css?ver=2.4.5
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 0525b8a257e977b19e38c2bf6cf898cd
0330002b2730a97cd366746adedc53f09f7c09ad
f1cf0e958cf7fad69c47b43e67e86a02ba31a33505e0bb05c14bed3459b6df0a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/styles.css?ver=2.4.5 HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:18 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 13 Oct 2021 21:59:41 GMT
ETag: "7306494-3b7-5ce4314398d40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 400
Keep-Alive: timeout=5
Content-Type: text/css
talansbs.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
23.229.220.229200 OK 3.1 kB URL HTTP/1.1 talansbs.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (7085), with CRLF line terminators
Hash be877782551a115e6da253d62cc3a6b2
b06a56238dcc28a6343c66d41aab3ad12a9c4f08
aba99fe4bef6b2ef9f9f0824e9dbdf7dede23e22a98b2305820c1f25a37e7380
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:18 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:59 GMT
ETag: "7306ddc-1c20-5ce43154c35c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3068
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
talansbs.com/wp-includes/js/jquery/jquery.js?ver=1.10.2
23.229.220.229200 OK 33 kB URL HTTP/1.1 talansbs.com/wp-includes/js/jquery/jquery.js?ver=1.10.2
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (32072)
Hash ce6939bfb13a25fa5801c2c6773df836
eb5b20e0308645fde063a0bf2abf80f71e655376
ef66e613025d34884307f2403837ab0cb0c2b5d94efbf5c73ff066538359adfb
GET /wp-includes/js/jquery/jquery.js?ver=1.10.2 HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:18 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 13 Oct 2021 21:59:59 GMT
ETag: "7306e02-16bc8-5ce43154c35c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 32815
Keep-Alive: timeout=5
Content-Type: application/javascript
ocsp.digicert.com/
192.229.221.95200 OK 313 B IP 192.229.221.95:0
Hash 9f836c90894013645293d67efbd4faf6
28668c7ecfd0aaa5d55e97494ffbf17062d92db2
9389307e5d85a70937cc031b7b0b18b214087ffdd6920217804dc5e1e84e8085
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3136
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 07:50:19 GMT
Etag: "640c71a7-139"
Last-Modified: Sun, 12 Mar 2023 06:58:03 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
192.229.221.95200 OK 313 B IP 192.229.221.95:0
Hash 9f836c90894013645293d67efbd4faf6
28668c7ecfd0aaa5d55e97494ffbf17062d92db2
9389307e5d85a70937cc031b7b0b18b214087ffdd6920217804dc5e1e84e8085
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3049
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 07:50:19 GMT
Last-Modified: Sun, 12 Mar 2023 06:59:30 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 313
talansbs.com/wp-content/plugins/the-events-calendar/resources/events.js?ver=3.6
23.229.220.229200 OK 380 B URL HTTP/1.1 talansbs.com/wp-content/plugins/the-events-calendar/resources/events.js?ver=3.6
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
Hash 1a6b36720f26b53b2c4b895541fed55b
ab6a73019e1acb1a2b960f09777a63232423c595
c6f2965f3711560332e6e5b87522d305f98d196f0fc01776e882eb94a70c30ce
GET /wp-content/plugins/the-events-calendar/resources/events.js?ver=3.6 HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:50 GMT
ETag: "7307b57-2af-5ce4314c2e180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 380
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
talansbs.com/wp-content/plugins/greybox-integrator/greybox/AJS.js
23.229.220.229200 OK 3.7 kB URL HTTP/1.1 talansbs.com/wp-content/plugins/greybox-integrator/greybox/AJS.js
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
Hash 665a74221b6dd5f5eeeb8714e3c4da9e
125f56b3f2c46ae0f1969f23e5e5da549507be80
8aa29c29ae3d032afdf02f3e2291716280bfe15931b0b3a74b2d21fcc5103457
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/greybox-integrator/greybox/AJS.js HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:41 GMT
ETag: "7306809-289c-5ce4314398d40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3723
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
talansbs.com/wp-content/plugins/greybox-integrator/greybox/AJS_fx.js
23.229.220.229200 OK 1.2 kB URL HTTP/1.1 talansbs.com/wp-content/plugins/greybox-integrator/greybox/AJS_fx.js
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
Hash d7181ef24963660fe106808523a21d73
edaf2dbb2541570f8763607f1eb5026bcbf8dde3
d0fef73305ab3e0731f2cc3d5ff878c0b1afa0efee2e621394c2542be5730583
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/greybox-integrator/greybox/AJS_fx.js HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:41 GMT
ETag: "730680d-c78-5ce4314398d40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1171
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
talansbs.com/wp-content/plugins/greybox-integrator/greybox/gb_styles.css
23.229.220.229200 OK 691 B URL HTTP/1.1 talansbs.com/wp-content/plugins/greybox-integrator/greybox/gb_styles.css
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
Hash e44371cbee87f6d7872eeb8e2ee8ec55
901747eb653544679d2696fa122ba73a1b310d86
da2c444c38e1029b5daa82a607e3cb17633306cf8c54ba2328c59cb68dcc0e6e
GET /wp-content/plugins/greybox-integrator/greybox/gb_styles.css HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:41 GMT
ETag: "730681d-8fe-5ce4314398d40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 691
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
talansbs.com/wp-content/plugins/greybox-integrator/greybox/gb_scripts.js
23.229.220.229200 OK 3.3 kB URL HTTP/1.1 talansbs.com/wp-content/plugins/greybox-integrator/greybox/gb_scripts.js
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
Hash 3fabbc047315f1f54a2c22feaeaf0368
a8d8d88b347dee2c85b9076bdf20afb369590015
a752f9a30e993d5d7b31d7c8b57b9ea6f55c1fcf14466a5959a0ddb8777d22bc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/greybox-integrator/greybox/gb_scripts.js HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:41 GMT
ETag: "7306818-2e84-5ce4314398d40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3332
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
talansbs.com/wp-content/plugins/jetpack/modules/wpgroho.js?ver=3.6
23.229.220.229200 OK 445 B URL HTTP/1.1 talansbs.com/wp-content/plugins/jetpack/modules/wpgroho.js?ver=3.6
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
Hash 0a7cd236d1029d69fb43ccce748c15fc
61b536b847d0e90d9e55603937eae40105076ab5
6eb1807cd95750ef9944332dbb8fcb3431ff7e9af86fd44d383e72edf5ca5b09
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/jetpack/modules/wpgroho.js?ver=3.6 HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:46 GMT
ETag: "7306fd1-3a2-5ce431485d880-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 445
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
talansbs.com/small-business/is-overfunding-holding-you-back/TalanPopupMenu_scr.js
23.229.220.229404 Not Found 18 kB URL HTTP/1.1 talansbs.com/small-business/is-overfunding-holding-you-back/TalanPopupMenu_scr.js
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (354), with CRLF, LF line terminators
Hash f3ee9e77e1e8c72f7f9f755da8aa6a0a
3f66dc62b0b3dd8c7e5276c923447bba901fdc1e
7b9d38783159a7b225925308102fd207284ee5f409cbda5721f7dd8046559c76
Analyzer Verdict Alert fortinet Malware
GET /small-business/is-overfunding-holding-you-back/TalanPopupMenu_scr.js HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 404 Not Found
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
X-Pingback: http://talansbs.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
35.163.190.146101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.190.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: f+WM0RO9lNzUu/cCak6oIQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 84AQb5YvPbQxac1aZaAUrP3y7Zc=
talansbs.com/wp-content/plugins/contact-form-7/jquery.form.js?ver=2.52
23.229.220.229200 OK 8.3 kB URL HTTP/1.1 talansbs.com/wp-content/plugins/contact-form-7/jquery.form.js?ver=2.52
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
Hash e51f5d668b5864e866d57e5c4e3b204d
32516fc35d6a73c78e48d67ff192787f4046589d
1d7259f45ea9bca5b2e750179f88f36fefe62ed5b4aefa8f96b6f15ceb70d0d7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/jquery.form.js?ver=2.52 HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:40 GMT
ETag: "7306464-5e58-5ce43142a4b00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8297
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
talansbs.com/wp-content/plugins/twitter-facebook-google-plusone-share/tfg_style.css?ver=3.6
23.229.220.229200 OK 187 B URL HTTP/1.1 talansbs.com/wp-content/plugins/twitter-facebook-google-plusone-share/tfg_style.css?ver=3.6
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 30816eefa3830bb86805d6923840212d
4dbe4972be8dd588d1f79c987776a649ec5a0645
b866497aff195f890db34c5dd7ca1507a5b93e6374a8cfcb67f32aab7ad5dd9b
GET /wp-content/plugins/twitter-facebook-google-plusone-share/tfg_style.css?ver=3.6 HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:50 GMT
ETag: "7307abe-169-5ce4314c2e180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 187
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
talansbs.com/wp-content/plugins/contact-form-7/scripts.js?ver=2.4.5
23.229.220.229200 OK 1.6 kB URL HTTP/1.1 talansbs.com/wp-content/plugins/contact-form-7/scripts.js?ver=2.4.5
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 3fcc7381a1a66e108de8ce3fb191c2c3
2d428338fa8aa348d114e78e31b1a79d031c4538
70cbc8f3ecbb54d43d45890068ffc9ae0d52a928ff4ca4989a250f2b6daa1989
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/scripts.js?ver=2.4.5 HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:41 GMT
ETag: "7306481-16aa-5ce4314398d40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1586
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
talansbs.com/wp-content/plugins/author-box-1/authorbox.css?ver=3.6
23.229.220.229200 OK 282 B URL HTTP/1.1 talansbs.com/wp-content/plugins/author-box-1/authorbox.css?ver=3.6
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 7b54cde01512444ba805987192bf5573
2cbf42f40180878b7319a0f45efa098d328349ed
30d52240c68378fe55204a407b0f379db0ff25cf4c8d4840ea10e1cd69aeee4b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/author-box-1/authorbox.css?ver=3.6 HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:39 GMT
ETag: "7306413-258-5ce43141b08c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 282
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
talansbs.com/AddItems/menuend.png
23.229.220.229200 OK 798 B URL HTTP/1.1 talansbs.com/AddItems/menuend.png
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 82 x 37, 8-bit colormap, non-interlaced\012- data
Hash 480efa55c26f7b59be02bf0751f4de29
fe1eebd3bd386bcbd69b1bd356eda407c5690ef6
ebd3b63f60129d4caa1072a260dc4dfb7a5955025c0a88351d9fc449aae36a3c
GET /AddItems/menuend.png HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:57:02 GMT
ETag: "730019a-31e-5ce430abf6780"
Accept-Ranges: bytes
Content-Length: 798
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
talansbs.com/wp-content/themes/talanThemever3/images/PostDateIcon.png
23.229.220.229200 OK 275 B URL HTTP/1.1 talansbs.com/wp-content/themes/talanThemever3/images/PostDateIcon.png
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 17 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash af5d486fa05b196bdd418b306554dbc0
c1ef3ba5798f9a0644d9fa3f2c401ee9efa786f5
77daa92902495effcc6ce882aab6191084141500e2bb3caa75f1a205bc9066fa
GET /wp-content/themes/talanThemever3/images/PostDateIcon.png HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:53 GMT
ETag: "7308479-113-5ce4314f0a840"
Accept-Ranges: bytes
Content-Length: 275
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
talansbs.com/wp-content/uploads/2011/01/Talan-Web-Ads3-173x300.jpg
23.229.220.229200 OK 18 kB URL HTTP/1.1 talansbs.com/wp-content/uploads/2011/01/Talan-Web-Ads3-173x300.jpg
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 173x300, components 3\012- data
Hash 2bbcbd3b611efc5e0ce6fb1f223a3898
071a8352a7ac9a8475a4fa2481fef83a56496449
c38d98d6f17f77f219545c2bf87e7b2c29ac0ee9a007b3e9a362ed341fc39c0f
GET /wp-content/uploads/2011/01/Talan-Web-Ads3-173x300.jpg HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:56 GMT
