Report - w1.mssxhb.com/prod/2418e256-f40b-464b-b6f5-e3cae742abf6/a4b733f1-fd5a-4545-b662-14ddd84e5e13

Report Overview

Submitted URL
w1.mssxhb.com/prod/2418e256-f40b-464b-b6f5-e3cae742abf6/a4b733f1-fd5a-4545-b662-14ddd84e5e13
IP
34.204.222.45
ASN
#14618 AMAZON-AES
Submitted
2022-09-21 10:10:47
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
www.clarity.ms	1404	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	25 kB	13.107.227.53
c.bing.com	247	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	454 B	795 B	204.79.197.200
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	355 B	20 kB	142.250.74.174
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	16 kB	142.250.74.164
leads.go-afs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	842 B	104.17.208.37
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.3 kB	13 kB	142.250.74.3
w1.mssxhb.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	411 B	433 B	3.223.208.36
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.228.207.167
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	62 kB	104.17.24.14
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	717 B	88 kB	142.250.74.72
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	2.1 kB	142.250.74.3
goafs.kartra.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	572 B	432 B	104.17.208.37
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.5 kB	23.36.76.226
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	68 kB	34.120.237.76
static.cloudflareinsights.com	1294	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	445 B	393 B	104.18.47.230
c.clarity.ms	803	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	809 B	1.2 kB	20.234.93.27
b.clarity.ms	3462	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	864 B	20.75.32.255
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	637 B	557 B	216.239.32.36
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	872 B	104.18.10.207
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	1.8 kB	93.184.220.29
go-afs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	5.4 MB	104.19.191.28
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	486 B	46 kB	142.250.74.163
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.4 kB	142.251.1.155
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	772 B	1.5 kB	216.58.211.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-21	medium	w1.mssxhb.com/prod/2418e256-f40b-464b-b6f5-e3cae742abf6/a4b733f1-fd5a-4545-b662-14ddd84e5e13	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194	14 kB	2023-03-07	2024-04-25
Pretty URL static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 IP 104.18.47.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 06:01:23 Times Seen1634 Hash 19514b1be5ee33b45d32c1fcd4c67ec2 bdeab77b43cafcc638df9d7c26f1aa7f46bf1fd5 fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Loading...

	go-afs.com/	497 B	2023-03-07	2023-03-07
Pretty URL go-afs.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:29:36 Last Seen2023-03-07 22:37:24 Times Seen1 Hash a465ee0b99b48096da66200200a031ef 76aba550f1095d04ddd4abbbbf3335e60045e24c faa98730205164d520271966f698c03f4de76f815c203f66fd7a58ccb53570b5 Loading...

	www.googletagmanager.com/gtag/js?id=UA-128791235-2&l=dataLayer&cx=c	109 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=UA-128791235-2&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:29:36 Last Seen2023-03-07 22:29:36 Times Seen1 Hash 9304e6d1d6ad7ae064ca879d64af1866 57ce6e3806bb454a30347fead2c15e03010b9e3e d8ad8f108fed9a5f85fba8d9f1671acca20289dc27f5b07170a9d464f697ab93 Loading...

	go-afs.com/DependencyHandler.axd?s=L3NjcmlwdHMvbmF2aWdhdGlvbk1lbnUuanM7L3NjcmlwdHMvbG9hZEV2ZW50cy5qczsvc2NyaXB0cy9jb250YWN0Rm9ybS5qczsvc2NyaXB0cy9yZXNwb25zaXZlLmpzOw&t=Javascript&cdv=908616580	22 kB	2023-03-07	2023-03-07
Pretty URL go-afs.com/DependencyHandler.axd?s=L3NjcmlwdHMvbmF2aWdhdGlvbk1lbnUuanM7L3NjcmlwdHMvbG9hZEV2ZW50cy5qczsvc2NyaXB0cy9jb250YWN0Rm9ybS5qczsvc2NyaXB0cy9yZXNwb25zaXZlLmpzOw&t=Javascript&cdv=908616580 IP 104.19.191.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:29:36 Last Seen2023-03-07 22:37:24 Times Seen1 Hash b4feacd1b5afdaa8a8b06fec994920a4 f41f0a130e4dbd31215f4a2243bfb2bb3847e1b1 5f399c7dc40af951827bacd97b643aaa834c15e3bf188120eb19d283ed44a4d3 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js	97 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 11:11:35 Times Seen118690 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	www.clarity.ms/tag/9jl1qyl5kp?ref=gtm2	1.8 kB	2023-03-07	2023-03-07
Pretty URL www.clarity.ms/tag/9jl1qyl5kp?ref=gtm2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:29:36 Last Seen2023-03-07 22:29:36 Times Seen1 Hash 2a791714dce3bec17edd916d55988200 4701b6be388997b5c8a398cb67a8534601201f5a a1bb05001c69512f58757280c0ecf30a64a7789e831eca060ffe7782583d7eb2 Loading...

	www.clarity.ms/eus2/s/0.6.40/clarity.js	55 kB	2023-03-07	2023-08-11
Pretty URL www.clarity.ms/eus2/s/0.6.40/clarity.js IP 13.107.227.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:19 Last Seen2023-08-11 03:38:39 Times Seen27 Hash c238c096f4ff077be41b8296711e8641 a50be06611656993022a860865c30f85e8ff7832 bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260 Loading...

	www.google.com/pagead/conversion_async.js	42 kB	2023-03-07	2023-03-17
Pretty URL www.google.com/pagead/conversion_async.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:28:40 Last Seen2023-03-17 12:55:48 Times Seen1 Hash cedb242a337140e0dedb365b50a20508 cf2420a336b9405dfc7d236ec57873fe3ef0f726 5a39699f592d82029c73d15d80e407d51367dd5cf2d49172c9ad4aa8176ce67b Loading...

	cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-25 11:11:36 Times Seen54589 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	go-afs.com/App_Plugins/UmbracoForms/Assets/aspnet-validation/dist/aspnet-validation.min.js	11 kB	2023-03-07	2023-10-25
Pretty URL go-afs.com/App_Plugins/UmbracoForms/Assets/aspnet-validation/dist/aspnet-validation.min.js IP 104.19.191.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:29:36 Last Seen2023-10-25 18:51:45 Times Seen20 Hash 473c4fa8954f1669162026586df60fc3 c49c539aae5165c1f7a31e10372ef35f0b39739b 621f2b69df9da0134162e2d9214228b2eeca2e72c268cdf2abe8e0a9547eb86d Loading...