ETag: "7308359-470b-5ce43151e6f00"
Accept-Ranges: bytes
Content-Length: 18187
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
www.talansbs.com/Additems/twittericon.png
23.229.220.229301 Moved Permanently 0 B URL HTTP/1.1 www.talansbs.com/Additems/twittericon.png
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Additems/twittericon.png HTTP/1.1
Host: www.talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 301 Moved Permanently
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
X-Pingback: http://talansbs.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://talansbs.com/Additems/twittericon.png
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
talansbs.com/wp-content/themes/talanThemever3/images/Sheet-s.png
23.229.220.229200 OK 861 B URL HTTP/1.1 talansbs.com/wp-content/themes/talanThemever3/images/Sheet-s.png
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 66 x 66, 8-bit/color RGBA, non-interlaced\012- data
Hash ecf491502eaf3df82df13441a1da3066
a52db183470808f660940d7d9f11421644e16bc7
265652c5adeee11ebd184fd1a49ee3d38d3442e63e346687ed204ab6108bf685
GET /wp-content/themes/talanThemever3/images/Sheet-s.png HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/wp-content/themes/talanThemever3/style.css
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:53 GMT
ETag: "7308496-35d-5ce4314f0a840"
Accept-Ranges: bytes
Content-Length: 861
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
talansbs.com/wp-content/themes/talanThemever3/images/Sheet-h.png
23.229.220.229200 OK 314 B URL HTTP/1.1 talansbs.com/wp-content/themes/talanThemever3/images/Sheet-h.png
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 50 x 66, 8-bit/color RGBA, non-interlaced\012- data
Hash 8f638cf9e18a8be1a3a0bdccd1ea6bd6
62fe5d12ea776b8e63feddef52746f8cf85ece0f
310a4e21656a7cad601dace6bee044715f37c848e23045474c3451fd17ba94f9
GET /wp-content/themes/talanThemever3/images/Sheet-h.png HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/wp-content/themes/talanThemever3/style.css
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:53 GMT
ETag: "7308491-13a-5ce4314f0a840"
Accept-Ranges: bytes
Content-Length: 314
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
talansbs.com/wp-content/themes/talanThemever3/images/Page-BgTexture.jpg
23.229.220.229200 OK 86 kB URL HTTP/1.1 talansbs.com/wp-content/themes/talanThemever3/images/Page-BgTexture.jpg
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 2100x768, components 3\012- data
Hash 70be4b332799d6d0de56e0106abe835d
eeaf0af3058d896c46c70ef3d4dd016a8e92b39d
9e9bffbc7b2ebce2cc65e626c36ed90df28dd2783bac0cb245efe17838eff789
GET /wp-content/themes/talanThemever3/images/Page-BgTexture.jpg HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/wp-content/themes/talanThemever3/style.css
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:52 GMT
ETag: "7308462-1513b-5ce4314e16600"
Accept-Ranges: bytes
Content-Length: 86331
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
talansbs.com/wp-content/themes/talanThemever3/images/Sheet-v.png
23.229.220.229200 OK 314 B URL HTTP/1.1 talansbs.com/wp-content/themes/talanThemever3/images/Sheet-v.png
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 66 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 18e5a7827fff5029b4df7239761b4031
05cdd9f9d413e7e560550028de77d7449af1d4a4
87105665389bc87d03e5497c023ec899368fecbc94d69c4727212ff2bea451fc
GET /wp-content/themes/talanThemever3/images/Sheet-v.png HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/wp-content/themes/talanThemever3/style.css
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:53 GMT
ETag: "730849c-13a-5ce4314f0a840"
Accept-Ranges: bytes
Content-Length: 314
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
twitter.com/javascripts/blogger.js
104.244.42.129200 OK 32 kB URL HTTP/2 twitter.com/javascripts/blogger.js
IP 104.244.42.129:0
Hash 08851468c0125619584dd78d26dd7a98
6cd0028fcc440465e3312ea07a6a208e07f247fd
2a29854b154c2c98eb9e90e64900b432c5d3b14e83065a38a5e73e3ff1d0c6ea
GET /javascripts/blogger.js HTTP/1.1
Host: twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://talansbs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 12 Mar 2023 07:50:19 GMT
perf: 7626143928
expiry: Tue, 31 Mar 1981 05:00:00 GMT
pragma: no-cache
server: tsa_o
set-cookie: guest_id=v1%3A167860741921819014; Max-Age=34214400; Expires=Thu, 11 Apr 2024 07:50:19 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
ct0=; Max-Age=-1678607418; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=Lax
content-type: text/html; charset=utf-8
x-powered-by: Express
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Sun, 12 Mar 2023 07:50:19 GMT
x-frame-options: DENY
x-transaction-id: 5a480a755b2e9029
x-xss-protection: 0
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://aa.twitter.com https://caps.twitter.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://accounts.google.com/gsi/status https://accounts.google.com/gsi/log https://app.link https://api2.branch.io https://bnc.lt wss://*.pscp.tv https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com https://accounts.google.com/ https://client-api.arkoselabs.com/ https://iframe.arkoselabs.com/ https://recaptcha.net/recaptcha/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://maps.googleapis.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://scontent-sea1-1.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://recaptcha.net/recaptcha/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://client-api.arkoselabs.com/ https://www.google-analytics.com https://twitter.com https://app.link https://accounts.google.com/gsi/client https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js 'nonce-MTk1YTRjZjktMjBmNS00ZGEyLTk2NTYtMTI3YmRlNDIzMDVj'; style-src 'self' 'unsafe-inline' https://accounts.google.com/gsi/style https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
strict-transport-security: max-age=631138519
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy: unsafe-none
content-encoding: gzip
x-response-time: 131
x-connection-hash: 095a2aad8a6268d95c1ec0f2546e5263e4b8c6574981261491250ff55658660f
X-Firefox-Spdy: h2
talansbs.com/small-business/is-overfunding-holding-you-back/TalanPopupMenu_scr.js
23.229.220.229404 Not Found 18 kB URL HTTP/1.1 talansbs.com/small-business/is-overfunding-holding-you-back/TalanPopupMenu_scr.js
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (354), with CRLF, LF line terminators
Hash bcbda77fb027a5e33d11a45264ccfc2a
3bfa628f252589fe4a7d96c1bb41073444c2f2f7
8ad05ec1afb07e226b01828a4151c88ff6c4a61015fe7390139dc958f26803c1
Analyzer Verdict Alert fortinet Malware
GET /small-business/is-overfunding-holding-you-back/TalanPopupMenu_scr.js HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 404 Not Found
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
X-Pingback: http://talansbs.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
talansbs.com/wp-content/themes/talanThemever3/images/Sheet-c.png
23.229.220.229200 OK 259 B URL HTTP/1.1 talansbs.com/wp-content/themes/talanThemever3/images/Sheet-c.png
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d31258d43c7b9b75b2656ddd0c749e1
f79ff53989885634e2dd816d349a24b448ea87d2
acbabf534ccdbdf8e562dc59fcb672083e4a02b960e0bdd3218d865455e83987
GET /wp-content/themes/talanThemever3/images/Sheet-c.png HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/wp-content/themes/talanThemever3/style.css
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:53 GMT
ETag: "730848b-103-5ce4314f0a840"
Accept-Ranges: bytes
Content-Length: 259
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
twitter.com/javascripts/blogger.js
104.244.42.129301 Moved Permanently 0 B URL HTTP/1.1 twitter.com/javascripts/blogger.js
IP 104.244.42.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /javascripts/blogger.js HTTP/1.1
Host: twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 301 Moved Permanently
perf: 7626143928
location: https://twitter.com/javascripts/blogger.js
cache-control: no-cache, no-store, max-age=0
content-length: 0
x-transaction-id: 6f4a9084bc7f3880
x-response-time: 106
x-connection-hash: b21faeec40355639344187a8adb5db42b8263a94a923def8c9ee03afc6b0e85f
date: Sun, 12 Mar 2023 07:50:19 GMT
server: tsa_o
talansbs.com/wp-content/themes/talanThemever3/images/MenuItem.png
23.229.220.229200 OK 1.3 kB URL HTTP/1.1 talansbs.com/wp-content/themes/talanThemever3/images/MenuItem.png
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 400 x 111, 8-bit/color RGBA, non-interlaced\012- data
Hash 166ac9fc7b2d6fc43670c7e23515b07d
a1da7a4bdf0284398c31dece95483f6382544bfe
f5fdb32924af68a50bae4cccaf5268b5cfe5b4bc188d2b6c3cc7644509a63e71
GET /wp-content/themes/talanThemever3/images/MenuItem.png HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/wp-content/themes/talanThemever3/style.css
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:52 GMT
ETag: "7308453-50f-5ce4314e16600"
Accept-Ranges: bytes
Content-Length: 1295
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
talansbs.com/wp-content/themes/talanThemever3/images/spacer.gif
23.229.220.229200 OK 43 B URL HTTP/1.1 talansbs.com/wp-content/themes/talanThemever3/images/spacer.gif
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /wp-content/themes/talanThemever3/images/spacer.gif HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/wp-content/themes/talanThemever3/style.css
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:53 GMT
ETag: "73084b4-2b-5ce4314f0a840"
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/gif
talansbs.com/wp-content/themes/talanThemever3/images/subitem-bg.png
23.229.220.229200 OK 138 B URL HTTP/1.1 talansbs.com/wp-content/themes/talanThemever3/images/subitem-bg.png
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 1 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 1aef5ad7ec77499f495ddf5beaef6604
b6b49611ab03f65fba0e0a7693b3da553791bb53
f233bb6c5f9651c83cf57507f6055b967e0752abceb14ae4bde737269eb0a30e
GET /wp-content/themes/talanThemever3/images/subitem-bg.png HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/wp-content/themes/talanThemever3/style.css
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:20 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:53 GMT
ETag: "73084b9-8a-5ce4314f0a840"
Accept-Ranges: bytes
Content-Length: 138
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
twitter.com/statuses/user_timeline/talansbs.json?callback=twitterCallback2&count=4
104.244.42.129301 Moved Permanently 0 B URL HTTP/1.1 twitter.com/statuses/user_timeline/talansbs.json?callback=twitterCallback2&count=4
IP 104.244.42.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /statuses/user_timeline/talansbs.json?callback=twitterCallback2&count=4 HTTP/1.1
Host: twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 301 Moved Permanently
perf: 7626143928
location: https://twitter.com/statuses/user_timeline/talansbs.json?callback=twitterCallback2&count=4
cache-control: no-cache, no-store, max-age=0
content-length: 0
x-transaction-id: 2d613fbe003a88bb
x-response-time: 106
x-connection-hash: 10f41e8f053f88c2f5ddc5cc9fde74b954354d30c62e5fbd06d608046acad385
date: Sun, 12 Mar 2023 07:50:20 GMT
server: tsa_o
twitter.com/javascripts/blogger.js
104.244.42.129200 OK 475 B URL HTTP/2 twitter.com/javascripts/blogger.js
IP 104.244.42.129:0
Hash 5b1fd2326108183eb3457dc1c30ce007
23745df7c041c301b8036df9e40ce7a68e1be5de
4f421dd9a927547b60a3fbcfbce1b32a7163a85bce87492d217268f09fb86f0e
GET /javascripts/blogger.js HTTP/1.1
Host: twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://talansbs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 12 Mar 2023 07:50:20 GMT
perf: 7626143928
expiry: Tue, 31 Mar 1981 05:00:00 GMT
pragma: no-cache
server: tsa_o
set-cookie: guest_id=v1%3A167860742006846067; Max-Age=34214400; Expires=Thu, 11 Apr 2024 07:50:20 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
ct0=; Max-Age=-1678607419; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=Lax
content-type: text/html; charset=utf-8
x-powered-by: Express
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Sun, 12 Mar 2023 07:50:20 GMT
x-frame-options: DENY
x-transaction-id: fcef846c3f11aac9
x-xss-protection: 0