	go-afs.com/App_Plugins/UmbracoForms/Assets/promise-polyfill/dist/polyfill.min.js	3.2 kB	2023-03-07	2024-01-26
Pretty URL go-afs.com/App_Plugins/UmbracoForms/Assets/promise-polyfill/dist/polyfill.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:29:36 Last Seen2024-01-26 10:39:37 Times Seen23 Hash fee8ce04d8ed22b80dfe66669eb5c26c d00223ca2e22b8b3b8089cfe47a94190dc47c128 df478bf09bd155ec0b9dbb7c2a84a90b204b2723191506485d75e960c192381e Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 11:16:27 Times Seen37061888 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	go-afs.com/	281 B	2023-03-07	2023-03-10
Pretty URL go-afs.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:28 Last Seen2023-03-10 10:20:51 Times Seen1 Hash 2734adbb42dd407606732c98d9db8e3a 0a3c0241e95bcfd3b6563bf26847d958cbf3ef05 000e50cc5fb2c2148758ea7dbf0d415dd2449a1c997411809b86ed457cd1e77a Loading...

	www.googletagmanager.com/gtag/js?id=AW-444627646&l=dataLayer&cx=c	118 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=AW-444627646&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:29:36 Last Seen2023-03-07 22:29:36 Times Seen1 Hash 622f248ce29ca34fb514c345b5634bf8 82a9a60e0dc9c09af7b9970d5c3ad22497d5423f a587ea374210b72b69a19a6d85b160d3f79ea4bc33e2d76aa0f0ca8f59b9981f Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/444627646/?random=1663755038882&cv=9&fst=1663755038882&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9j0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo-afs.com%2F&tiba=AFS%20Agile%20Financial%20Systems%20Home&auid=1633729557.1663755038&hn=www.google.com&async=1&rfmt=3&fmt=4	2.3 kB	2023-03-07	2023-03-07
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/444627646/?random=1663755038882&cv=9&fst=1663755038882&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9j0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo-afs.com%2F&tiba=AFS%20Agile%20Financial%20Systems%20Home&auid=1633729557.1663755038&hn=www.google.com&async=1&rfmt=3&fmt=4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:29:36 Last Seen2023-03-07 22:29:36 Times Seen1 Hash 5ed89d6b9623deea7a88330f3fa6e818 0eb4354bcf2fc1febc68ff1259d7d07bcdc67c5c 086cab9d03c9b8bcadf5258980735aef531d86f4da5ca44a4e266a1392156717 Loading...

	go-afs.com/	226 B	2023-03-07	2023-03-07
Pretty URL go-afs.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:29:36 Last Seen2023-03-07 22:37:24 Times Seen1 Hash 9db90a6d55b84e36d4d76747d4b7ee44 552264ababe6b14ba73b978fd862901a73f6a2f8 2acd88f3c6ffb08493def8ddd3f10ceccfd456f5b36e2d90a27879697baed6cc Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PX5QPGH	133 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PX5QPGH IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:29:36 Last Seen2023-03-07 22:29:36 Times Seen1 Hash dc5521d25a8bc8ec0af22ba8c118c303 4c591ecc8581eadde168bd9fb2c44e4383f39db7 a3a5fb67e8ea9a78f0f91fc82370b05395ac52669a4e855356955d2038b962d3 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

HTTP Transactions (85)

URL IP Response Size

w1.mssxhb.com/prod/2418e256-f40b-464b-b6f5-e3cae742abf6/a4b733f1-fd5a-4545-b662-14ddd84e5e13

3.223.208.36

302 Found

176 B

URL HTTP/1.1
w1.mssxhb.com/prod/2418e256-f40b-464b-b6f5-e3cae742abf6/a4b733f1-fd5a-4545-b662-14ddd84e5e13
IP
3.223.208.36:0
ASN
#14618 AMAZON-AES

File type
HTML document, ASCII text, with no line terminators
Size
176 B (176 bytes)
Hash
0c5f1023dd70a00102fecb30dcd33dfe
8031bf1b6403eb3222d4c2958c3fd26a7345a83f
d517c6ba9b71ad5d81949164ed3f62e973da0858a37c36747e19d7242f0f8e21

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /prod/2418e256-f40b-464b-b6f5-e3cae742abf6/a4b733f1-fd5a-4545-b662-14ddd84e5e13 HTTP/1.1
Host: w1.mssxhb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Wed, 21 Sep 2022 10:10:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 176
Connection: keep-alive
X-Powered-By: Express
Location: https://leads.go-afs.com?msID=a4b733f1-fd5a-4545-b662-14ddd84e5e13
Vary: Accept

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10296
Expires: Wed, 21 Sep 2022 13:02:11 GMT
Date: Wed, 21 Sep 2022 10:10:35 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
804f8bbb7f556d51a5f52d5ebd5b6eef
922cd7e06df278615a04abb81d811d14596c8180
ef4804d381a34ab67873a7755621081c49c646310e085a9b2356ae07098f6021

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Backoff, Retry-After, Content-Type
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 09:14:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xrNvnWLd0-kPOLnSp3LZBY0WC_iUfXXMnLk5PVWLUS_zod10cH_-cA==
Age: 3372

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gntkHgeSOt3VVzxo5EMigKAtuaxbCsr2DkirnGHL37V6BhoP98vEWg==
age: 20122
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 10:10:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 10:03:22 GMT
Expires: Wed, 21 Sep 2022 10:46:06 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ER8Qe0pXO5GBaumoP0PTWJbtKYfwj5I6zjnwPnUV8AgzveB99jqQJQ==
Age: 434

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1974
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:36 GMT
Last-Modified: Wed, 21 Sep 2022 09:37:42 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

44.228.207.167

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.228.207.167:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: x0B/noDaE7CtPR3oemIeGg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GG3LFTVDQnXetyGvORX7NE6NI3g=

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a79e3fb6006915f9224684bbf94e54f6
8634c28b2be5a6ee744fa4627853f5fc9a8547f8
500e68bbfc37e3b9f22201367dad6c84dad258d60d3fd38b52555a413bb5b73e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4687
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:37 GMT
Last-Modified: Wed, 21 Sep 2022 08:52:30 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279

cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css

104.17.24.14

200 OK

16 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65371)
Size
16 kB (16149 bytes)
Hash
875b3995d53e3efea3a5ed7361c379b7
f26a84d323fd0360bb187f14060dd63428001ae6
016fe2dcd08d54bdeacf2ad22011d1be4ff4af36b10d09877493b54bd96924ff