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://aa.twitter.com https://caps.twitter.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://accounts.google.com/gsi/status https://accounts.google.com/gsi/log https://app.link https://api2.branch.io https://bnc.lt wss://*.pscp.tv https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com https://accounts.google.com/ https://client-api.arkoselabs.com/ https://iframe.arkoselabs.com/ https://recaptcha.net/recaptcha/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://maps.googleapis.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://scontent-sea1-1.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://recaptcha.net/recaptcha/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://client-api.arkoselabs.com/ https://www.google-analytics.com https://twitter.com https://app.link https://accounts.google.com/gsi/client https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js 'nonce-OGQ1YTc0YjAtMTY4Ny00ODFkLWFkOTEtZWRmNDBmN2ZkYTA3'; style-src 'self' 'unsafe-inline' https://accounts.google.com/gsi/style https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
strict-transport-security: max-age=631138519
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy: unsafe-none
content-encoding: gzip
x-response-time: 132
x-connection-hash: 095a2aad8a6268d95c1ec0f2546e5263e4b8c6574981261491250ff55658660f
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash b61032468a516115ba65d181952db420
40fe36b5cccce0cc31b7a61f57a58ac00e702e9c
9bda57d5c579bf6d973cbbffbd05714f7b5d0338c334a5f356f43ba2d4a2ab27
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6086
Cache-Control: max-age=119785
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 07:50:20 GMT
Etag: "640c9d5f-1d7"
Expires: Mon, 13 Mar 2023 17:06:45 GMT
Last-Modified: Sat, 11 Mar 2023 15:25:19 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
s.gravatar.com/dist/css/hovercard.min.css?ver=2023Maraa
192.0.73.2200 OK 1.9 kB URL HTTP/1.1 s.gravatar.com/dist/css/hovercard.min.css?ver=2023Maraa
IP 192.0.73.2:0
File type ASCII text, with very long lines (8069)
Hash 61f9d983eb62bb05ec7a53e0cde1a645
865dac6893de02651a007239581da6e23beb9a88
3d261c73111b3ec277d6d40b15978839ebef180639f76ed698332798b16bbeb3
GET /dist/css/hovercard.min.css?ver=2023Maraa HTTP/1.1
Host: s.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 07:50:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 03 Jan 2023 09:10:35 GMT
ETag: W/"63b3f10b-1f86"
Content-Encoding: gzip
Expires: Sun, 19 Mar 2023 07:50:20 GMT
Cache-Control: max-age=604800
www.facebook.com/plugins/like.php?href=http%3A%2F%2Ftalansbs.com%2Fsmall-business%2Fis-overfunding-holding-you-back%2F&layout=box_count&show_faces=false&action=like&font=verdana&colorscheme=light
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http%3A%2F%2Ftalansbs.com%2Fsmall-business%2Fis-overfunding-holding-you-back%2F&layout=box_count&show_faces=false&action=like&font=verdana&colorscheme=light
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http%3A%2F%2Ftalansbs.com%2Fsmall-business%2Fis-overfunding-holding-you-back%2F&layout=box_count&show_faces=false&action=like&font=verdana&colorscheme=light HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://talansbs.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: 9I9xg1c//C+/zEdDbxqzN34KFg8e9W6bR+fmlqIGo0EYNeRxrLMjA6ZLEeCTzDlkoSnwYS1wTQnjZ/KTZTTDWg==
content-length: 0
date: Sun, 12 Mar 2023 07:50:20 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
s.gravatar.com/dist/css/services.min.css?ver=2023Maraa
192.0.73.2200 OK 643 B URL HTTP/1.1 s.gravatar.com/dist/css/services.min.css?ver=2023Maraa
IP 192.0.73.2:0
File type ASCII text, with very long lines (3236)
Hash e3d8ce6d4c0bfed4cbf303bf7a75f0ba
5262fb96cec66c94d099270658ddc908c698917f
792f46a05d6065063fc5d88d603dbe5b94a17826822a074db8b86ffd65d13c51
GET /dist/css/services.min.css?ver=2023Maraa HTTP/1.1
Host: s.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 07:50:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 03 Jan 2023 09:10:35 GMT
ETag: W/"63b3f10b-ca5"
Content-Encoding: gzip
Expires: Sun, 19 Mar 2023 07:50:20 GMT
Cache-Control: max-age=604800
static.addtoany.com/menu/page.js?_=1678607420601
188.114.99.234301 Moved Permanently 0 B URL HTTP/1.1 static.addtoany.com/menu/page.js?_=1678607420601
IP 188.114.99.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /menu/page.js?_=1678607420601 HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 12 Mar 2023 07:50:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 12 Mar 2023 08:50:20 GMT
Location: https://static.addtoany.com/menu/page.js?_=1678607420601
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 7a6a721ace37b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pixel.wp.com/g.gif?v=ext&j=1%3A1.7&blog=24341621&post=92&host=talansbs.com&ref=&fcp=1738&rand=0.7663620900458391
192.0.76.3200 OK 50 B URL HTTP/1.1 pixel.wp.com/g.gif?v=ext&j=1%3A1.7&blog=24341621&post=92&host=talansbs.com&ref=&fcp=1738&rand=0.7663620900458391
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A1.7&blog=24341621&post=92&host=talansbs.com&ref=&fcp=1738&rand=0.7663620900458391 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 07:50:20 GMT
Content-Type: image/gif
Content-Length: 50
Connection: keep-alive
Cache-Control: no-cache
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 388235f946f2078e7ac12de869b0840b
1fb4f99bbad05a24e6cde4f454b24f1a7b3ab030
3f0e28e92730931c9c0fcd9a27d963e7c7564f41b93a7c7e55f2a47d09dea79e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 07:50:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash b61032468a516115ba65d181952db420
40fe36b5cccce0cc31b7a61f57a58ac00e702e9c
9bda57d5c579bf6d973cbbffbd05714f7b5d0338c334a5f356f43ba2d4a2ab27
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6422
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 07:50:20 GMT
Last-Modified: Sun, 12 Mar 2023 06:03:18 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Ftalansbs.com
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Ftalansbs.com
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56166)
Size 105 kB (105435 bytes)
Hash 58f06e7d628e7e207cad8e48c9cc76be
9042f057d52be00c9535ce93b0ce4c03707e0c41
ea6c34f2e7acfea93ba722fe283f2704392dc518c9a0d1eeca0ba03a0b63d789
GET /widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Ftalansbs.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://talansbs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4010825
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 12 Mar 2023 07:50:20 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F709)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105435
apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&origin=http%3A%2F%2Ftalansbs.com&url=http%3A%2F%2Ftalansbs.com%2Fsmall-business%2Fis-overfunding-holding-you-back%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.Oupypiulh58.O%2Fd%3D1%2Frs%3DAHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw%2Fm%3D__features__
172.217.21.174301 Moved Permanently 226 B URL HTTP/2 apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&origin=http%3A%2F%2Ftalansbs.com&url=http%3A%2F%2Ftalansbs.com%2Fsmall-business%2Fis-overfunding-holding-you-back%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.Oupypiulh58.O%2Fd%3D1%2Frs%3DAHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw%2Fm%3D__features__
IP 172.217.21.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 4df07581948280a6e769a24c5d99d775
843a2c95362347eb8894a6acb607f139be65ded4
3561b93a48d81fac116ccd6e60163bd382abb1d594c81240f5718feb1f197f73
GET /u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&origin=http%3A%2F%2Ftalansbs.com&url=http%3A%2F%2Ftalansbs.com%2Fsmall-business%2Fis-overfunding-holding-you-back%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.Oupypiulh58.O%2Fd%3D1%2Frs%3DAHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw%2Fm%3D__features__ HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://talansbs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: http://developers.google.com/
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 12 Mar 2023 07:50:20 GMT
expires: Sun, 12 Mar 2023 08:20:20 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 388235f946f2078e7ac12de869b0840b
1fb4f99bbad05a24e6cde4f454b24f1a7b3ab030
3f0e28e92730931c9c0fcd9a27d963e7c7564f41b93a7c7e55f2a47d09dea79e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 07:50:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
talansbs.com/wp-content/themes/talanThemever3/images/PostBullets.png
23.229.220.229200 OK 216 B URL HTTP/1.1 talansbs.com/wp-content/themes/talanThemever3/images/PostBullets.png
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 7 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash 730632458dfe56963eeb62f543842dbd
4822792496fe9ffb9cbb3bfa69f78f6302f8880f
a1b9e567fe8ce5843400f7a2d966d2aee7a5934fa0e43c9e3f84fd9b9fc77ba4
GET /wp-content/themes/talanThemever3/images/PostBullets.png HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/wp-content/themes/talanThemever3/style.css
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:20 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:52 GMT
ETag: "730846b-d8-5ce4314e16600"
Accept-Ranges: bytes
Content-Length: 216
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
talansbs.com/wp-content/themes/talanThemever3/images/Block-v.png
23.229.220.229200 OK 1.3 kB URL HTTP/1.1 talansbs.com/wp-content/themes/talanThemever3/images/Block-v.png
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 14 x 3000, 8-bit/color RGBA, non-interlaced\012- data
Hash 93244ac8aacca0d54cd329a5e794d44d
9adaeba5e8d9f1085cd1cf146f849671d7686eaa
eb514eb7937e27a019e32d9e335cf57ab786439b5a5382c7e6dd6f45b739db6d
GET /wp-content/themes/talanThemever3/images/Block-v.png HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/wp-content/themes/talanThemever3/style.css
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:20 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:52 GMT
ETag: "7308439-534-5ce4314e16600"
Accept-Ranges: bytes
Content-Length: 1332
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&origin=http%3A%2F%2Ftalansbs.com&url=http%3A%2F%2Ftalansbs.com%2Fsmall-business%2Fis-overfunding-holding-you-back%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.Oupypiulh58.O%2Fd%3D1%2Frs%3DAHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw%2Fm%3D__features__
172.217.21.174301 Moved Permanently 226 B URL HTTP/2 apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&origin=http%3A%2F%2Ftalansbs.com&url=http%3A%2F%2Ftalansbs.com%2Fsmall-business%2Fis-overfunding-holding-you-back%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.Oupypiulh58.O%2Fd%3D1%2Frs%3DAHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw%2Fm%3D__features__
IP 172.217.21.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 4df07581948280a6e769a24c5d99d775
843a2c95362347eb8894a6acb607f139be65ded4
3561b93a48d81fac116ccd6e60163bd382abb1d594c81240f5718feb1f197f73
GET /u/0/se/0/_/+1/fastbutton?usegapi=1&origin=http%3A%2F%2Ftalansbs.com&url=http%3A%2F%2Ftalansbs.com%2Fsmall-business%2Fis-overfunding-holding-you-back%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.Oupypiulh58.O%2Fd%3D1%2Frs%3DAHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw%2Fm%3D__features__ HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://talansbs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: http://developers.google.com/
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 12 Mar 2023 07:50:20 GMT
expires: Sun, 12 Mar 2023 08:20:20 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash ec6311aff40cad7ab34f00d36611b030
cf544610c8266b570673ea252aafe9339f145707
155dc155e18b34ee37d7c61224e421db376a38ac40e6fbf6c2939d8747a01c9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 07:50:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.addtoany.com/menu/modules/core.26680508.js
188.114.99.234301 Moved Permanently 0 B URL HTTP/1.1 static.addtoany.com/menu/modules/core.26680508.js
IP 188.114.99.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /menu/modules/core.26680508.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://talansbs.com