HTTP Headers

GET /ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: text/css; charset=utf-8
content-length: 16149
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-1d970"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2982671
expires: Mon, 11 Sep 2023 10:10:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4Em19C5SLLepztJaBjIELKc1SR8fhrEDWO0JlOF5dq3E8pIZVk3n6f7YeMXTY1ZrKP1YWbNmhHOMrriZkvysQ8OIAIsd%2FfPBcazrhCRCLME%2FrgSQcexfMq4RBkoR8yfBFQmBD7m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e203199ebdb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap-theme.min.css

104.17.24.14

200 OK

2.2 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap-theme.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (23192)
Size
2.2 kB (2209 bytes)
Hash
d1477fb3750ad4227cfa772eb8f59422
c91fe036833895dd86d86bd32ae665a0a606b57b
fa7d1f55a4e0d4a7c1837b0366a5a020493e2a29f610731f03314cd3fd4e6a3f

HTTP Headers

GET /ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap-theme.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: text/css; charset=utf-8
content-length: 2209
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-5b71"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9032676
expires: Mon, 11 Sep 2023 10:10:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRubF7ZFcLCdFc7VdBzGmbiiKM0Cy5KJPxgwI3KZrJ4hnD4drNOEUhNgP%2BA14VDB8o%2BnS8nr7xxCNu0iBmNpoH7B7zdpyfzRFmE0WDaSfGrVvp2cRBwvoIt0Px0W632NSTZxcWZh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e20319bedeb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js

104.17.24.14

200 OK

8.7 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32033)
Size
8.7 kB (8722 bytes)
Hash
76414c3526ac371cfa2bc8bfb3c12d55
656685d9714d0e3e1ba3f0031e3b573029f9cfbc
0740f3cbd3996283f7a1883aec212ea3d1f611f77e42763ca606e634fd74c19e

HTTP Headers

GET /ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 8722
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-90b5"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6095509
expires: Mon, 11 Sep 2023 10:10:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UW%2FEdWuAMs4IsVYNnPyggyEH2SHbgG%2BqWK0HQK3QrGFktkd7%2FUJ35A3wiKxr4OiTR3lDlW9QKq4TZXLXAd23qCZW7JJyI%2FWTy51d3rGCYbKw97IBwwMWxRCN77WYY9qU10fEP1W8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e20319df04b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

104.17.24.14

200 OK

30 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32077)
Size
30 kB (30360 bytes)
Hash
5e4764d3c94d1a1db8c3d0890278b6d1
e5171f2f46e16d32df5f634ba21e47256fa9689c
5077e8927721a6a3ae5d78b456b7041230d627774a0a319beebacc88290b8328

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 30360
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-17b8b"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1099191
expires: Mon, 11 Sep 2023 10:10:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noL1b1qFtdA%2B7VDLpeAKPputF1hpRjx%2Bt%2F%2FBk7FC4nKg30VROW%2F0s1BILlG7330QwFC8bmKTGstDXiuDpoNn0wtizjUCmEjjtIgHjbIyoiuM8ovYMthp5fBesqavP3q8w%2BYZ4KPy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e20319ef15b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

go-afs.com/media/w0tb3wi3/viewsolutions_button.png

104.19.191.28

200 OK

2.5 kB

URL HTTP/2
go-afs.com/media/w0tb3wi3/viewsolutions_button.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 228 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2533 bytes)
Hash
f87b2de9149ba2dfa737b0ddfd969267
03d71c869ee46d9007d8a490f551360db8919b92
e6c0d84008c99d9b66a23874653b076b573c79a727c93ed045a8ed90c8e92c23

HTTP Headers

GET /media/w0tb3wi3/viewsolutions_button.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: image/png
content-length: 2533
cf-ray: 74e203196b18b512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D909BD6470ECF1"
last-modified: Tue, 27 Apr 2021 20:45:28 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a79e3fb6006915f9224684bbf94e54f6
8634c28b2be5a6ee744fa4627853f5fc9a8547f8
500e68bbfc37e3b9f22201367dad6c84dad258d60d3fd38b52555a413bb5b73e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4687
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:37 GMT
Last-Modified: Wed, 21 Sep 2022 08:52:30 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279

go-afs.com/media/xdrk3iwo/aboutus.png

104.19.191.28

200 OK

2.1 kB

URL HTTP/2
go-afs.com/media/xdrk3iwo/aboutus.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 190 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
2.1 kB (2090 bytes)
Hash
9bfddad5304640bb23b3783a2a1b24ec
e7bdceb01fed2fe0ef210644f0a21da2847855d5
6a618f22e694f059b2523aab8a06dcb564bee0dd579580c563038422c4961fd3

HTTP Headers

GET /media/xdrk3iwo/aboutus.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: image/png
content-length: 2090
cf-ray: 74e203196b16b512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D904E4400DD4C0"
last-modified: Wed, 21 Apr 2021 16:41:02 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

go-afs.com/media/yqylx5zc/afs-logo.png

104.19.191.28

200 OK

14 kB

URL HTTP/2
go-afs.com/media/yqylx5zc/afs-logo.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1127 x 269, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14086 bytes)
Hash
fcda80c0d6981e329a3f8ef62ea34b59
f2aec2e00b02579f92e2d4dbb027fab333fe5863
2d99db72788c6e470b5b55c7043add272660fbb8e9a2dc9a897c48604a36fc36

HTTP Headers

GET /media/yqylx5zc/afs-logo.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: image/png
content-length: 14086
cf-ray: 74e203196b13b512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D904E440BCD0C5"
last-modified: Wed, 21 Apr 2021 16:41:03 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

go-afs.com/media/eqtlfkfq/learnmore_button.png

104.19.191.28

200 OK

1.9 kB

URL HTTP/2
go-afs.com/media/eqtlfkfq/learnmore_button.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 228 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
1.9 kB (1908 bytes)
Hash
57db6b0adf9eb65bb3d072d057cfd650
9d84b2da4e4882695733144ecb21530d2b34426e
67af8bc7ebb72efd06a3b561d3e7e6f1eb4ee58e273f362e1eaced1205781445

HTTP Headers

GET /media/eqtlfkfq/learnmore_button.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: image/png
content-length: 1908
cf-ray: 74e203196b19b512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D909BD641219DA"
last-modified: Tue, 27 Apr 2021 20:45:28 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-PX5QPGH