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 12 Mar 2023 07:50:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 12 Mar 2023 08:50:20 GMT
Location: https://static.addtoany.com/menu/modules/core.26680508.js
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 7a6a721bce2ab4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f1cb274086a7fc07be41dfeb65ec1dbf
c6339993814eda4b9629ef179222b060d1f5143b
b3fbd505775ab4d16c1a8b22e367b9d3b2698bd920d0c4578659b6c63e3d3f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3FBD505775AB4D16C1A8B22E367B9D3B2698BD920D0C4578659B6C63E3D3F6F"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19011
Expires: Sun, 12 Mar 2023 13:07:11 GMT
Date: Sun, 12 Mar 2023 07:50:20 GMT
Connection: keep-alive
static.addtoany.com/menu/eso.26680508.js
188.114.99.234301 Moved Permanently 0 B URL HTTP/1.1 static.addtoany.com/menu/eso.26680508.js
IP 188.114.99.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /menu/eso.26680508.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 12 Mar 2023 07:50:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 12 Mar 2023 08:50:20 GMT
Location: https://static.addtoany.com/menu/eso.26680508.js
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 7a6a721bef6eb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.33.119.27200 OK 895 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 52aa6840cc40aa18ab237cdf29f0d157
45f4df2fecce54f0be66491a33a514e8fc1c183f
bdd4d6a667ef18d5e1d69fd09bb037864e72a9f09940cf282ef415721ee1f6ce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3FBD505775AB4D16C1A8B22E367B9D3B2698BD920D0C4578659B6C63E3D3F6F"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19011
Expires: Sun, 12 Mar 2023 13:07:11 GMT
Date: Sun, 12 Mar 2023 07:50:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e665056-b1ff-4dc7-b901-397a9f3f3389.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e665056-b1ff-4dc7-b901-397a9f3f3389.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 84547d233db9291b8e2fb5eee1b92683
bb18380c07584b011b8d642d4e4401e0aeb4fae6
aba1c323ca556072319069c496a51e77cb4e85927947ed336e509326fcd961cd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e665056-b1ff-4dc7-b901-397a9f3f3389.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6948
x-amzn-requestid: 79dd07a8-a13e-42bd-b26a-7a58a26fc119
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BjaHhGYDoAMFVAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640ad6fc-3fc73b5f476846b768e1e36e;Sampled=0
x-amzn-remapped-date: Fri, 10 Mar 2023 07:06:36 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: cqY0B-eOWKDCa4rqMdYKRsGd4OfMfsogHw3-KW7l_A4rioSXWWQEcg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 07:30:41 GMT
age: 1179
etag: "bb18380c07584b011b8d642d4e4401e0aeb4fae6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bb5622b-64bb-44a9-ae57-cd90f8333c17.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bb5622b-64bb-44a9-ae57-cd90f8333c17.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 215253944e7c16879f238738b0fbf474
4846fb7dd877767c913aa2f1a02df39dc7a53da0
e1cfdf434170527599c62e41e745d05c4a1a3359bf59ff7ea6b7ac4630fa0b44
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bb5622b-64bb-44a9-ae57-cd90f8333c17.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6782
x-amzn-requestid: f174b4ff-b25f-4280-8ade-b081e71a7269
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BotvIHO9oAMF1xA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf660-3b09471827484d894f9e73cf;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:45:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 3pMyJXUylIzHV8bEu8hF32hd7jEiRZ5f5NO2Ua6EnJdz36PTpjoNUA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 3bb2b699cd244bf37141ea08a6a61732.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:54:11 GMT
age: 35769
etag: "4846fb7dd877767c913aa2f1a02df39dc7a53da0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26033b42139d27c847cf9881a17e0332
b196fbef36c2a5242abfc5d7115f1efd39499453
028dd1c86eaab6b991ad3dcb7fda21cdcfe8f9b22155c6bcb9363fbe379096ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4512
x-amzn-requestid: e9ba0dc3-3e1a-4ff5-8d0d-57386ced2fb1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BotIeGZ-IAMFmBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf569-1a45fa73148fb01f3822ee29;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:40:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 5dasHBaMZCENF6r8miupz4Jzeqy_tuotsvkcSRgs6AtsrWexauN6SQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:42:45 GMT
age: 36455
etag: "b196fbef36c2a5242abfc5d7115f1efd39499453"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f1cb274086a7fc07be41dfeb65ec1dbf
c6339993814eda4b9629ef179222b060d1f5143b
b3fbd505775ab4d16c1a8b22e367b9d3b2698bd920d0c4578659b6c63e3d3f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3FBD505775AB4D16C1A8B22E367B9D3B2698BD920D0C4578659B6C63E3D3F6F"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19011
Expires: Sun, 12 Mar 2023 13:07:11 GMT
Date: Sun, 12 Mar 2023 07:50:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd79ce52-61f2-47b0-a88d-03f2fe3aa889.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd79ce52-61f2-47b0-a88d-03f2fe3aa889.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2fd5c28821c8bf2d62d0c4332f06bd71
6e2c08457854437b2b851340277d31439e5ab470
86725a37e80a10c5b0b52a10e498225d97565752ec25303cb159a34386a49523
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd79ce52-61f2-47b0-a88d-03f2fe3aa889.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8845
x-amzn-requestid: b556bc0e-9cf5-4062-9df4-0ccee00cbab2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BoswFH5soAMF2SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf4cd-0ba8e60549c78f9d3b720a20;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:38:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: EFRUOo6vNYBlNXfP-XzizobifYejOdXIuu_bj2owYGiDHDsv1HrMhA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 c5c7edc18be1805f007e0576da02e554.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 22:03:58 GMT
age: 35182
etag: "6e2c08457854437b2b851340277d31439e5ab470"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
talansbs.com/wp-content/themes/talanThemever3/images/MenuSeparator.png
23.229.220.229200 OK 136 B URL HTTP/1.1 talansbs.com/wp-content/themes/talanThemever3/images/MenuSeparator.png
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 1 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash 2d95d800ecc8f5fafe9f0d83eedc9513
f01a5112a22a0be3aa00890371754e1f13519087
3236a12e6ed86853d54e2c3e2e2986982305f0cc6afd5dc570cce84f9c074d5c
GET /wp-content/themes/talanThemever3/images/MenuSeparator.png HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/wp-content/themes/talanThemever3/style.css
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:20 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:52 GMT
ETag: "730845b-88-5ce4314e16600"
Accept-Ranges: bytes
Content-Length: 136
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f1cb274086a7fc07be41dfeb65ec1dbf
c6339993814eda4b9629ef179222b060d1f5143b
b3fbd505775ab4d16c1a8b22e367b9d3b2698bd920d0c4578659b6c63e3d3f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3FBD505775AB4D16C1A8B22E367B9D3B2698BD920D0C4578659B6C63E3D3F6F"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19011
Expires: Sun, 12 Mar 2023 13:07:11 GMT
Date: Sun, 12 Mar 2023 07:50:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f1cb274086a7fc07be41dfeb65ec1dbf
c6339993814eda4b9629ef179222b060d1f5143b
b3fbd505775ab4d16c1a8b22e367b9d3b2698bd920d0c4578659b6c63e3d3f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3FBD505775AB4D16C1A8B22E367B9D3B2698BD920D0C4578659B6C63E3D3F6F"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19011
Expires: Sun, 12 Mar 2023 13:07:11 GMT
Date: Sun, 12 Mar 2023 07:50:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be71491cee9b47dc3ffb23b4fdff25b3
79c7d22c8df6d305f46c5779ccb9f25169d4d111
e785896e5840fb901ddd0118bef3ccad6b59a96d8eef0e8ccd9c95a3c261ba45
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8487
x-amzn-requestid: 92381f1a-0140-47e9-a971-594a7de36c3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BkEcBGizoAMFgOA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640b1ab3-1a54b65a5d7083e62dcb85ab;Sampled=0
x-amzn-remapped-date: Fri, 10 Mar 2023 11:55:31 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Nn4eV-UeuWZ02ANOxzTUSgE4UODtaZxeIjp8UJfU8PgUny2shFaDjQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:42:55 GMT
age: 36445
etag: "79c7d22c8df6d305f46c5779ccb9f25169d4d111"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
talansbs.com/small-business/is-overfunding-holding-you-back/TalanPopupMenu_m1_3.gif
23.229.220.229404 Not Found 8.9 kB URL HTTP/1.1 talansbs.com/small-business/is-overfunding-holding-you-back/TalanPopupMenu_m1_3.gif
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
Hash 5db3b339e4b70fc095dd040fec470128
45c3d004d6516bb2a947c8e606ce8186d02b1a85
9d9820db44c4731c1846b4e05889f658ebadba554fa82e82b712b5063b5af934
GET /small-business/is-overfunding-holding-you-back/TalanPopupMenu_m1_3.gif HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 404 Not Found
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
X-Pingback: http://talansbs.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
talansbs.com/wp-content/themes/talanThemever3/images/BlockContentBullets.png
23.229.220.229200 OK 263 B URL HTTP/1.1 talansbs.com/wp-content/themes/talanThemever3/images/BlockContentBullets.png
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 7 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash 536282cfcad39912e8b967a1a1483159
a5bab000b42a04dec1f713f627c6b8b41859c395
045116ad2c61fa11680ae0c44625cee31f0746e7dcb8cc250da88509b4763317
GET /wp-content/themes/talanThemever3/images/BlockContentBullets.png HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/wp-content/themes/talanThemever3/style.css
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:20 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:52 GMT
ETag: "730843e-107-5ce4314e16600"
Accept-Ranges: bytes
Content-Length: 263
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8980abd4-3861-4dc6-92e7-2c13517ad40e.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8980abd4-3861-4dc6-92e7-2c13517ad40e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60c95e46b874e5404fe3d3cc03e60512
2a5c926ca9264e71c52e7a714389ffba9caa7a71
65bfa154efbb8a169f32c8b8cffd31faaacc6daf7b7e4fb2ac655b68e1a8c4e5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8980abd4-3861-4dc6-92e7-2c13517ad40e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7117
x-amzn-requestid: 42df44a6-6963-4db2-9ab5-534c9883a559
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bosv8ErJIAMFtfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf4cc-20f83d8f7715fff50d8977a3;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:38:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: UkM0v5LR5xQj0uH3b7UE6XuOq_6xo2ah3kNnFZnQEjFJF4oUXjdS8A==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 50faaaa196a6b0875217ef7827f97d7c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:42:45 GMT
etag: "2a5c926ca9264e71c52e7a714389ffba9caa7a71"
content-type: image/jpeg
age: 36455
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 313 B IP 192.229.221.95:0
Hash 2d5274e237fda05629b878e3b486d738
c0a7e224ea706cedffcf2a54e4cec119d3c56a95
684e374a9cc925b1063bb03a05983259651cd5aa4d8da5ba38ceae6076d4fee9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 555
Cache-Control: max-age=161412
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 07:50:20 GMT
Etag: "640d5595-139"
Expires: Tue, 14 Mar 2023 04:40:32 GMT
Last-Modified: Sun, 12 Mar 2023 04:31:17 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 313
talansbs.com/wp-content/themes/talanThemever3/images/rssIcon.png
23.229.220.229200 OK 1.2 kB URL HTTP/1.1 talansbs.com/wp-content/themes/talanThemever3/images/rssIcon.png
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 19 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 3ba30d0e6792a146e239f38983203d6f
f6ffa47b9fe79fc11788e34b3d8c9bb927d94536
16ce4f8fc6874a33c5dfd02737f38e4c3ff0d07f8f467dde8311a4111fa6880d
GET /wp-content/themes/talanThemever3/images/rssIcon.png HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/wp-content/themes/talanThemever3/style.css
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:20 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 13 Oct 2021 21:59:53 GMT
ETag: "73084ac-497-5ce4314f0a840"
Accept-Ranges: bytes
Content-Length: 1175
Keep-Alive: timeout=5
Content-Type: image/png
developers.google.com/
172.217.21.174301 Moved Permanently 0 B IP 172.217.21.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://talansbs.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://developers.google.com/
X-Cloud-Trace-Context: e1dd1b7842553c64ab3848f7d61eb0fb
Date: Sun, 12 Mar 2023 07:50:20 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
platform.twitter.com/widgets.js
93.184.220.66200 OK 28 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (38752)
Hash 8aa708f5eebf10bd82e942dabf1623a5
326a6d469222302a80ecf29039e7837d8870ee47
fcfdc2930fdd7f4b3c7f0c1308ce2e89fcc5082ae6a0a1e16ecf0f7e417f1368
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 788
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Sun, 12 Mar 2023 07:50:20 GMT
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F708)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 27630
talansbs.disqus.com/embed.js?pname=wordpress&pver=2.66
199.232.196.134301 Moved Permanently 219 B URL HTTP/1.1 talansbs.disqus.com/embed.js?pname=wordpress&pver=2.66
IP 199.232.196.134:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6b22a8f71ae72ac4b781cff49386dfa9
a8e7202517458752851aeb18c9fb770e931fec34
186d5321baf20106cb6361d9ec524b818d876d773a5bd9dd5530ae5889d74be3
GET /embed.js?pname=wordpress&pver=2.66 HTTP/1.1
Host: talansbs.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 219
Server: Varnish
Location: https://talansbs.disqus.com/embed.js?pname=wordpress&pver=2.66
Content-Type: text/html
Cache-Control: public, max-age=31536000
Date: Sun, 12 Mar 2023 07:50:20 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
www.adobe.com/images/shared/download_buttons/get_flash_player.gif
2.21.240.102301 Moved Permanently 281 B URL HTTP/1.1 www.adobe.com/images/shared/download_buttons/get_flash_player.gif
IP 2.21.240.102:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 935917737ba4aee463df9c8417cad370
505ce924c13ca656309dad316a758ed2a06b4edb
1aac65ec116c162a9dee07b95cd17e710862cf246a021b501987ce6bbba3db59
GET /images/shared/download_buttons/get_flash_player.gif HTTP/1.1
Host: www.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
Content-Length: 281
Server: Apache
Location: https://www.adobe.com/images/shared/download_buttons/get_flash_player.gif
Cache-Control: max-age=759
Expires: Sun, 12 Mar 2023 08:02:59 GMT
Date: Sun, 12 Mar 2023 07:50:20 GMT
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=12, ak_p; desc="466279_34992226_76841738_247_3501_7_-";dur=1
Set-Cookie: ak_bmsc=D59A2549E8982CA51ECB650D97B44E0A~000000000000000000000000000000~YAAQYvAVAq+wecmGAQAAwI3M1BPTZR4Ff3EmD2yiD1TuJGyQNjszLruRQCJ3wN+fqVGZiOaN61LBKDzqO4FU7CAgjdSIoaakIoBYc2DMAWyzcSyDK9IjDu5Wr3ydPD+GQOAY+EBAtSoz+Be3H3AaLfpgqD5JA09PPNPnjU5h86QrEJFu59wE2U3VB5spkxgRefAlWbBs+oFp3UBE54OSPUKf3j6C7N1Wjcd5N69Kp1utWQvmW3hfhfI+HJtSYCUOPQxmEDj3fmI3erYd1D5zXZNTUSHGFBBVUxz3ldRsuPT6vdcFVMcuGXi0ugjYXD6dOvzxXg==; Domain=.adobe.com; Path=/; Expires=Sun, 12 Mar 2023 09:50:20 GMT; Max-Age=7200; HttpOnly
www.google-analytics.com/ga.js
142.250.74.78200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Sun, 12 Mar 2023 06:13:07 GMT
Expires: Sun, 12 Mar 2023 08:13:07 GMT
Cache-Control: public, max-age=7200
Age: 5833
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
connect.facebook.net/en_US/sdk.js
31.13.72.12301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/en_US/sdk.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Sun, 12 Mar 2023 07:50:20 GMT
Connection: keep-alive
Content-Length: 0
www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=335266199&utmhn=talansbs.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Is%20Overfunding%20Holding%20You%20Back%20%7C%20Talan%20SBS&utmhid=593862405&utmr=-&utmp=%2Fsmall-business%2Fis-overfunding-holding-you-back%2F&utmht=1678607422126&utmac=UA-23803495-1&utmcc=__utma%3D69761045.2041725107.1678607296.1678607296.1678607296.1%3B%2B__utmz%3D69761045.1678607296.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.78200 OK 35 B URL HTTP/1.1 www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=335266199&utmhn=talansbs.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Is%20Overfunding%20Holding%20You%20Back%20%7C%20Talan%20SBS&utmhid=593862405&utmr=-&utmp=%2Fsmall-business%2Fis-overfunding-holding-you-back%2F&utmht=1678607422126&utmac=UA-23803495-1&utmcc=__utma%3D69761045.2041725107.1678607296.1678607296.1678607296.1%3B%2B__utmz%3D69761045.1678607296.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.78:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /__utm.gif?utmwv=5.7.2&utms=2&utmn=335266199&utmhn=talansbs.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Is%20Overfunding%20Holding%20You%20Back%20%7C%20Talan%20SBS&utmhid=593862405&utmr=-&utmp=%2Fsmall-business%2Fis-overfunding-holding-you-back%2F&utmht=1678607422126&utmac=UA-23803495-1&utmcc=__utma%3D69761045.2041725107.1678607296.1678607296.1678607296.1%3B%2B__utmz%3D69761045.1678607296.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Sun, 12 Mar 2023 02:36:32 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 18828
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
cdn.viglink.com/api/vglnk.js
18.155.145.83200 OK 58 kB URL HTTP/1.1 cdn.viglink.com/api/vglnk.js
IP 18.155.145.83:0
Hash b0af770523a24e3908c6e3821646a5a3
bc4891a0504a9165193c0162638e5a5a1fa4719b
85e6048d7dbfa4df68a2bf6965f8f58da5575e439fe6a8a1ded667a429037c31
GET /api/vglnk.js HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 28829
Connection: keep-alive
Last-Modified: Tue, 07 Feb 2023 13:36:11 GMT
x-amz-server-side-encryption: AES256
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 07 Mar 2023 13:37:03 GMT
Cache-Control: public, max-age=604800
ETag: "18a10f22bd971df457201f5dcd81eef1"
X-Cache: Hit from cloudfront
Via: 1.1 71b26382155ee54bc1b92cacc095ce82.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-P1
X-Amz-Cf-Id: Z_SlYNX9M6dZCFGZlP4Pk6ZDHihdb0lX4jUyv0q1NdKs15bfhuMmVg==
Age: 411197
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash c933394484e67836e54c5daed83710a6
8c750a6c00d8bc6536b0fd21eb3b2df7c1f024ab
e2fdd3ce2ce0d896a75e8cd4a702bcb40aafbd325f2e255a44af626322f9a577
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://talansbs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 34b14cdd0625e67c346e5a77d7bcbf16
etag: "a0345c7e9dffab901926ec965175fa23"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 12 Mar 2023 08:05:49 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: yTM5RITmeDblTF2u2DcQpg==
x-fb-debug: vp9agp2OywKXSFxXM9pP6/sSxwgGp6IQwyTNivQgV1hpvL/7UfibfHS3qrnUy+9YlpjM6Vvo+VnQ2owte/zNdA==
content-length: 1686
x-fb-trip-id: 1904183273
date: Sun, 12 Mar 2023 07:50:20 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.adobe.com/images/shared/download_buttons/get_flash_player.gif
2.21.240.102200 OK 1.7 kB URL HTTP/2 www.adobe.com/images/shared/download_buttons/get_flash_player.gif
IP 2.21.240.102:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 112 x 33\012- data
Hash feb21ee4b711858c4e3485f844cc9772
1678ec04014ec245f6daf72589f24bc55c42cbe1
b26af9f56cff4a8ea0a3c06eaa442962ac51317bec73931122df1d9c95f6388b
GET /images/shared/download_buttons/get_flash_player.gif HTTP/1.1
Host: www.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://talansbs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 29 Nov 2016 07:30:56 GMT
content-type: image/gif
content-length: 1720
server: Apache
strict-transport-security: max-age=86400
accept-ranges: bytes
x-adobe-loc: ew1
x-adobe-source: 128.101
x-content-type-options: nosniff
cache-control: max-age=661
expires: Sun, 12 Mar 2023 08:01:21 GMT
date: Sun, 12 Mar 2023 07:50:20 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466279_34992226_76841770_25_4015_14_0";dur=1
X-Firefox-Spdy: h2
syndication.twitter.com/settings?session_id=ff54b689e7a52b7c7cbb502442311ad353813e81
104.244.42.72200 OK 284 B URL HTTP/2 syndication.twitter.com/settings?session_id=ff54b689e7a52b7c7cbb502442311ad353813e81
IP 104.244.42.72:0
File type JSON data\012- , ASCII text, with very long lines (663), with no line terminators
Hash 8792f18dcb406af2be326e0dd816eed7
d1ad89d9036b3985071b394706514862f7c687ce
19640da1d34fa31a031d58d27be6408f6703dddc3c4495f72d55a60f518b7cba
GET /settings?session_id=ff54b689e7a52b7c7cbb502442311ad353813e81 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 12 Mar 2023 07:50:20 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Sun, 12 Mar 2023 07:50:20 GMT
content-length: 284
content-encoding: gzip
x-transaction-id: aa4fd57a406f15a5
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 112
x-connection-hash: 8d4378a26baecc5503e0a4b57644d6cfb094fc859ee1b20c6a7de2989fcef505
X-Firefox-Spdy: h2
1.gravatar.com/avatar/56e22888e73df23b32b2d3799852af0e?s=60&d=http%3A%2F%2F1.gravatar.com%2Favatar%2Fad516503a11cd5ca435acc9bb6523536%3Fs%3D60&r=G
192.0.73.2302 Found 0 B URL HTTP/1.1 1.gravatar.com/avatar/56e22888e73df23b32b2d3799852af0e?s=60&d=http%3A%2F%2F1.gravatar.com%2Favatar%2Fad516503a11cd5ca435acc9bb6523536%3Fs%3D60&r=G
IP 192.0.73.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /avatar/56e22888e73df23b32b2d3799852af0e?s=60&d=http%3A%2F%2F1.gravatar.com%2Favatar%2Fad516503a11cd5ca435acc9bb6523536%3Fs%3D60&r=G HTTP/1.1
Host: 1.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 12 Mar 2023 07:50:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Last-Modified: Wed, 11 Jan 1984 08:00:00 GMT
Link: <https://www.gravatar.com/avatar/56e22888e73df23b32b2d3799852af0e?s=60&d=http%3A%2F%2F1.gravatar.com%2Favatar%2Fad516503a11cd5ca435acc9bb6523536%3Fs%3D60&r=G>; rel="canonical"
Location: http://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=60
Expires: Sun, 12 Mar 2023 07:55:20 GMT
Cache-Control: max-age=300
X-nc: MISS arn 2
talansbs.com/wp-content/uploads/2011/03/favicon.ico
23.229.220.229200 OK 1.2 kB URL HTTP/1.1 talansbs.com/wp-content/uploads/2011/03/favicon.ico
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash fc4ae376bcc0378c8cbbe4af96e283ab
ea349ef73ae3158980ac6dc33c0f5615be70c21c
9a68aa421187be85c2400ceb3341bbefc802fb17275605731163a3265c58b4b3
GET /wp-content/uploads/2011/03/favicon.ico HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:20 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:57 GMT
ETag: "730851e-47e-5ce43152db140"
Accept-Ranges: bytes
Content-Length: 1150
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/x-icon
1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=60
192.0.73.2200 OK 932 B URL HTTP/1.1 1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=60
IP 192.0.73.2:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 2db00bcc96a2b9291915bd94684d7d8b
b795d7a56a2d412b990d21ef45285d9ab58f425c
7ae66d7754b648f2c19263ca51f03a5cf10e37f8b98ef44bcce7c06bcb212c5b
GET /avatar/ad516503a11cd5ca435acc9bb6523536?s=60 HTTP/1.1
Host: 1.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://talansbs.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 07:50:21 GMT
Content-Type: image/png
Content-Length: 932
Connection: keep-alive
Last-Modified: Sat, 01 Mar 2008 02:44:06 GMT
Link: <https://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=60>; rel="canonical"
Content-Disposition: inline; filename="ad516503a11cd5ca435acc9bb6523536.png"
Access-Control-Allow-Origin: *
Expires: Sun, 12 Mar 2023 07:55:21 GMT
Cache-Control: max-age=300
X-nc: HIT arn 2
Accept-Ranges: bytes
talansbs.disqus.com/embed.js?pname=wordpress&pver=2.66
199.232.196.134200 OK 26 kB URL HTTP/1.1 talansbs.disqus.com/embed.js?pname=wordpress&pver=2.66
IP 199.232.196.134:0
File type ASCII text, with very long lines (32006)
Hash 422c97d78598a0a3b21f3334b906484f
f40619766162b9611391f13acc73c154517d63c3
4c651006a219d21eebb37fbc613c0e9931e8769dcd5139a5a6203b6bc0c63a14
GET /embed.js?pname=wordpress&pver=2.66 HTTP/1.1