142.250.74.72

200 OK

50 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-PX5QPGH
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3649)
Size
50 kB (50327 bytes)
Hash
7921b3108dad0c002954d3d0f9f69d43
fb575a0ab341b4b7a114cb0a2d1863dadb057fd2
8f11dffef588e276698deabf7d89f70bc0a8004ad1a5e66d3ad6562506870e6b

HTTP Headers

GET /gtm.js?id=GTM-PX5QPGH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 10:10:37 GMT
expires: Wed, 21 Sep 2022 10:10:37 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50327
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

go-afs.com/media/kbebcvpt/home-prod-mobilesolutions.png

104.19.191.28

200 OK

130 kB

URL HTTP/2
go-afs.com/media/kbebcvpt/home-prod-mobilesolutions.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced\012- data
Size
130 kB (130156 bytes)
Hash
fe0cc8a6d85c20197f36856ac025fcb2
823541b158488c9ace9ee6a479c15b87e9a35236
5dadd940bf5d9b45a0cf5036febf4ea1bf315de4507084d1cb49e6386967f1bf

HTTP Headers

GET /media/kbebcvpt/home-prod-mobilesolutions.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: image/png
content-length: 130156
cf-ray: 74e203197b1fb512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D904E43FBD35D4"
last-modified: Wed, 21 Apr 2021 16:41:01 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id

142.250.74.72

200 OK

36 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1720)
Size
36 kB (36028 bytes)
Hash
db743b1cc4eb86b4022efa3dc34a4a77
4be98cc69844a03d902e85bd38e4693008ad55cb
6e47d741a8c62233f9f271e12a9a989de850766e4b4dda92ee9554f3b2972b18

HTTP Headers

GET /gtag/js?id HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 10:10:37 GMT
expires: Wed, 21 Sep 2022 10:10:37 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 36028
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

go-afs.com/media/ffblbefg/home-prod-apexgateway.png

104.19.191.28

200 OK

100 kB

URL HTTP/2
go-afs.com/media/ffblbefg/home-prod-apexgateway.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced\012- data
Size
100 kB (99639 bytes)
Hash
83e8ddd96fd70e5fef41346a2a35569a
a1ee75bc9dba6a2dccf08ed301521d91df054e75
6a857edee11cdf36d8233b8a8935593e322448dc96a43741f56f5a1841572bd9

HTTP Headers

GET /media/ffblbefg/home-prod-apexgateway.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: image/png
content-length: 99639
cf-ray: 74e203196b1cb512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D904E43FF258B4"
last-modified: Wed, 21 Apr 2021 16:41:02 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

go-afs.com/media/z1kijiho/home-prod-pos.png

104.19.191.28

200 OK

180 kB

URL HTTP/2
go-afs.com/media/z1kijiho/home-prod-pos.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced\012- data
Size
180 kB (179530 bytes)
Hash
b5de5f81a83027c5f138d20a59334013
afae40d722d46afa59decc0175b8881227dc4387
b0580b7d38d646776cd31abb1c4b57dee757aff6341dad39e879e4b765155f80

HTTP Headers

GET /media/z1kijiho/home-prod-pos.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: image/png
content-length: 179530
cf-ray: 74e203197b21b512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D904E4400BD891"
last-modified: Wed, 21 Apr 2021 16:41:02 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

go-afs.com/media/tcklmknd/home-prod-apexnow.jpg

104.19.191.28

200 OK

30 kB

URL HTTP/2
go-afs.com/media/tcklmknd/home-prod-apexnow.jpg
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, progressive, precision 8, 350x350, components 3\012- data
Size
30 kB (30166 bytes)
Hash
35ead69e610fa8d9a962fd32a880928d
9dfe5b161b5479837a570556b04fc32487193c0a
44685552aeffe93f55b3037665f67cc65efde710c10880b99c9293868eaafba4

HTTP Headers

GET /media/tcklmknd/home-prod-apexnow.jpg HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: image/jpeg
content-length: 30166
cf-ray: 74e203197b1eb512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D9D784F6F572D9"
last-modified: Fri, 14 Jan 2022 17:40:32 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

go-afs.com/media/4qzg0o0p/home-prod-cashdiscount.png

104.19.191.28

200 OK

215 kB

URL HTTP/2
go-afs.com/media/4qzg0o0p/home-prod-cashdiscount.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced\012- data
Size
215 kB (215396 bytes)
Hash
56256e8185c8a3c45079a9abe073ebe8
7d821f409a1b35a9036c028481cfbc43f54e4a20
d756ca504170af170f651d0e75f3bda483bdd8b7c2a227dca665e67f88e84b69

HTTP Headers

GET /media/4qzg0o0p/home-prod-cashdiscount.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: image/png
content-length: 215396
cf-ray: 74e203197b20b512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D904E43F44E399"
last-modified: Wed, 21 Apr 2021 16:41:01 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

go-afs.com/media/ofvj21qx/home-prod-apexconnect.png

104.19.191.28

200 OK

145 kB

URL HTTP/2
go-afs.com/media/ofvj21qx/home-prod-apexconnect.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced\012- data
Size
145 kB (144628 bytes)
Hash
1163048b05db50b653140383f2a3a772
8d086b85d565ae0aea442edea57a9d0556b67e07
56fdaa32970710019cfb009c29c5680207efb3b893eff6529e58c5450a64a5b0

HTTP Headers

GET /media/ofvj21qx/home-prod-apexconnect.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: image/png
content-length: 144628
cf-ray: 74e203196b1ab512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D904E43FD507A7"
last-modified: Wed, 21 Apr 2021 16:41:01 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

go-afs.com/media/sjikc3vs/greenbutton.png

104.19.191.28

200 OK

438 B

URL HTTP/2
go-afs.com/media/sjikc3vs/greenbutton.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 228 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
438 B (438 bytes)
Hash
bcb27513092300d14cab6e5f0b130d5c
8b9fe7bee3778564449dae849543d78a9e424723
bf9014283dce47aab3a32df8c60558c48e898c8f2f07dc3968d702505deffff6