Host: talansbs.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://talansbs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 25635
Server: openresty
Content-Type: application/javascript; charset=utf-8
X-Service: router
Content-Encoding: gzip
Date: Sun, 12 Mar 2023 07:50:21 GMT
Age: 0
Vary: Accept-Encoding
Cache-Control: private, max-age=60
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c11248ad196c57fdf878000b4591a416
f86236c890bcceaf313e5021bf8ef6669688ea77
550e8187d0a76ef1d3127e200c20ab609ee72a44bc05c040bf178f4c8ec5eebc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 07:50:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.gstatic.com/accounts/o/611095756-postmessagerelay.js
216.58.207.195200 OK 10 kB URL HTTP/2 ssl.gstatic.com/accounts/o/611095756-postmessagerelay.js
IP 216.58.207.195:0
File type ASCII text, with very long lines (2708)
Hash ef4abe80a6ebec095bcff46a62e56a60
fe9b4dc7d21298af3ca9041efa2d0fb60369e7ce
f173bffef77f251b9bea649b2ac1ce118c9b1daf0fc812bf22cba42a3a7bc293
GET /accounts/o/611095756-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 10487
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 Mar 2023 21:30:05 GMT
expires: Sat, 09 Mar 2024 21:30:05 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 10 Mar 2023 07:10:28 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 123616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
93.184.220.66200 OK 2.6 kB URL HTTP/1.1 platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (7891), with no line terminators
Hash 50af2557985d9ae5ef0bb111a4066237
b164d515f502d950df3ba208cc32bbe74e70d3d2
a3b6dbbc4e57c65eb23f84b312095c86a69ff47fc57fc745f464394158bda9af
GET /js/button.e7f9415a2e000feaab02c86dd5802747.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://talansbs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4010825
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sun, 12 Mar 2023 07:50:21 GMT
Etag: "506673dbdb9085e7201e137e893cc152+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F6FC)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2618
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c11248ad196c57fdf878000b4591a416
f86236c890bcceaf313e5021bf8ef6669688ea77
550e8187d0a76ef1d3127e200c20ab609ee72a44bc05c040bf178f4c8ec5eebc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 07:50:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
93.184.220.66200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32037)
Hash 59524bd7f5584433bb77a21f1431db47
5be6f11aa7a378e597235668f5ec6819e9722c9a
80c4c77841bb8b9c561fb0ed2816c1e32288fda1178130d920b6830f287a9fea
GET /widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://talansbs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4010818
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 12 Mar 2023 07:50:21 GMT
Etag: "28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F6FC)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13592
platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
93.184.220.66200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32037)
Hash 59524bd7f5584433bb77a21f1431db47
5be6f11aa7a378e597235668f5ec6819e9722c9a
80c4c77841bb8b9c561fb0ed2816c1e32288fda1178130d920b6830f287a9fea
GET /widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://talansbs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4010821
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 12 Mar 2023 07:50:21 GMT
Etag: "28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F713)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13592
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Ftalansbs.com%2Fsmall-business%2Fis-overfunding-holding-you-back%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1678607422430%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=ff54b689e7a52b7c7cbb502442311ad353813e81
104.244.42.72200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Ftalansbs.com%2Fsmall-business%2Fis-overfunding-holding-you-back%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1678607422430%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=ff54b689e7a52b7c7cbb502442311ad353813e81
IP 104.244.42.72:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Ftalansbs.com%2Fsmall-business%2Fis-overfunding-holding-you-back%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1678607422430%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=ff54b689e7a52b7c7cbb502442311ad353813e81 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://talansbs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 12 Mar 2023 07:50:21 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Sun, 12 Mar 2023 07:50:21 GMT
content-length: 43
x-transaction-id: 121048a5fdfcb480
strict-transport-security: max-age=631138519
x-response-time: 103
x-connection-hash: 8d4378a26baecc5503e0a4b57644d6cfb094fc859ee1b20c6a7de2989fcef505
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Ftalansbs.com%2Fsmall-business%2Fis-overfunding-holding-you-back%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1678607422431%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=ff54b689e7a52b7c7cbb502442311ad353813e81
104.244.42.72200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Ftalansbs.com%2Fsmall-business%2Fis-overfunding-holding-you-back%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1678607422431%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=ff54b689e7a52b7c7cbb502442311ad353813e81
IP 104.244.42.72:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Ftalansbs.com%2Fsmall-business%2Fis-overfunding-holding-you-back%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1678607422431%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=ff54b689e7a52b7c7cbb502442311ad353813e81 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://talansbs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 12 Mar 2023 07:50:20 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Sun, 12 Mar 2023 07:50:21 GMT
content-length: 43
x-transaction-id: b50d3576fa0c81fe
strict-transport-security: max-age=631138519
x-response-time: 112
x-connection-hash: 8d4378a26baecc5503e0a4b57644d6cfb094fc859ee1b20c6a7de2989fcef505
X-Firefox-Spdy: h2
disqus.com/embed/comments/?base=default&f=talansbs&t_i=92%20http%3A%2F%2Ftalansbs.com%2F%3Fp%3D92&t_u=http%3A%2F%2Ftalansbs.com%2Fsmall-business%2Fis-overfunding-holding-you-back%2F&t_e=Is%20Overfunding%20Holding%20You%20Back&t_d=Is%20Overfunding%20Holding%20You%20Back%20%7C%20Talan%20SBS&t_t=Is%20Overfunding%20Holding%20You%20Back&s_o=default
151.101.128.134200 OK 2.7 kB URL HTTP/1.1 disqus.com/embed/comments/?base=default&f=talansbs&t_i=92%20http%3A%2F%2Ftalansbs.com%2F%3Fp%3D92&t_u=http%3A%2F%2Ftalansbs.com%2Fsmall-business%2Fis-overfunding-holding-you-back%2F&t_e=Is%20Overfunding%20Holding%20You%20Back&t_d=Is%20Overfunding%20Holding%20You%20Back%20%7C%20Talan%20SBS&t_t=Is%20Overfunding%20Holding%20You%20Back&s_o=default
IP 151.101.128.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2840)
Hash 5a0428ac6c287b3fe65a2cafc4ecefed
bd6d26dbee90eb6d5418fc4ec357301cf4e63efa
0867f8a625e2435516a5c10d796e22226107157944fb17cbd0c853257afd3c8f
GET /embed/comments/?base=default&f=talansbs&t_i=92%20http%3A%2F%2Ftalansbs.com%2F%3Fp%3D92&t_u=http%3A%2F%2Ftalansbs.com%2Fsmall-business%2Fis-overfunding-holding-you-back%2F&t_e=Is%20Overfunding%20Holding%20You%20Back&t_d=Is%20Overfunding%20Holding%20You%20Back%20%7C%20Talan%20SBS&t_t=Is%20Overfunding%20Holding%20You%20Back&s_o=default HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://talansbs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2709
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Fri, 04 Nov 2022 15:21:40 GMT
ETag: W/"lounge:view:274977158.88753e381cbdcf9c73a1157636b054b4.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Sun, 12 Mar 2023 07:50:21 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
c.disquscdn.com/next/embed/lounge.load.94f22ba62af084852428f342c37a2a17.js
143.204.55.72200 OK 496 B URL HTTP/2 c.disquscdn.com/next/embed/lounge.load.94f22ba62af084852428f342c37a2a17.js
IP 143.204.55.72:0
File type ASCII text, with very long lines (958), with no line terminators
Hash 7f2d0fca9ed6b9bbbb6bf359f1402360
53e2be5c5dd7399a0650c543f32f2366fed8bd0f
ffdba86ea9261bcdb38983056f2baa71b5b5ad2016b0afa89b8a470d4395eae1
GET /next/embed/lounge.load.94f22ba62af084852428f342c37a2a17.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://disqus.com
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 496
date: Thu, 23 Feb 2023 19:13:47 GMT
server: nginx
last-modified: Thu, 23 Feb 2023 18:52:58 GMT
etag: "63f7b60a-1f0"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 23 Feb 2024 19:13:47 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WSRXb94uxM13y5xXkLWSIjfqaL_gF0lEh3RlIw8-GFWdte-YY1adcA==
age: 1427793
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js
143.204.55.72200 OK 94 kB URL HTTP/2 c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js
IP 143.204.55.72:0
File type ASCII text, with very long lines (32023)
Hash bf4a0b5b88f74f7ef0476bf5f18d26b6
7f5b902779d8379c2790a6d07c49c7c25d30f1d5
05ff45a6562c6c33d76dd0c58498dcf5dba43d6e2240b94b05091d3e47c2d635
GET /next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 94186
date: Wed, 18 Jan 2023 17:45:34 GMT
server: nginx
last-modified: Wed, 18 Jan 2023 17:40:51 GMT
etag: "63c82f23-16fea"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 17:45:34 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: t8UJsZi05cqZj1gP4HqmDeHOPEv73211C3QuHS2QtFctVJ8Zj03c9w==
age: 4543486
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
143.204.55.72200 OK 48 kB URL HTTP/2 c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
IP 143.204.55.72:0
Hash 28e01d1d2b26aa54b62b166a4c6dc33b
3cee663bb2268f309b94358b2cd0c5ea8ad2fd43
f85e3538e3d161dff6fbc0cc681b5f10c211e0d056872e951a32d642797007e3
GET /next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 33270
date: Wed, 15 Feb 2023 19:09:53 GMT
server: nginx
last-modified: Wed, 15 Feb 2023 18:40:44 GMT
etag: "63ed272c-81f6"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 15 Feb 2024 19:09:53 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W2411aoBrUlAoxSm-5ZwzO7flrBTK4inWwhEjLFFOKKtdUttdavKhg==
age: 2119228
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/lounge.bundle.944405f46b741461538725b083516e4d.js
143.204.55.72200 OK 130 kB URL HTTP/2 c.disquscdn.com/next/embed/lounge.bundle.944405f46b741461538725b083516e4d.js
IP 143.204.55.72:0
File type ASCII text, with very long lines (32018)
Size 130 kB (129739 bytes)
Hash 3d77971e869a0324d344d0977bcb5d89
0fccc448477f353e16a77b3c75e544936797156f
5929ac6b285678bfece5402dab180695c9841bc0cc37e079fe4fc2b310498da2
GET /next/embed/lounge.bundle.944405f46b741461538725b083516e4d.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 129739
date: Thu, 23 Feb 2023 19:13:47 GMT
server: nginx
last-modified: Thu, 23 Feb 2023 18:52:58 GMT
etag: "63f7b60a-1facb"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 23 Feb 2024 19:13:47 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XhZdS11a_tbKhbLUOsdvgDKd2y6dcegMlw5jJyJzKuVtiXrsNvRD_g==
age: 1427794
X-Firefox-Spdy: h2
disqus.com/next/config.js
151.101.128.134200 OK 17 kB URL HTTP/1.1 disqus.com/next/config.js
IP 151.101.128.134:0
File type ASCII text, with very long lines (17150), with no line terminators
Hash baf62380b286c2c6a3da2a593a715672
a28b9ff98bfe9c5f471043d8ce254c17b3b548a8
b2c03debf23bfea7a6f71bad2142bd51370fbb38b704842d809b966bec5cec5b
GET /next/config.js HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=talansbs&t_i=92%20http%3A%2F%2Ftalansbs.com%2F%3Fp%3D92&t_u=http%3A%2F%2Ftalansbs.com%2Fsmall-business%2Fis-overfunding-holding-you-back%2F&t_e=Is%20Overfunding%20Holding%20You%20Back&t_d=Is%20Overfunding%20Holding%20You%20Back%20%7C%20Talan%20SBS&t_t=Is%20Overfunding%20Holding%20You%20Back&s_o=default
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17150
Server: nginx
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 12 Mar 2023 07:50:21 GMT
Age: 30
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
143.204.55.72200 OK 13 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
IP 143.204.55.72:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (13079), with no line terminators