HTTP Headers

GET /media/sjikc3vs/greenbutton.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:38 GMT
content-type: image/png
content-length: 438
cf-ray: 74e2031afd83b512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D909BD6379B579"
last-modified: Tue, 27 Apr 2021 20:45:27 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 08:31:01 GMT
expires: Wed, 20 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 92377
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10976
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 10:10:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10976
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 10:10:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10976
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 10:10:38 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9201 bytes)
Hash
a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JEb0g486u6AjYFbf8rSbreKjh0m1GsAGbvykHl0oahmVN2ciqe5FOw==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:14:57 GMT
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
age: 42941
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12654 bytes)
Hash
f7b780d39877eea116277625aaa01f1b
d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db
ca9d59056e0a3f512d36db11f4a4bd3109c2ce1e13b29b5f40dce84df079e71f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12654
x-amzn-requestid: efc99152-2b51-462d-b48b-67ba8263b1cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOGVYoAMFcvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-00eeb6913e06ac151f293263;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: nSWUmBqJPIBYNoLtyrfAN7CK4367b6TEku9eki8BGJVdTWW3dSyckw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 06:45:55 GMT
age: 12283
etag: "d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8826 bytes)
Hash
4eb6d1b35f680bfec656941b6167fd23
344c6000dbdafdb5105edc93a082d640c3e95ddc
67fc85fa0f1a55d57ab9db6f4c723fb9116ef3b2c5282dbdd42d9c37396bd7b9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8826
x-amzn-requestid: cf0c711e-4ec9-4f87-a60f-41374262a114
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYweUHIyoAMFYQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202df5-17ad5d4e25a754586e531d05;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:15:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OEbpCQXLpTCDZH4OlzVvvsc-bSgbsIoXRgX6f-nKVwJTL5-SVTCHeA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:48:37 GMT
age: 44521
etag: "344c6000dbdafdb5105edc93a082d640c3e95ddc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10244 bytes)
Hash
14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e3MMA-NVstIsR7M9_JGH05i1e8pK17RsjyERrSMlC3uoHsWw_7ABtA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 19:18:32 GMT
age: 53526
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6897 bytes)
Hash
8bae3a7a80ff40df1d701dfc925ddeff
91df60162a8322469cada0dd8eb93619f28aec1a
fab10c7ad4658bc191621d9f2042236a7b6e34448ce5215dde5b8d6a64b52952

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6897
x-amzn-requestid: 509dc368-dd1c-4be7-94ff-64dbd53c199f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YoqoRG2WIAMFw6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63268b01-1cb916c251fd5f2f3cf10435;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 03:05:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vs0CTuiAdjRtfJD9qX9S5R07Hw6BWfiOAT50GwTdiSETdoqr2FNsyw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 04:14:25 GMT
age: 21373
etag: "91df60162a8322469cada0dd8eb93619f28aec1a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7507 bytes)
Hash
4d98acc059a69d51165fb5e0c7430ea3
09bd3300d710c3212483159f8398b84cde09da26
6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rq4QHCD4EubBKHyCj7jyKqpct5d7U33TvNufqj_w8mWunqQsouoh7w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:25:17 GMT
age: 42321
etag: "09bd3300d710c3212483159f8398b84cde09da26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

go-afs.com/media/qyonp1px/afswelcome_hero.png

104.19.191.28

200 OK

2.4 MB

URL HTTP/2
go-afs.com/media/qyonp1px/afswelcome_hero.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1918 x 957, 8-bit/color RGBA, non-interlaced\012- data
Size
2.4 MB (2381079 bytes)
Hash
1566baa63d14e1e12caf5c524a92af40
df8a320fc19be2acdcc3d75af183a1374010e885
84df20c5a880d21b5247e56936d93178fc6239275b75afddaadedc0ac6f1520b

HTTP Headers

GET /media/qyonp1px/afswelcome_hero.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:38 GMT
content-type: image/png
content-length: 2381079
cf-ray: 74e2031aed69b512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D960D005CCF6D8"
last-modified: Mon, 16 Aug 2021 16:08:01 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 21 Sep 2022 08:41:12 GMT
expires: Wed, 21 Sep 2022 10:41:12 GMT
cache-control: public, max-age=7200
age: 5366
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

go-afs.com/media/2dpb1oqo/favicon.png

104.19.191.28

200 OK

687 B

URL HTTP/2
go-afs.com/media/2dpb1oqo/favicon.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 25 x 23, 8-bit/color RGBA, non-interlaced\012- data
Size
687 B (687 bytes)
Hash
383c2ee8e0aabc3c65afc4cd2dcd2bed
2e4060252e611c1c1214be7c556e84f7cfd0cab0
adaf7d160c4cc7e300f5b7d4f623ed1839b3d8d1baf4b674f36fc98a62947585

HTTP Headers

GET /media/2dpb1oqo/favicon.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1; _gcl_au=1.1.1633729557.1663755038
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:38 GMT
content-type: image/png
content-length: 687
cf-ray: 74e2031eeaa9b512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D91F0FA11DF441"
last-modified: Mon, 24 May 2021 23:57:03 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
67b756e82caefc7860b9f2d4a4f40341
adeae15d52089bcca4ca247fc4aebceef8406e34
72ff9f52080a633dc841554f7d4cc70083edd2572b535d84093ae63f0c50b832

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/pagead/conversion_async.js

142.250.74.164

200 OK

16 kB

URL HTTP/2
www.google.com/pagead/conversion_async.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1654)
Size
16 kB (15693 bytes)
Hash
890f716858b5f72587e47c5eca121cb5
91871a0acd9a0ab644d51036bb5ca0c3bdc5e687
7a3629e375468328b3fb25e1a6cc5749604f09099e8d2109f366e7e0226aee4a

HTTP Headers

GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 21 Sep 2022 10:10:38 GMT
expires: Wed, 21 Sep 2022 10:10:38 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3080337328058561381
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=131897339&gjid=2000018762&_gid=628111740.1663755039&_u=YEBAAEAAAAAAAC~&z=1919478995

142.251.1.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=131897339&gjid=2000018762&_gid=628111740.1663755039&_u=YEBAAEAAAAAAAC~&z=1919478995
IP
142.251.1.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=131897339&gjid=2000018762&_gid=628111740.1663755039&_u=YEBAAEAAAAAAAC~&z=1919478995 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://go-afs.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 21 Sep 2022 10:10:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=868622507&gjid=1508333012&_gid=628111740.1663755039&_u=YEDAAUABAAAAAC~&z=2084882912

142.251.1.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=868622507&gjid=1508333012&_gid=628111740.1663755039&_u=YEDAAUABAAAAAC~&z=2084882912
IP
142.251.1.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=868622507&gjid=1508333012&_gid=628111740.1663755039&_u=YEDAAUABAAAAAC~&z=2084882912 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://go-afs.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 21 Sep 2022 10:10:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.clarity.ms/eus2/s/0.6.40/clarity.js