Hash 4da5413f5086c5755b46094b813dbfcd
87669f231ce245cdd9b7d80ebf8194e2ae62e7b1
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
GET /next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 13079
date: Sun, 15 Jan 2023 02:16:14 GMT
server: nginx
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
etag: "63c080c9-3317"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Mon, 15 Jan 2024 02:16:14 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: riq9sQ3MrYsAvd6T0wbqhYrz6--Itnj4H5fHK7w3TvZD57Ta0m88ug==
age: 4858448
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3c5612c5131d59819b60bcd3123fbe1e
86f82bfa3a20987ac256d2efd06dc95c0df285e8
00fc14cc05fb85329d10ee97f1c959244f274c67d56a37f4eb8006acd0e867bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 12 Mar 2023 07:50:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
143.204.55.72200 OK 840 B URL HTTP/2 c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
IP 143.204.55.72:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (736)
Hash 727e30eb9b6c1e85cb010b9c8eb04c7e
5b7ed3f88c4d25d1d9e15bbd15af68daf5c573b4
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
GET /next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 840
date: Wed, 25 Jan 2023 03:23:40 GMT
server: nginx
last-modified: Fri, 20 Jan 2023 22:02:55 GMT
etag: "63cb0f8f-348"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 25 Jan 2024 03:23:40 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XkCg5dFHzT6r7A-XAyvowZCpGTcVlZ-cYSJdp9a3JE0cou6kBfyyIQ==
age: 3990402
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
143.204.55.72200 OK 891 B URL HTTP/2 c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
IP 143.204.55.72:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (787)
Hash 8c96be6b50de1c3fab838c5f050e0be5
d0eb4a80710c083c77020cc3b6cd6756cf0bca60
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
GET /next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 891
date: Sat, 28 Jan 2023 10:59:15 GMT
server: nginx
last-modified: Fri, 20 Jan 2023 22:02:55 GMT
etag: "63cb0f8f-37b"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sun, 28 Jan 2024 10:59:15 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4AzOIir9jNtMJaG1p1YHD25LMLHHso5Fqk7wfZ8zmViu1aMN4HXLlQ==
age: 3703867
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
143.204.55.72200 OK 961 B URL HTTP/2 c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
IP 143.204.55.72:0
File type gzip compressed data, max compression\012- data
Hash 8677c9b09627f9098a98a4cd7fb8fe56
09101257f96486317e92461c3e182b70da4d3933
4cdb109eb6a6bfa8b7c6c21a2ebda87a665dd526bdd40f7e8c218de9f2794a0d
GET /next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 605
date: Tue, 17 Jan 2023 07:05:35 GMT
server: nginx
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
etag: "63c080c9-25d"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 17 Jan 2024 07:05:35 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oAnz6aXZfWrUVAPhK6LiZZyf_4Qgy9TnuKDYjiPuPgKtel8psZwfCg==
age: 4668287
X-Firefox-Spdy: h2
stats.wordpress.com/e-202310.js
192.0.78.26200 OK 4.8 kB URL HTTP/2 stats.wordpress.com/e-202310.js
IP 192.0.78.26:0
File type ASCII text, with very long lines (2690)
Hash 52405f2f75df2498540cd9e2b370dcc1
16905b70182560849aedddb132127ac5b5c132b0
ba8931e9328c0829ff1479e24663a2be2f9f4382ce4d42ea2bbe514ba48f4486
GET /e-202310.js HTTP/1.1
Host: stats.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://talansbs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 12 Mar 2023 07:50:19 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
expires: Mon, 11 Mar 2024 07:50:19 GMT
cache-control: max-age=31536000
content-encoding: br
x-ac: 3.arn _dca MISS
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
143.204.55.72200 OK 7.9 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
IP 143.204.55.72:0
File type Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Hash 4cc7a703d2fdfe684151ff8ac24d45f1
046adee74e5ce76db11491906a21c09399391571
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
GET /next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://disqus.com
Connection: keep-alive
Referer: https://c.disquscdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 7900
date: Wed, 18 Jan 2023 06:17:27 GMT
server: nginx
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
etag: "63c080c9-1edc"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 06:17:27 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: P5uVCXCBVcrjz2sDvh8M-oPqIE0ygOY1UW7YoRhO1SQGWcc-q_lMsQ==
age: 4584775
X-Firefox-Spdy: h2
disqus.com/api/3.0/forums/details?forum=talansbs&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
151.101.128.134200 OK 3.0 kB URL HTTP/1.1 disqus.com/api/3.0/forums/details?forum=talansbs&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
IP 151.101.128.134:0
File type JSON data\012- , ASCII text, with very long lines (3038), with no line terminators
Hash 093d8a5bc121ec76d02aa6bc0a95852c
86f5bf6feab597b217b37d5d597a65c349170080
d255958b7cf65da14db5ae5dd1c7d63f7932c669a0f69c6b1d862134b8bd476b
GET /api/3.0/forums/details?forum=talansbs&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=talansbs&t_i=92%20http%3A%2F%2Ftalansbs.com%2F%3Fp%3D92&t_u=http%3A%2F%2Ftalansbs.com%2Fsmall-business%2Fis-overfunding-holding-you-back%2F&t_e=Is%20Overfunding%20Holding%20You%20Back&t_d=Is%20Overfunding%20Holding%20You%20Back%20%7C%20Talan%20SBS&t_t=Is%20Overfunding%20Holding%20You%20Back&s_o=default
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3038
Server: nginx
Content-Type: application/json
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 12 Mar 2023 07:50:22 GMT
Age: 0
Vary: Origin, Cookie
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=352&event=init_embed&thread=274977158&forum=talansbs&forum_id=723630&imp=7vi36jf322srcq&thread_slug=is_overfunding_holding_you_back_talan_sbs&user_type=anon&referrer=http%3A%2F%2Ftalansbs.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false
199.232.196.134200 OK 43 B URL HTTP/1.1 referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=352&event=init_embed&thread=274977158&forum=talansbs&forum_id=723630&imp=7vi36jf322srcq&thread_slug=is_overfunding_holding_you_back_talan_sbs&user_type=anon&referrer=http%3A%2F%2Ftalansbs.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false
IP 199.232.196.134:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /juggler/event.gif?abe=0&embed_hidden=0&load_time=352&event=init_embed&thread=274977158&forum=talansbs&forum_id=723630&imp=7vi36jf322srcq&thread_slug=is_overfunding_holding_you_back_talan_sbs&user_type=anon&referrer=http%3A%2F%2Ftalansbs.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=talansbs&t_i=92%20http%3A%2F%2Ftalansbs.com%2F%3Fp%3D92&t_u=http%3A%2F%2Ftalansbs.com%2Fsmall-business%2Fis-overfunding-holding-you-back%2F&t_e=Is%20Overfunding%20Holding%20You%20Back&t_d=Is%20Overfunding%20Holding%20You%20Back%20%7C%20Talan%20SBS&t_t=Is%20Overfunding%20Holding%20You%20Back&s_o=default
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Server: nginx
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Sun, 12 Mar 2023 07:50:22 GMT
Cross-Origin-Resource-Policy: cross-origin
talansbs.com/small-business/is-overfunding-holding-you-back/?cf_action=sync_comments&post_id=92
23.229.220.229200 OK 37 B URL HTTP/1.1 talansbs.com/small-business/is-overfunding-holding-you-back/?cf_action=sync_comments&post_id=92
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with no line terminators
Hash 4d6e96cca45089cbf8cee6628831eca1
345ec56d8b648374b12f2d36b2b9041b7400e2c9
e89ec2b2cccb346ec4bc303eda6a08c5f23223db2a893b4bb0db2ef31d1b4d18
GET /small-business/is-overfunding-holding-you-back/?cf_action=sync_comments&post_id=92 HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.2.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmc=69761045
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:22 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 37
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
talansbs.com/wp-content/plugins/greybox-integrator/greybox/w_close.gif
23.229.220.229200 OK 74 B URL HTTP/1.1 talansbs.com/wp-content/plugins/greybox-integrator/greybox/w_close.gif
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type GIF image data, version 89a, 11 x 11\012- data
Hash 910dd85634d6c0c6b3bd9a081ca4b09b
9ea94f1d7c68b7317f7c8a4f7881d58bfa1bbdce
7a2730e63aee037949864ea19477701b096c00310ba32e44e22f2124a9c72367
GET /wp-content/plugins/greybox-integrator/greybox/w_close.gif HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.2.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmc=69761045
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:22 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:41 GMT
ETag: "730683e-4a-5ce4314398d40"
Accept-Ranges: bytes
Content-Length: 74
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/gif
talansbs.com/wp-content/plugins/greybox-integrator/greybox/header_bg.gif
23.229.220.229200 OK 1.2 kB URL HTTP/1.1 talansbs.com/wp-content/plugins/greybox-integrator/greybox/header_bg.gif
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type GIF image data, version 89a, 223 x 35\012- data
Hash 11594865f8d093dfae37f12d20f281d6
9ca0a3a12899c3bd4afef823575e2691cc54cc02
6f1835a06585a3cf90a0b7e85f67607fddebb9a4e7f81f534257e61b904e26cf
GET /wp-content/plugins/greybox-integrator/greybox/header_bg.gif HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.2.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmc=69761045
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:22 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:41 GMT
ETag: "7306823-4a4-5ce4314398d40"
Accept-Ranges: bytes
Content-Length: 1188
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/gif
talansbs.com/wp-content/plugins/greybox-integrator/greybox/g_close.gif
23.229.220.229200 OK 541 B URL HTTP/1.1 talansbs.com/wp-content/plugins/greybox-integrator/greybox/g_close.gif
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type GIF image data, version 89a, 25 x 30\012- data
Hash ae7187edec916ea7b4aa2f77dff1b091
016aafa05c05c382cb6f87989bd4d8261141bf2a
3e7f0e56964b201b30b49fb975290614ac8b9ed8ec7b4849b519a33f0c847aa5
GET /wp-content/plugins/greybox-integrator/greybox/g_close.gif HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.2.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmc=69761045
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:22 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:41 GMT
ETag: "7306812-21d-5ce4314398d40"
Accept-Ranges: bytes
Content-Length: 541
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/gif
talansbs.com/wp-content/plugins/greybox-integrator/greybox/indicator.gif
23.229.220.229200 OK 8.2 kB URL HTTP/1.1 talansbs.com/wp-content/plugins/greybox-integrator/greybox/indicator.gif
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
File type GIF image data, version 89a, 100 x 100\012- data
Hash f64b6f735c03431a65c7b211f55f5522
4d9a0c9e8d7aa20d6e6e3ea7881a41503028a7da
325c9abd3a010d95544f93d94a8ae5b9fae2a70affb4bfa260dd161cbf2e295b
GET /wp-content/plugins/greybox-integrator/greybox/indicator.gif HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.2.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmc=69761045
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 07:50:22 GMT
Server: Apache
Last-Modified: Wed, 13 Oct 2021 21:59:41 GMT
ETag: "7306827-202e-5ce4314398d40"
Accept-Ranges: bytes
Content-Length: 8238
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/gif
ocsp.r2m01.amazontrust.com/
143.204.48.16200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 143.204.48.16:0
Hash 595273c27981175204968166c4f34aca
e477e89e6302d11a494aacb93fb6a3bf2871b464
190b16059a538071c5709cb248f578985c0c446c37b9efc5b6849694ffb0c58a
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 12 Mar 2023 07:50:23 GMT
Last-Modified: Sun, 12 Mar 2023 06:24:17 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KLjqosC-99PTfvBRYyai42X0KUurJk3VA2F1nbwpM266ZB8EUQ4N8w==
Age: 5166
api.viglink.com/api/ping
52.16.116.101200 OK 221 B IP 52.16.116.101:0
File type ASCII text, with no line terminators
Hash 7058c0185d835336607fead73f5e93a7
236b1aca28f1a20f2371a862455c30c51299c6a9