13.107.227.53

200 OK

24 kB

URL HTTP/2
www.clarity.ms/eus2/s/0.6.40/clarity.js
IP
13.107.227.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (54745)
Size
24 kB (24486 bytes)
Hash
25d5a0784850479d5fd0fc2dfe7bf04b
edbf12ed40a61cf301cf879e15d6929a805d108c
697927de943ffc88a20f2f608b5875d716bb2d8c43f33a57a72e95f6f55cd5fa

HTTP Headers

GET /eus2/s/0.6.40/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8c7baa5622330"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0HuMqYwAAAAD8N2nbcQEyT4ToHFaCoDQ/T1NMMjMxMDUwMjAzMDUxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Wed, 21 Sep 2022 10:10:38 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fde987c85b17b2242afddd76c3fd3b62
08e87b8185fc39462e6b331d565a864df2fd5865
49bc15e88c546089cc42939f8dc9f7046f1dd98332c31cf52435586bc8ea177c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fde987c85b17b2242afddd76c3fd3b62
08e87b8185fc39462e6b331d565a864df2fd5865
49bc15e88c546089cc42939f8dc9f7046f1dd98332c31cf52435586bc8ea177c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fde987c85b17b2242afddd76c3fd3b62
08e87b8185fc39462e6b331d565a864df2fd5865
49bc15e88c546089cc42939f8dc9f7046f1dd98332c31cf52435586bc8ea177c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/444627646/?random=1663755038882&cv=9&fst=1663754400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo-afs.com%2F&tiba=AFS%20Agile%20Financial%20Systems%20Home&async=1&fmt=3&is_vtc=1&random=3248426018&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/444627646/?random=1663755038882&cv=9&fst=1663754400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo-afs.com%2F&tiba=AFS%20Agile%20Financial%20Systems%20Home&async=1&fmt=3&is_vtc=1&random=3248426018&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/444627646/?random=1663755038882&cv=9&fst=1663754400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo-afs.com%2F&tiba=AFS%20Agile%20Financial%20Systems%20Home&async=1&fmt=3&is_vtc=1&random=3248426018&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 10:10:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=868622507&_u=YEDAAUABAAAAAC~&z=279512132

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=868622507&_u=YEDAAUABAAAAAC~&z=279512132
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=868622507&_u=YEDAAUABAAAAAC~&z=279512132 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 10:10:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=131897339&_u=YEBAAEAAAAAAAC~&z=818952996

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=131897339&_u=YEBAAEAAAAAAAC~&z=818952996
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=131897339&_u=YEBAAEAAAAAAAC~&z=818952996 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 10:10:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fde987c85b17b2242afddd76c3fd3b62
08e87b8185fc39462e6b331d565a864df2fd5865
49bc15e88c546089cc42939f8dc9f7046f1dd98332c31cf52435586bc8ea177c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

c.clarity.ms/c.gif

20.234.93.27

302 Found

0 B

URL HTTP/2
c.clarity.ms/c.gif
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=4132881FDAF548CB84B383571F6D5798&RedC=c.clarity.ms&MXFR=2B239DADDDD16BEA1AE58F8BD9D16536
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=2B239DADDDD16BEA1AE58F8BD9D16536; domain=.clarity.ms; expires=Mon, 16-Oct-2023 10:10:39 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Wed, 21 Sep 2022 10:10:38 GMT
content-length: 0
X-Firefox-Spdy: h2

c.bing.com/c.gif?CtsSyncId=4132881FDAF548CB84B383571F6D5798&RedC=c.clarity.ms&MXFR=2B239DADDDD16BEA1AE58F8BD9D16536

204.79.197.200

302 Found

0 B

URL HTTP/2
c.bing.com/c.gif?CtsSyncId=4132881FDAF548CB84B383571F6D5798&RedC=c.clarity.ms&MXFR=2B239DADDDD16BEA1AE58F8BD9D16536
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif?CtsSyncId=4132881FDAF548CB84B383571F6D5798&RedC=c.clarity.ms&MXFR=2B239DADDDD16BEA1AE58F8BD9D16536 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go-afs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=4132881FDAF548CB84B383571F6D5798&MUID=230A1FAA051E624014460D8C0449638F
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=230A1FAA051E624014460D8C0449638F; domain=c.bing.com; expires=Mon, 16-Oct-2023 10:10:39 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FEDECF2A8C9E48C4851C9EE12D555DFE Ref B: OSL30EDGE0414 Ref C: 2022-09-21T10:10:39Z
date: Wed, 21 Sep 2022 10:10:38 GMT
content-length: 0
X-Firefox-Spdy: h2

c.clarity.ms/c.gif?CtsSyncId=4132881FDAF548CB84B383571F6D5798&MUID=230A1FAA051E624014460D8C0449638F

20.234.93.27

200 OK

42 B

URL HTTP/2
c.clarity.ms/c.gif?CtsSyncId=4132881FDAF548CB84B383571F6D5798&MUID=230A1FAA051E624014460D8C0449638F
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

HTTP Headers

GET /c.gif?CtsSyncId=4132881FDAF548CB84B383571F6D5798&MUID=230A1FAA051E624014460D8C0449638F HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go-afs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 21-Sep-2022 10:20:39 GMT; path=/; SameSite=None; Secure;
date: Wed, 21 Sep 2022 10:10:38 GMT
content-length: 42
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 521
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://go-afs.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Wed, 21 Sep 2022 10:10:39 GMT
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-9QVVWF40FE&gtm=2oe9j0&_p=87798840&cid=282442245.1663755039&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663755038&sct=1&seg=0&dl=https%3A%2F%2Fgo-afs.com%2F&dt=AFS%20Agile%20Financial%20Systems%20Home&en=page_view&_fv=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-9QVVWF40FE&gtm=2oe9j0&_p=87798840&cid=282442245.1663755039&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663755038&sct=1&seg=0&dl=https%3A%2F%2Fgo-afs.com%2F&dt=AFS%20Agile%20Financial%20Systems%20Home&en=page_view&_fv=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-9QVVWF40FE&gtm=2oe9j0&_p=87798840&cid=282442245.1663755039&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663755038&sct=1&seg=0&dl=https%3A%2F%2Fgo-afs.com%2F&dt=AFS%20Agile%20Financial%20Systems%20Home&en=page_view&_fv=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://go-afs.com
date: Wed, 21 Sep 2022 10:10:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 38617
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://go-afs.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Wed, 21 Sep 2022 10:10:39 GMT
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 916
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://go-afs.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Wed, 21 Sep 2022 10:10:41 GMT
X-Firefox-Spdy: h2

go-afs.com/media/zetbjpgz/gateway_hero.png

104.19.191.28

200 OK

2.1 MB

URL HTTP/2
go-afs.com/media/zetbjpgz/gateway_hero.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1918 x 957, 8-bit/color RGBA, non-interlaced\012- data
Size
2.1 MB (2143459 bytes)
Hash
b6fb8459f4d7e52ff16894f1e8a4d3b3
e6fa78468a326de7b221dc1bb830074e2c4b2e1c
b948cf2443d69a25748ffbdf604f599ea0d1897d4a0c4f245ad49678d67fb23a

HTTP Headers

GET /media/zetbjpgz/gateway_hero.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1; _gcl_au=1.1.1633729557.1663755038; _ga=GA1.1.282442245.1663755039; _gid=GA1.2.628111740.1663755039; _gat_UA-128791235-2=1; _gat_gtag_UA_128791235_2=1; _ga_9QVVWF40FE=GS1.1.1663755038.1.0.1663755038.0.0.0; _clck=n2bf11|1|f52|0; _clsk=119kvys|1663755039470|1|1|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:44 GMT
content-type: image/png
content-length: 2143459
cf-ray: 74e203420901b512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D960D027C21145"
last-modified: Mon, 16 Aug 2021 16:08:58 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c472fe6-fe9b-4742-98f4-b71f53839315.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4789 bytes)
Hash
4df06b3e4176e8f080c997bfae578142
0850ed5db509f8a75439eca5866c2bb6ca3195d3
43e8bfd931d778ac5ebf2d4a8c9915cb05394b6499f9a8575cfc8ce93edd7d92

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c472fe6-fe9b-4742-98f4-b71f53839315.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 4789
x-amzn-requestid: 36ce3b9d-d2aa-4975-86e5-22875944d707
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiqljEIKoAMFhPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63242489-1a31957361790e766b8355c6;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:23:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uNmY94pnSglVwSsx4oEaFrQqFI0bxeVzH8o8PYApgHQk_CSrkk2R1g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:20:09 GMT
age: 42635
etag: "0850ed5db509f8a75439eca5866c2bb6ca3195d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

104.18.47.230

200 OK

0 B

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP
104.18.47.230:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://leads.go-afs.com
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e20316c933b4ff-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

go-afs.com/App_Plugins/UmbracoForms/Assets/aspnet-validation/dist/aspnet-validation.min.js

104.19.191.28

200 OK

0 B

URL HTTP/2
go-afs.com/App_Plugins/UmbracoForms/Assets/aspnet-validation/dist/aspnet-validation.min.js
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /App_Plugins/UmbracoForms/Assets/aspnet-validation/dist/aspnet-validation.min.js HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: application/x-javascript
cf-ray: 74e203196b0ab512-OSL
etag: W/"86755d19bcbd71:0"
last-modified: Wed, 27 Oct 2021 08:17:36 GMT
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300,400,700

216.58.211.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,400,700
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 10:10:37 GMT
date: Wed, 21 Sep 2022 10:10:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

goafs.kartra.com/front/domain_validation?step=2&domain=leads.go-afs.com&url=https%3A%2F%2Fleads.go-afs.com%2F%3FmsID%3Da4b733f1-fd5a-4545-b662-14ddd84e5e13

104.17.208.37

307 Temporary Redirect

0 B

URL HTTP/2
goafs.kartra.com/front/domain_validation?step=2&domain=leads.go-afs.com&url=https%3A%2F%2Fleads.go-afs.com%2F%3FmsID%3Da4b733f1-fd5a-4545-b662-14ddd84e5e13
IP
104.17.208.37:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /front/domain_validation?step=2&domain=leads.go-afs.com&url=https%3A%2F%2Fleads.go-afs.com%2F%3FmsID%3Da4b733f1-fd5a-4545-b662-14ddd84e5e13 HTTP/1.1
Host: goafs.kartra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 307 Temporary Redirect
date: Wed, 21 Sep 2022 10:10:36 GMT
content-type: text/html; charset=UTF-8
location: https://leads.go-afs.com/?msID=a4b733f1-fd5a-4545-b662-14ddd84e5e13&r_done=1
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74e203121e6b0b3d-OSL
X-Firefox-Spdy: h2

go-afs.com/DependencyHandler.axd?s=L2Nzcy9BcnRpY2xlLUxpc3QuY3NzOy9jc3MvRm9vdGVyLUJhc2ljLmNzczsvY3NzL05hdmlnYXRpb24tQ2xlYW4xLmNzczsvY3NzL05ld3MtQ2FyZHMuY3NzOy9jc3MvU3R5bGVzRHJvcGRvd24uY3NzOy9jc3Mvc3R5bGVzLmNzczsvY3NzL3RpbGVzLWNhcm91c2VsLmNzczsvY3NzL0Nhcm91c2VsLUhlcm8uY3NzOy9jc3MvQWJvdXRVcy5jc3M7L2Nzcy9OZXdzQmxvZy5jc3M7L2Nzcy9DYXJlZXJzLmNzczsvY3NzL1BheW1lbnRTb2x1dGlvbnMuY3NzOy9jc3MvTGFuZGluZy1QYWdlcy5jc3M7L2Nzcy92aWRlb01vZGFsLmNzczs&t=Css&cdv=908616580