dba24f81a0e6a45b8b84a32b6f2f197dec35029b0a2d48e2374af94d88913de9
POST /api/ping HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 171
Origin: http://talansbs.com
Connection: keep-alive
Referer: http://talansbs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://talansbs.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sun, 12 Mar 2023 07:50:23 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 221
Connection: keep-alive
api.viglink.com/api/sync.js?key=034153a8f6f990b64f375d12e1cc4572
52.16.116.101200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.js?key=034153a8f6f990b64f375d12e1cc4572
IP 52.16.116.101:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.js?key=034153a8f6f990b64f375d12e1cc4572 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://talansbs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Sun, 12 Mar 2023 07:50:23 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
api.viglink.com/api/domains
52.16.116.101200 OK 41 B URL HTTP/1.1 api.viglink.com/api/domains
IP 52.16.116.101:0
File type ASCII text, with no line terminators
Hash 6abc88dabb02c003ded1773dbcb42abc
b7eaa1175b6247bf41520dea8bbe1ed810c86095
e9f91bd7e6549a4f899c31cd5525344a7c2c49ad8134e10e5199d69d3fd7bede
POST /api/domains HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 269
Origin: http://talansbs.com
Connection: keep-alive
Referer: http://talansbs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://talansbs.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Date: Sun, 12 Mar 2023 07:50:23 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive
api.viglink.com/api/sync.gif?key=034153a8f6f990b64f375d12e1cc4572
52.16.116.101200 OK 43 B URL HTTP/1.1 api.viglink.com/api/sync.gif?key=034153a8f6f990b64f375d12e1cc4572
IP 52.16.116.101:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=034153a8f6f990b64f375d12e1cc4572 HTTP/1.1
Host: api.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://talansbs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Date: Sun, 12 Mar 2023 07:50:23 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive
www.stumbleupon.com/hostedbadge.php?s=5&r=http://talansbs.com/small-business/is-overfunding-holding-you-back/
76.76.21.9404 Not Found 0 B URL HTTP/2 www.stumbleupon.com/hostedbadge.php?s=5&r=http://talansbs.com/small-business/is-overfunding-holding-you-back/
IP 76.76.21.9:0
GET /hostedbadge.php?s=5&r=http://talansbs.com/small-business/is-overfunding-holding-you-back/ HTTP/1.1
Host: www.stumbleupon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://talansbs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
access-control-allow-origin: *
age: 134543
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="404"
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 12 Mar 2023 07:50:18 GMT
etag: W/"6a18c9a257500d9f5660d7a78d38d8ae"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /404
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::f2rbq-1678607418943-faff782ea69a
X-Firefox-Spdy: h2
twitter.com/statuses/user_timeline/talansbs.json?callback=twitterCallback2&count=4
104.244.42.129200 OK 0 B URL HTTP/2 twitter.com/statuses/user_timeline/talansbs.json?callback=twitterCallback2&count=4
IP 104.244.42.129:0
GET /statuses/user_timeline/talansbs.json?callback=twitterCallback2&count=4 HTTP/1.1
Host: twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://talansbs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 12 Mar 2023 07:50:19 GMT
perf: 7626143928
expiry: Tue, 31 Mar 1981 05:00:00 GMT
pragma: no-cache
server: tsa_o
set-cookie: guest_id=v1%3A167860741921744932; Max-Age=34214400; Expires=Thu, 11 Apr 2024 07:50:19 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
ct0=; Max-Age=-1678607418; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=Lax
content-type: text/html; charset=utf-8
x-powered-by: Express
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Sun, 12 Mar 2023 07:50:19 GMT
x-frame-options: DENY
x-transaction-id: c9637355f66df7f8
x-xss-protection: 0
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://aa.twitter.com https://caps.twitter.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://accounts.google.com/gsi/status https://accounts.google.com/gsi/log https://app.link https://api2.branch.io https://bnc.lt wss://*.pscp.tv https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com https://accounts.google.com/ https://client-api.arkoselabs.com/ https://iframe.arkoselabs.com/ https://recaptcha.net/recaptcha/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://maps.googleapis.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://scontent-sea1-1.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://recaptcha.net/recaptcha/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://client-api.arkoselabs.com/ https://www.google-analytics.com https://twitter.com https://app.link https://accounts.google.com/gsi/client https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js 'nonce-Yzk3NTkyNzUtOTg1ZS00Mjg0LWFkNzgtNTAxMjNkZmRlYzll'; style-src 'self' 'unsafe-inline' https://accounts.google.com/gsi/style https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
strict-transport-security: max-age=631138519
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy: unsafe-none
content-encoding: gzip
x-response-time: 136
x-connection-hash: 095a2aad8a6268d95c1ec0f2546e5263e4b8c6574981261491250ff55658660f
X-Firefox-Spdy: h2
talansbs.com/Additems/twittericon.png
23.229.220.229404 Not Found 0 B URL HTTP/1.1 talansbs.com/Additems/twittericon.png
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
GET /Additems/twittericon.png HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://talansbs.com/
Connection: keep-alive
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 404 Not Found
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
X-Pingback: http://talansbs.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Keep-Alive: timeout=5
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
talansbs.com/small-business/is-overfunding-holding-you-back/TalanPopupMenu_m1_3.gif
23.229.220.229404 Not Found 0 B URL HTTP/1.1 talansbs.com/small-business/is-overfunding-holding-you-back/TalanPopupMenu_m1_3.gif
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
GET /small-business/is-overfunding-holding-you-back/TalanPopupMenu_m1_3.gif HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 404 Not Found
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
X-Pingback: http://talansbs.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
static.addtoany.com/menu/page.js?_=1678607420601
188.114.99.234200 OK 0 B URL HTTP/2 static.addtoany.com/menu/page.js?_=1678607420601
IP 188.114.99.234:0
GET /menu/page.js?_=1678607420601 HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://talansbs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 12 Mar 2023 07:50:20 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-bgj: minify
access-control-allow-origin: *
age: 23627
etag: W/"c04-5f1f2ae2e431b"
last-modified: Wed, 11 Jan 2023 01:11:30 GMT
vary: Accept-Encoding
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7a6a721b2ca2b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.stumbleupon.com/hostedbadge.php?s=5&r=http://talansbs.com/small-business/is-overfunding-holding-you-back/
76.76.21.9308 Permanent Redirect 0 B URL HTTP/1.0 www.stumbleupon.com/hostedbadge.php?s=5&r=http://talansbs.com/small-business/is-overfunding-holding-you-back/
IP 76.76.21.9:0
GET /hostedbadge.php?s=5&r=http://talansbs.com/small-business/is-overfunding-holding-you-back/ HTTP/1.1
Host: www.stumbleupon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/
HTTP/1.0 308 Permanent Redirect
Content-Type: text/plain
Location: https://www.stumbleupon.com/hostedbadge.php?s=5&r=http://talansbs.com/small-business/is-overfunding-holding-you-back/
Refresh: 0;url=https://www.stumbleupon.com/hostedbadge.php?s=5&r=http://talansbs.com/small-business/is-overfunding-holding-you-back/
server: Vercel
talansbs.com/small-business/is-overfunding-holding-you-back/AddItems/flashbannerVer3.swf
23.229.220.229404 Not Found 0 B URL HTTP/1.1 talansbs.com/small-business/is-overfunding-holding-you-back/AddItems/flashbannerVer3.swf
IP 23.229.220.229:0
ASN #398101 GO-DADDY-COM-LLC
Analyzer Verdict Alert fortinet Malware
GET /small-business/is-overfunding-holding-you-back/AddItems/flashbannerVer3.swf HTTP/1.1
Host: talansbs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://talansbs.com/small-business/is-overfunding-holding-you-back/
Cookie: __utma=69761045.2041725107.1678607296.1678607296.1678607296.1; __utmb=69761045.1.10.1678607296; __utmz=69761045.1678607296.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 404 Not Found
Date: Sun, 12 Mar 2023 07:50:19 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
X-Pingback: http://talansbs.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP 104.18.11.207:0
GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://talansbs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 12 Mar 2023 07:50:20 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 24051668
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7a6a721abc27b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
twitter.com/statuses/user_timeline/talansbs.json?callback=twitterCallback2&count=4
104.244.42.129200 OK 0 B URL HTTP/2 twitter.com/statuses/user_timeline/talansbs.json?callback=twitterCallback2&count=4
IP 104.244.42.129:0
GET /statuses/user_timeline/talansbs.json?callback=twitterCallback2&count=4 HTTP/1.1
Host: twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://talansbs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 12 Mar 2023 07:50:20 GMT
perf: 7626143928
expiry: Tue, 31 Mar 1981 05:00:00 GMT
pragma: no-cache
server: tsa_o
set-cookie: guest_id=v1%3A167860742038009175; Max-Age=34214400; Expires=Thu, 11 Apr 2024 07:50:20 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
ct0=; Max-Age=-1678607419; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=Lax
content-type: text/html; charset=utf-8
x-powered-by: Express
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Sun, 12 Mar 2023 07:50:20 GMT
x-frame-options: DENY
x-transaction-id: cdada6cbd9101eba
x-xss-protection: 0
x-content-type-options: nosniff
content-security-policy: connect-src 'self' blob: https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api-stream.twitter.com https://ads-api.twitter.com https://aa.twitter.com https://caps.twitter.com https://pay.twitter.com https://sentry.io https://ton.twitter.com https://twitter.com https://upload.twitter.com https://www.google-analytics.com https://accounts.google.com/gsi/status https://accounts.google.com/gsi/log https://app.link https://api2.branch.io https://bnc.lt wss://*.pscp.tv https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://mobile.twitter.com https://pay.twitter.com https://cards-frame.twitter.com https://accounts.google.com/ https://client-api.arkoselabs.com/ https://iframe.arkoselabs.com/ https://recaptcha.net/recaptcha/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; img-src 'self' blob: data: https://*.cdn.twitter.com https://ton.twitter.com https://*.twimg.com https://analytics.twitter.com https://cm.g.doubleclick.net https://www.google-analytics.com https://maps.googleapis.com https://www.periscope.tv https://www.pscp.tv https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://scontent-sea1-1.xx.fbcdn.net https://*.googleusercontent.com; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://recaptcha.net/recaptcha/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://client-api.arkoselabs.com/ https://www.google-analytics.com https://twitter.com https://app.link https://accounts.google.com/gsi/client https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js 'nonce-ZmIzMzI1ZTctZjljYi00NWE2LWE1NWItMTYzYjUzMDJhODQ1'; style-src 'self' 'unsafe-inline' https://accounts.google.com/gsi/style https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
strict-transport-security: max-age=631138519
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy: unsafe-none
content-encoding: gzip
x-response-time: 140
x-connection-hash: 095a2aad8a6268d95c1ec0f2546e5263e4b8c6574981261491250ff55658660f
X-Firefox-Spdy: h2