104.19.191.28

200 OK

0 B

URL HTTP/2
go-afs.com/DependencyHandler.axd?s=L2Nzcy9BcnRpY2xlLUxpc3QuY3NzOy9jc3MvRm9vdGVyLUJhc2ljLmNzczsvY3NzL05hdmlnYXRpb24tQ2xlYW4xLmNzczsvY3NzL05ld3MtQ2FyZHMuY3NzOy9jc3MvU3R5bGVzRHJvcGRvd24uY3NzOy9jc3Mvc3R5bGVzLmNzczsvY3NzL3RpbGVzLWNhcm91c2VsLmNzczsvY3NzL0Nhcm91c2VsLUhlcm8uY3NzOy9jc3MvQWJvdXRVcy5jc3M7L2Nzcy9OZXdzQmxvZy5jc3M7L2Nzcy9DYXJlZXJzLmNzczsvY3NzL1BheW1lbnRTb2x1dGlvbnMuY3NzOy9jc3MvTGFuZGluZy1QYWdlcy5jc3M7L2Nzcy92aWRlb01vZGFsLmNzczs&t=Css&cdv=908616580
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /DependencyHandler.axd?s=L2Nzcy9BcnRpY2xlLUxpc3QuY3NzOy9jc3MvRm9vdGVyLUJhc2ljLmNzczsvY3NzL05hdmlnYXRpb24tQ2xlYW4xLmNzczsvY3NzL05ld3MtQ2FyZHMuY3NzOy9jc3MvU3R5bGVzRHJvcGRvd24uY3NzOy9jc3Mvc3R5bGVzLmNzczsvY3NzL3RpbGVzLWNhcm91c2VsLmNzczsvY3NzL0Nhcm91c2VsLUhlcm8uY3NzOy9jc3MvQWJvdXRVcy5jc3M7L2Nzcy9OZXdzQmxvZy5jc3M7L2Nzcy9DYXJlZXJzLmNzczsvY3NzL1BheW1lbnRTb2x1dGlvbnMuY3NzOy9jc3MvTGFuZGluZy1QYWdlcy5jc3M7L2Nzcy92aWRlb01vZGFsLmNzczs&t=Css&cdv=908616580 HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: text/css
cf-ray: 74e203196b06b512-OSL
cache-control: public, must-revalidate, proxy-revalidate, max-age=383535, s-maxage=383535
etag: W/"4bd459398052b0208c952e4051514dbd"
expires: Sun, 25 Sep 2022 20:42:53 GMT
last-modified: Thu, 15 Sep 2022 20:42:53 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
set-cookie: ARRAffinity=b1ef89074c71e161dc4fc9e1fb894062be585b15fd3db58dcfd3dfb656c73999;Path=/;HttpOnly;Secure;Domain=a99cf50f-9e0d-4f64-b469-18205ba19ad9.azurewebsites.net
ARRAffinitySameSite=b1ef89074c71e161dc4fc9e1fb894062be585b15fd3db58dcfd3dfb656c73999;Path=/;HttpOnly;SameSite=None;Secure;Domain=a99cf50f-9e0d-4f64-b469-18205ba19ad9.azurewebsites.net
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.10.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-03-10 20:26:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 121d365db7a9aba3915641185d93b963
cdn-cache: HIT
cf-cache-status: HIT
age: 13065844
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74e20319bcf6b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Nunito|LibreBaskerville

216.58.211.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Nunito|LibreBaskerville
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Nunito|LibreBaskerville HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 10:10:37 GMT
date: Wed, 21 Sep 2022 10:10:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

leads.go-afs.com/?msID=a4b733f1-fd5a-4545-b662-14ddd84e5e13

104.17.208.37

302 Found

0 B

URL HTTP/2
leads.go-afs.com/?msID=a4b733f1-fd5a-4545-b662-14ddd84e5e13
IP
104.17.208.37:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?msID=a4b733f1-fd5a-4545-b662-14ddd84e5e13 HTTP/1.1
Host: leads.go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Wed, 21 Sep 2022 10:10:36 GMT
content-type: text/html; charset=UTF-8
location: https://leads.go-afs.com/front/domain_validation?step=1&domain=leads.go-afs.com&url=https%3A%2F%2Fleads.go-afs.com%2F%3FmsID%3Da4b733f1-fd5a-4545-b662-14ddd84e5e13
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74e2030d787ab506-OSL
X-Firefox-Spdy: h2

leads.go-afs.com/cdn-cgi/rum?

104.17.208.37

200 OK

0 B

URL HTTP/2
leads.go-afs.com/cdn-cgi/rum?
IP
104.17.208.37:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: leads.go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 330
Origin: https://leads.go-afs.com
Connection: keep-alive
Referer: https://leads.go-afs.com/?msID=a4b733f1-fd5a-4545-b662-14ddd84e5e13&r_done=1
Cookie: kartra_visited=a4d2fcb8893f27d5c03d3e00e7df4304c88f8de5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: text/plain
access-control-allow-origin: https://leads.go-afs.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 74e203191a5cb506-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

go-afs.com/DependencyHandler.axd?s=L3NjcmlwdHMvbmF2aWdhdGlvbk1lbnUuanM7L3NjcmlwdHMvbG9hZEV2ZW50cy5qczsvc2NyaXB0cy9jb250YWN0Rm9ybS5qczsvc2NyaXB0cy9yZXNwb25zaXZlLmpzOw&t=Javascript&cdv=908616580

104.19.191.28

200 OK

0 B

URL HTTP/2
go-afs.com/DependencyHandler.axd?s=L3NjcmlwdHMvbmF2aWdhdGlvbk1lbnUuanM7L3NjcmlwdHMvbG9hZEV2ZW50cy5qczsvc2NyaXB0cy9jb250YWN0Rm9ybS5qczsvc2NyaXB0cy9yZXNwb25zaXZlLmpzOw&t=Javascript&cdv=908616580
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /DependencyHandler.axd?s=L3NjcmlwdHMvbmF2aWdhdGlvbk1lbnUuanM7L3NjcmlwdHMvbG9hZEV2ZW50cy5qczsvc2NyaXB0cy9jb250YWN0Rm9ybS5qczsvc2NyaXB0cy9yZXNwb25zaXZlLmpzOw&t=Javascript&cdv=908616580 HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: application/x-javascript
cf-ray: 74e203197b23b512-OSL
cache-control: public, must-revalidate, proxy-revalidate, max-age=383535, s-maxage=383535
etag: W/"8184d85837fe845d751fe87b91b6590b"
expires: Sun, 25 Sep 2022 20:42:53 GMT
last-modified: Thu, 15 Sep 2022 20:42:53 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
set-cookie: ARRAffinity=b1ef89074c71e161dc4fc9e1fb894062be585b15fd3db58dcfd3dfb656c73999;Path=/;HttpOnly;Secure;Domain=a99cf50f-9e0d-4f64-b469-18205ba19ad9.azurewebsites.net
ARRAffinitySameSite=b1ef89074c71e161dc4fc9e1fb894062be585b15fd3db58dcfd3dfb656c73999;Path=/;HttpOnly;SameSite=None;Secure;Domain=a99cf50f-9e0d-4f64-b469-18205ba19ad9.azurewebsites.net
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations