| w1.mssxhb.com/prod/2418e256-f40b-464b-b6f5-e3cae742abf6/a4b733f1-fd5a-4545-b662-14ddd84e5e13 | 3.223.208.36 | 302 Found | 176 B |
URL HTTP/1.1w1.mssxhb.com/prod/2418e256-f40b-464b-b6f5-e3cae742abf6/a4b733f1-fd5a-4545-b662-14ddd84e5e13 IP3.223.208.36:0
File typeHTML document, ASCII text, with no line terminators Hash0c5f1023dd70a00102fecb30dcd33dfe 8031bf1b6403eb3222d4c2958c3fd26a7345a83f d517c6ba9b71ad5d81949164ed3f62e973da0858a37c36747e19d7242f0f8e21
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /prod/2418e256-f40b-464b-b6f5-e3cae742abf6/a4b733f1-fd5a-4545-b662-14ddd84e5e13 HTTP/1.1
Host: w1.mssxhb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Wed, 21 Sep 2022 10:10:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 176
Connection: keep-alive
X-Powered-By: Express
Location: https://leads.go-afs.com?msID=a4b733f1-fd5a-4545-b662-14ddd84e5e13
Vary: Accept
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha26d0784548ecab22f417f3d689daf23 8893b79366bbadeb5c8d587b8f023e310694df1c 35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10296
Expires: Wed, 21 Sep 2022 13:02:11 GMT
Date: Wed, 21 Sep 2022 10:10:35 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.115 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.115:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash804f8bbb7f556d51a5f52d5ebd5b6eef 922cd7e06df278615a04abb81d811d14596c8180 ef4804d381a34ab67873a7755621081c49c646310e085a9b2356ae07098f6021
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Backoff, Retry-After, Content-Type
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 09:14:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xrNvnWLd0-kPOLnSp3LZBY0WC_iUfXXMnLk5PVWLUS_zod10cH_-cA==
Age: 3372
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain | 143.204.55.25 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain IP143.204.55.25:0
File typePEM certificate\012- , ASCII text Hash6113f8408c59aebe188d6af273b90743 7398873bf00f99944eaa77ad3ebc0d43c23dba6b b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gntkHgeSOt3VVzxo5EMigKAtuaxbCsr2DkirnGHL37V6BhoP98vEWg==
age: 20122
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 10:10:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.115 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.115:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 10:03:22 GMT
Expires: Wed, 21 Sep 2022 10:46:06 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ER8Qe0pXO5GBaumoP0PTWJbtKYfwj5I6zjnwPnUV8AgzveB99jqQJQ==
Age: 434
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashff6d50919e56aed75c47feb45ee2f2ec 98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1974
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:36 GMT
Last-Modified: Wed, 21 Sep 2022 09:37:42 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 44.228.207.167 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP44.228.207.167:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: x0B/noDaE7CtPR3oemIeGg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GG3LFTVDQnXetyGvORX7NE6NI3g=
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hasha79e3fb6006915f9224684bbf94e54f6 8634c28b2be5a6ee744fa4627853f5fc9a8547f8 500e68bbfc37e3b9f22201367dad6c84dad258d60d3fd38b52555a413bb5b73e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4687
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:37 GMT
Last-Modified: Wed, 21 Sep 2022 08:52:30 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
|
|
| cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css | 104.17.24.14 | 200 OK | 16 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css IP104.17.24.14:0
File typeASCII text, with very long lines (65371) Hash875b3995d53e3efea3a5ed7361c379b7 f26a84d323fd0360bb187f14060dd63428001ae6 016fe2dcd08d54bdeacf2ad22011d1be4ff4af36b10d09877493b54bd96924ff
GET /ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: text/css; charset=utf-8
content-length: 16149
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-1d970"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2982671
expires: Mon, 11 Sep 2023 10:10:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4Em19C5SLLepztJaBjIELKc1SR8fhrEDWO0JlOF5dq3E8pIZVk3n6f7YeMXTY1ZrKP1YWbNmhHOMrriZkvysQ8OIAIsd%2FfPBcazrhCRCLME%2FrgSQcexfMq4RBkoR8yfBFQmBD7m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e203199ebdb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap-theme.min.css | 104.17.24.14 | 200 OK | 2.2 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap-theme.min.css IP104.17.24.14:0
File typeASCII text, with very long lines (23192) Hashd1477fb3750ad4227cfa772eb8f59422 c91fe036833895dd86d86bd32ae665a0a606b57b fa7d1f55a4e0d4a7c1837b0366a5a020493e2a29f610731f03314cd3fd4e6a3f
GET /ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap-theme.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: text/css; charset=utf-8
content-length: 2209
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-5b71"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9032676
expires: Mon, 11 Sep 2023 10:10:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRubF7ZFcLCdFc7VdBzGmbiiKM0Cy5KJPxgwI3KZrJ4hnD4drNOEUhNgP%2BA14VDB8o%2BnS8nr7xxCNu0iBmNpoH7B7zdpyfzRFmE0WDaSfGrVvp2cRBwvoIt0Px0W632NSTZxcWZh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e20319bedeb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js | 104.17.24.14 | 200 OK | 8.7 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js IP104.17.24.14:0
File typeASCII text, with very long lines (32033) Hash76414c3526ac371cfa2bc8bfb3c12d55 656685d9714d0e3e1ba3f0031e3b573029f9cfbc 0740f3cbd3996283f7a1883aec212ea3d1f611f77e42763ca606e634fd74c19e
GET /ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 8722
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-90b5"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6095509
expires: Mon, 11 Sep 2023 10:10:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UW%2FEdWuAMs4IsVYNnPyggyEH2SHbgG%2BqWK0HQK3QrGFktkd7%2FUJ35A3wiKxr4OiTR3lDlW9QKq4TZXLXAd23qCZW7JJyI%2FWTy51d3rGCYbKw97IBwwMWxRCN77WYY9qU10fEP1W8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e20319df04b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js | 104.17.24.14 | 200 OK | 30 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js IP104.17.24.14:0
File typeASCII text, with very long lines (32077) Hash5e4764d3c94d1a1db8c3d0890278b6d1 e5171f2f46e16d32df5f634ba21e47256fa9689c 5077e8927721a6a3ae5d78b456b7041230d627774a0a319beebacc88290b8328
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 30360
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-17b8b"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1099191
expires: Mon, 11 Sep 2023 10:10:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noL1b1qFtdA%2B7VDLpeAKPputF1hpRjx%2Bt%2F%2FBk7FC4nKg30VROW%2F0s1BILlG7330QwFC8bmKTGstDXiuDpoNn0wtizjUCmEjjtIgHjbIyoiuM8ovYMthp5fBesqavP3q8w%2BYZ4KPy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e20319ef15b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash596ea0e7cffcb12819c214fd7e55e6b5 fdf581b35743d7693bf8c7f6154471a1b2646f06 a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashe5d7d983b288c67e17280c6a1c0d80d9 8a1e575f8b8427e872c1e4c5645d9ce3e5445e52 a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| go-afs.com/media/w0tb3wi3/viewsolutions_button.png | 104.19.191.28 | 200 OK | 2.5 kB |
URL HTTP/2go-afs.com/media/w0tb3wi3/viewsolutions_button.png IP104.19.191.28:0
File typePNG image data, 228 x 60, 8-bit/color RGBA, non-interlaced\012- data Hashf87b2de9149ba2dfa737b0ddfd969267 03d71c869ee46d9007d8a490f551360db8919b92 e6c0d84008c99d9b66a23874653b076b573c79a727c93ed045a8ed90c8e92c23
GET /media/w0tb3wi3/viewsolutions_button.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: image/png
content-length: 2533
cf-ray: 74e203196b18b512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D909BD6470ECF1"
last-modified: Tue, 27 Apr 2021 20:45:28 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hasha79e3fb6006915f9224684bbf94e54f6 8634c28b2be5a6ee744fa4627853f5fc9a8547f8 500e68bbfc37e3b9f22201367dad6c84dad258d60d3fd38b52555a413bb5b73e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4687
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:37 GMT
Last-Modified: Wed, 21 Sep 2022 08:52:30 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
|
|
| go-afs.com/media/xdrk3iwo/aboutus.png | 104.19.191.28 | 200 OK | 2.1 kB |
URL HTTP/2go-afs.com/media/xdrk3iwo/aboutus.png IP104.19.191.28:0
File typePNG image data, 190 x 50, 8-bit/color RGBA, non-interlaced\012- data Hash9bfddad5304640bb23b3783a2a1b24ec e7bdceb01fed2fe0ef210644f0a21da2847855d5 6a618f22e694f059b2523aab8a06dcb564bee0dd579580c563038422c4961fd3
GET /media/xdrk3iwo/aboutus.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: image/png
content-length: 2090
cf-ray: 74e203196b16b512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D904E4400DD4C0"
last-modified: Wed, 21 Apr 2021 16:41:02 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashe5d7d983b288c67e17280c6a1c0d80d9 8a1e575f8b8427e872c1e4c5645d9ce3e5445e52 a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| go-afs.com/media/yqylx5zc/afs-logo.png | 104.19.191.28 | 200 OK | 14 kB |
URL HTTP/2go-afs.com/media/yqylx5zc/afs-logo.png IP104.19.191.28:0
File typePNG image data, 1127 x 269, 8-bit/color RGBA, non-interlaced\012- data Hashfcda80c0d6981e329a3f8ef62ea34b59 f2aec2e00b02579f92e2d4dbb027fab333fe5863 2d99db72788c6e470b5b55c7043add272660fbb8e9a2dc9a897c48604a36fc36
GET /media/yqylx5zc/afs-logo.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: image/png
content-length: 14086
cf-ray: 74e203196b13b512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D904E440BCD0C5"
last-modified: Wed, 21 Apr 2021 16:41:03 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash596ea0e7cffcb12819c214fd7e55e6b5 fdf581b35743d7693bf8c7f6154471a1b2646f06 a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| go-afs.com/media/eqtlfkfq/learnmore_button.png | 104.19.191.28 | 200 OK | 1.9 kB |
URL HTTP/2go-afs.com/media/eqtlfkfq/learnmore_button.png IP104.19.191.28:0
File typePNG image data, 228 x 60, 8-bit/color RGBA, non-interlaced\012- data Hash57db6b0adf9eb65bb3d072d057cfd650 9d84b2da4e4882695733144ecb21530d2b34426e 67af8bc7ebb72efd06a3b561d3e7e6f1eb4ee58e273f362e1eaced1205781445
GET /media/eqtlfkfq/learnmore_button.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: image/png
content-length: 1908
cf-ray: 74e203196b19b512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D909BD641219DA"
last-modified: Tue, 27 Apr 2021 20:45:28 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-PX5QPGH | 142.250.74.72 | 200 OK | 50 kB |
URL HTTP/2www.googletagmanager.com/gtm.js?id=GTM-PX5QPGH IP142.250.74.72:0
File typeASCII text, with very long lines (3649) Hash7921b3108dad0c002954d3d0f9f69d43 fb575a0ab341b4b7a114cb0a2d1863dadb057fd2 8f11dffef588e276698deabf7d89f70bc0a8004ad1a5e66d3ad6562506870e6b
GET /gtm.js?id=GTM-PX5QPGH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 10:10:37 GMT
expires: Wed, 21 Sep 2022 10:10:37 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50327
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| go-afs.com/media/kbebcvpt/home-prod-mobilesolutions.png | 104.19.191.28 | 200 OK | 130 kB |
URL HTTP/2go-afs.com/media/kbebcvpt/home-prod-mobilesolutions.png IP104.19.191.28:0
File typePNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced\012- data Size130 kB (130156 bytes) Hashfe0cc8a6d85c20197f36856ac025fcb2 823541b158488c9ace9ee6a479c15b87e9a35236 5dadd940bf5d9b45a0cf5036febf4ea1bf315de4507084d1cb49e6386967f1bf
GET /media/kbebcvpt/home-prod-mobilesolutions.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: image/png
content-length: 130156
cf-ray: 74e203197b1fb512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D904E43FBD35D4"
last-modified: Wed, 21 Apr 2021 16:41:01 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id | 142.250.74.72 | 200 OK | 36 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id IP142.250.74.72:0
File typeASCII text, with very long lines (1720) Hashdb743b1cc4eb86b4022efa3dc34a4a77 4be98cc69844a03d902e85bd38e4693008ad55cb 6e47d741a8c62233f9f271e12a9a989de850766e4b4dda92ee9554f3b2972b18
GET /gtag/js?id HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 10:10:37 GMT
expires: Wed, 21 Sep 2022 10:10:37 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 36028
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| go-afs.com/media/ffblbefg/home-prod-apexgateway.png | 104.19.191.28 | 200 OK | 100 kB |
URL HTTP/2go-afs.com/media/ffblbefg/home-prod-apexgateway.png IP104.19.191.28:0
File typePNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced\012- data Hash83e8ddd96fd70e5fef41346a2a35569a a1ee75bc9dba6a2dccf08ed301521d91df054e75 6a857edee11cdf36d8233b8a8935593e322448dc96a43741f56f5a1841572bd9
GET /media/ffblbefg/home-prod-apexgateway.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: image/png
content-length: 99639
cf-ray: 74e203196b1cb512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D904E43FF258B4"
last-modified: Wed, 21 Apr 2021 16:41:02 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2
|
|
| go-afs.com/media/z1kijiho/home-prod-pos.png | 104.19.191.28 | 200 OK | 180 kB |
URL HTTP/2go-afs.com/media/z1kijiho/home-prod-pos.png IP104.19.191.28:0
File typePNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced\012- data Size180 kB (179530 bytes) Hashb5de5f81a83027c5f138d20a59334013 afae40d722d46afa59decc0175b8881227dc4387 b0580b7d38d646776cd31abb1c4b57dee757aff6341dad39e879e4b765155f80
GET /media/z1kijiho/home-prod-pos.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: image/png
content-length: 179530
cf-ray: 74e203197b21b512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D904E4400BD891"
last-modified: Wed, 21 Apr 2021 16:41:02 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2
|
|
| go-afs.com/media/tcklmknd/home-prod-apexnow.jpg | 104.19.191.28 | 200 OK | 30 kB |
URL HTTP/2go-afs.com/media/tcklmknd/home-prod-apexnow.jpg IP104.19.191.28:0
File typeJPEG image data, progressive, precision 8, 350x350, components 3\012- data Hash35ead69e610fa8d9a962fd32a880928d 9dfe5b161b5479837a570556b04fc32487193c0a 44685552aeffe93f55b3037665f67cc65efde710c10880b99c9293868eaafba4
GET /media/tcklmknd/home-prod-apexnow.jpg HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: image/jpeg
content-length: 30166
cf-ray: 74e203197b1eb512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D9D784F6F572D9"
last-modified: Fri, 14 Jan 2022 17:40:32 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2
|
|
| go-afs.com/media/4qzg0o0p/home-prod-cashdiscount.png | 104.19.191.28 | 200 OK | 215 kB |
URL HTTP/2go-afs.com/media/4qzg0o0p/home-prod-cashdiscount.png IP104.19.191.28:0
File typePNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced\012- data Size215 kB (215396 bytes) Hash56256e8185c8a3c45079a9abe073ebe8 7d821f409a1b35a9036c028481cfbc43f54e4a20 d756ca504170af170f651d0e75f3bda483bdd8b7c2a227dca665e67f88e84b69
GET /media/4qzg0o0p/home-prod-cashdiscount.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: image/png
content-length: 215396
cf-ray: 74e203197b20b512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D904E43F44E399"
last-modified: Wed, 21 Apr 2021 16:41:01 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2
|
|
| go-afs.com/media/ofvj21qx/home-prod-apexconnect.png | 104.19.191.28 | 200 OK | 145 kB |
URL HTTP/2go-afs.com/media/ofvj21qx/home-prod-apexconnect.png IP104.19.191.28:0
File typePNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced\012- data Size145 kB (144628 bytes) Hash1163048b05db50b653140383f2a3a772 8d086b85d565ae0aea442edea57a9d0556b67e07 56fdaa32970710019cfb009c29c5680207efb3b893eff6529e58c5450a64a5b0
GET /media/ofvj21qx/home-prod-apexconnect.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: image/png
content-length: 144628
cf-ray: 74e203196b1ab512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D904E43FD507A7"
last-modified: Wed, 21 Apr 2021 16:41:01 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash596ea0e7cffcb12819c214fd7e55e6b5 fdf581b35743d7693bf8c7f6154471a1b2646f06 a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashe5d7d983b288c67e17280c6a1c0d80d9 8a1e575f8b8427e872c1e4c5645d9ce3e5445e52 a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| go-afs.com/media/sjikc3vs/greenbutton.png | 104.19.191.28 | 200 OK | 438 B |
URL HTTP/2go-afs.com/media/sjikc3vs/greenbutton.png IP104.19.191.28:0
File typePNG image data, 228 x 60, 8-bit/color RGBA, non-interlaced\012- data Hashbcb27513092300d14cab6e5f0b130d5c 8b9fe7bee3778564449dae849543d78a9e424723 bf9014283dce47aab3a32df8c60558c48e898c8f2f07dc3968d702505deffff6
GET /media/sjikc3vs/greenbutton.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:38 GMT
content-type: image/png
content-length: 438
cf-ray: 74e2031afd83b512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D909BD6379B579"
last-modified: Tue, 27 Apr 2021 20:45:27 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc683e61e63df92799aa274fdac42cd3b 191aeec95861fa8596a90a10c60b22434431c033 898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc683e61e63df92799aa274fdac42cd3b 191aeec95861fa8596a90a10c60b22434431c033 898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | 200 OK | 45 kB |
URL HTTP/2fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data Hash565ce506190ad3af920b40baf1794cec ad3cba5d06100e09449a864d3b5e58403b478b3d 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 08:31:01 GMT
expires: Wed, 20 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 92377
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8ebb267e443b81854ef9a01b3eb6489d b932e9e5679da5a9160da5429458041765509b52 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10976
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 10:10:38 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8ebb267e443b81854ef9a01b3eb6489d b932e9e5679da5a9160da5429458041765509b52 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10976
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 10:10:38 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8ebb267e443b81854ef9a01b3eb6489d b932e9e5679da5a9160da5429458041765509b52 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10976
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 10:10:38 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg | 34.120.237.76 | 200 OK | 9.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha692964324dbb9c460a1b855808d02e6 1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54 3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JEb0g486u6AjYFbf8rSbreKjh0m1GsAGbvykHl0oahmVN2ciqe5FOw==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:14:57 GMT
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
age: 42941
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf7b780d39877eea116277625aaa01f1b d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db ca9d59056e0a3f512d36db11f4a4bd3109c2ce1e13b29b5f40dce84df079e71f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12654
x-amzn-requestid: efc99152-2b51-462d-b48b-67ba8263b1cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOGVYoAMFcvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-00eeb6913e06ac151f293263;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: nSWUmBqJPIBYNoLtyrfAN7CK4367b6TEku9eki8BGJVdTWW3dSyckw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 06:45:55 GMT
age: 12283
etag: "d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg | 34.120.237.76 | 200 OK | 8.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4eb6d1b35f680bfec656941b6167fd23 344c6000dbdafdb5105edc93a082d640c3e95ddc 67fc85fa0f1a55d57ab9db6f4c723fb9116ef3b2c5282dbdd42d9c37396bd7b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8826
x-amzn-requestid: cf0c711e-4ec9-4f87-a60f-41374262a114
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYweUHIyoAMFYQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202df5-17ad5d4e25a754586e531d05;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:15:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OEbpCQXLpTCDZH4OlzVvvsc-bSgbsIoXRgX6f-nKVwJTL5-SVTCHeA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:48:37 GMT
age: 44521
etag: "344c6000dbdafdb5105edc93a082d640c3e95ddc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash14e6ddceb639a5f4875aecb796f95c79 b1cd04a66852694284eeef16a1cde38896e33c03 4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e3MMA-NVstIsR7M9_JGH05i1e8pK17RsjyERrSMlC3uoHsWw_7ABtA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 19:18:32 GMT
age: 53526
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg | 34.120.237.76 | 200 OK | 6.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8bae3a7a80ff40df1d701dfc925ddeff 91df60162a8322469cada0dd8eb93619f28aec1a fab10c7ad4658bc191621d9f2042236a7b6e34448ce5215dde5b8d6a64b52952
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6897
x-amzn-requestid: 509dc368-dd1c-4be7-94ff-64dbd53c199f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YoqoRG2WIAMFw6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63268b01-1cb916c251fd5f2f3cf10435;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 03:05:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vs0CTuiAdjRtfJD9qX9S5R07Hw6BWfiOAT50GwTdiSETdoqr2FNsyw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 04:14:25 GMT
age: 21373
etag: "91df60162a8322469cada0dd8eb93619f28aec1a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg | 34.120.237.76 | 200 OK | 7.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4d98acc059a69d51165fb5e0c7430ea3 09bd3300d710c3212483159f8398b84cde09da26 6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rq4QHCD4EubBKHyCj7jyKqpct5d7U33TvNufqj_w8mWunqQsouoh7w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:25:17 GMT
age: 42321
etag: "09bd3300d710c3212483159f8398b84cde09da26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc683e61e63df92799aa274fdac42cd3b 191aeec95861fa8596a90a10c60b22434431c033 898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| go-afs.com/media/qyonp1px/afswelcome_hero.png | 104.19.191.28 | 200 OK | 2.4 MB |
URL HTTP/2go-afs.com/media/qyonp1px/afswelcome_hero.png IP104.19.191.28:0
File typePNG image data, 1918 x 957, 8-bit/color RGBA, non-interlaced\012- data Size2.4 MB (2381079 bytes) Hash1566baa63d14e1e12caf5c524a92af40 df8a320fc19be2acdcc3d75af183a1374010e885 84df20c5a880d21b5247e56936d93178fc6239275b75afddaadedc0ac6f1520b
GET /media/qyonp1px/afswelcome_hero.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:38 GMT
content-type: image/png
content-length: 2381079
cf-ray: 74e2031aed69b512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D960D005CCF6D8"
last-modified: Mon, 16 Aug 2021 16:08:01 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/analytics.js | 142.250.74.174 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.174:0
File typeASCII text, with very long lines (1325) Hashcae538dcce82598fbe43c0bf443e62dd cc68ac6be9c5e0087a0000e5735b83270ace30f5 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 21 Sep 2022 08:41:12 GMT
expires: Wed, 21 Sep 2022 10:41:12 GMT
cache-control: public, max-age=7200
age: 5366
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| go-afs.com/media/2dpb1oqo/favicon.png | 104.19.191.28 | 200 OK | 687 B |
URL HTTP/2go-afs.com/media/2dpb1oqo/favicon.png IP104.19.191.28:0
File typePNG image data, 25 x 23, 8-bit/color RGBA, non-interlaced\012- data Hash383c2ee8e0aabc3c65afc4cd2dcd2bed 2e4060252e611c1c1214be7c556e84f7cfd0cab0 adaf7d160c4cc7e300f5b7d4f623ed1839b3d8d1baf4b674f36fc98a62947585
GET /media/2dpb1oqo/favicon.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1; _gcl_au=1.1.1633729557.1663755038
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:38 GMT
content-type: image/png
content-length: 687
cf-ray: 74e2031eeaa9b512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D91F0FA11DF441"
last-modified: Mon, 24 May 2021 23:57:03 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash67b756e82caefc7860b9f2d4a4f40341 adeae15d52089bcca4ca247fc4aebceef8406e34 72ff9f52080a633dc841554f7d4cc70083edd2572b535d84093ae63f0c50b832
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/pagead/conversion_async.js | 142.250.74.164 | 200 OK | 16 kB |
URL HTTP/2www.google.com/pagead/conversion_async.js IP142.250.74.164:0
File typeASCII text, with very long lines (1654) Hash890f716858b5f72587e47c5eca121cb5 91871a0acd9a0ab644d51036bb5ca0c3bdc5e687 7a3629e375468328b3fb25e1a6cc5749604f09099e8d2109f366e7e0226aee4a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 21 Sep 2022 10:10:38 GMT
expires: Wed, 21 Sep 2022 10:10:38 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3080337328058561381
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashbb4bdc4c3c6869c822618f0b9ef1bdc5 6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash9baaa3878151bf5d83c8d7014da17e5d d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037 1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash9baaa3878151bf5d83c8d7014da17e5d d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037 1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=131897339&gjid=2000018762&_gid=628111740.1663755039&_u=YEBAAEAAAAAAAC~&z=1919478995 | 142.251.1.155 | 200 OK | 4 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=131897339&gjid=2000018762&_gid=628111740.1663755039&_u=YEBAAEAAAAAAAC~&z=1919478995 IP142.251.1.155:0
File typeASCII text, with no line terminators Hash48c0473b7821185d937e685216e2168b 3743e47f8a429a5e87b86cb582d78940733d9d2e 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=131897339&gjid=2000018762&_gid=628111740.1663755039&_u=YEBAAEAAAAAAAC~&z=1919478995 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://go-afs.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 21 Sep 2022 10:10:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=868622507&gjid=1508333012&_gid=628111740.1663755039&_u=YEDAAUABAAAAAC~&z=2084882912 | 142.251.1.155 | 200 OK | 4 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=868622507&gjid=1508333012&_gid=628111740.1663755039&_u=YEDAAUABAAAAAC~&z=2084882912 IP142.251.1.155:0
File typeASCII text, with no line terminators Hash48c0473b7821185d937e685216e2168b 3743e47f8a429a5e87b86cb582d78940733d9d2e 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=868622507&gjid=1508333012&_gid=628111740.1663755039&_u=YEDAAUABAAAAAC~&z=2084882912 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://go-afs.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 21 Sep 2022 10:10:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.clarity.ms/eus2/s/0.6.40/clarity.js | 13.107.227.53 | 200 OK | 24 kB |
URL HTTP/2www.clarity.ms/eus2/s/0.6.40/clarity.js IP13.107.227.53:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeUnicode text, UTF-8 text, with very long lines (54745) Hash25d5a0784850479d5fd0fc2dfe7bf04b edbf12ed40a61cf301cf879e15d6929a805d108c 697927de943ffc88a20f2f608b5875d716bb2d8c43f33a57a72e95f6f55cd5fa
GET /eus2/s/0.6.40/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8c7baa5622330"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0HuMqYwAAAAD8N2nbcQEyT4ToHFaCoDQ/T1NMMjMxMDUwMjAzMDUxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Wed, 21 Sep 2022 10:10:38 GMT
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash9baaa3878151bf5d83c8d7014da17e5d d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037 1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash9baaa3878151bf5d83c8d7014da17e5d d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037 1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashfde987c85b17b2242afddd76c3fd3b62 08e87b8185fc39462e6b331d565a864df2fd5865 49bc15e88c546089cc42939f8dc9f7046f1dd98332c31cf52435586bc8ea177c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashfde987c85b17b2242afddd76c3fd3b62 08e87b8185fc39462e6b331d565a864df2fd5865 49bc15e88c546089cc42939f8dc9f7046f1dd98332c31cf52435586bc8ea177c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashfde987c85b17b2242afddd76c3fd3b62 08e87b8185fc39462e6b331d565a864df2fd5865 49bc15e88c546089cc42939f8dc9f7046f1dd98332c31cf52435586bc8ea177c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.no/pagead/1p-user-list/444627646/?random=1663755038882&cv=9&fst=1663754400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo-afs.com%2F&tiba=AFS%20Agile%20Financial%20Systems%20Home&async=1&fmt=3&is_vtc=1&random=3248426018&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y | 142.250.74.3 | 200 OK | 42 B |
URL HTTP/2www.google.no/pagead/1p-user-list/444627646/?random=1663755038882&cv=9&fst=1663754400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo-afs.com%2F&tiba=AFS%20Agile%20Financial%20Systems%20Home&async=1&fmt=3&is_vtc=1&random=3248426018&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y IP142.250.74.3:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/444627646/?random=1663755038882&cv=9&fst=1663754400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo-afs.com%2F&tiba=AFS%20Agile%20Financial%20Systems%20Home&async=1&fmt=3&is_vtc=1&random=3248426018&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 10:10:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=868622507&_u=YEDAAUABAAAAAC~&z=279512132 | 142.250.74.3 | 200 OK | 42 B |
URL HTTP/2www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=868622507&_u=YEDAAUABAAAAAC~&z=279512132 IP142.250.74.3:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=868622507&_u=YEDAAUABAAAAAC~&z=279512132 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 10:10:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=131897339&_u=YEBAAEAAAAAAAC~&z=818952996 | 142.250.74.3 | 200 OK | 42 B |
URL HTTP/2www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=131897339&_u=YEBAAEAAAAAAAC~&z=818952996 IP142.250.74.3:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-128791235-2&cid=282442245.1663755039&jid=131897339&_u=YEBAAEAAAAAAAC~&z=818952996 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 10:10:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashfde987c85b17b2242afddd76c3fd3b62 08e87b8185fc39462e6b331d565a864df2fd5865 49bc15e88c546089cc42939f8dc9f7046f1dd98332c31cf52435586bc8ea177c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| c.clarity.ms/c.gif | 20.234.93.27 | 302 Found | 0 B |
IP20.234.93.27:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=4132881FDAF548CB84B383571F6D5798&RedC=c.clarity.ms&MXFR=2B239DADDDD16BEA1AE58F8BD9D16536
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=2B239DADDDD16BEA1AE58F8BD9D16536; domain=.clarity.ms; expires=Mon, 16-Oct-2023 10:10:39 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Wed, 21 Sep 2022 10:10:38 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| c.bing.com/c.gif?CtsSyncId=4132881FDAF548CB84B383571F6D5798&RedC=c.clarity.ms&MXFR=2B239DADDDD16BEA1AE58F8BD9D16536 | 204.79.197.200 | 302 Found | 0 B |
URL HTTP/2c.bing.com/c.gif?CtsSyncId=4132881FDAF548CB84B383571F6D5798&RedC=c.clarity.ms&MXFR=2B239DADDDD16BEA1AE58F8BD9D16536 IP204.79.197.200:0 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=4132881FDAF548CB84B383571F6D5798&RedC=c.clarity.ms&MXFR=2B239DADDDD16BEA1AE58F8BD9D16536 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go-afs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=4132881FDAF548CB84B383571F6D5798&MUID=230A1FAA051E624014460D8C0449638F
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=230A1FAA051E624014460D8C0449638F; domain=c.bing.com; expires=Mon, 16-Oct-2023 10:10:39 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FEDECF2A8C9E48C4851C9EE12D555DFE Ref B: OSL30EDGE0414 Ref C: 2022-09-21T10:10:39Z
date: Wed, 21 Sep 2022 10:10:38 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| c.clarity.ms/c.gif?CtsSyncId=4132881FDAF548CB84B383571F6D5798&MUID=230A1FAA051E624014460D8C0449638F | 20.234.93.27 | 200 OK | 42 B |
URL HTTP/2c.clarity.ms/c.gif?CtsSyncId=4132881FDAF548CB84B383571F6D5798&MUID=230A1FAA051E624014460D8C0449638F IP20.234.93.27:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeGIF image data, version 89a, 1 x 1\012- data Hash32023bb33cfb2a1990a4ef2d85b6ac16 23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=4132881FDAF548CB84B383571F6D5798&MUID=230A1FAA051E624014460D8C0449638F HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go-afs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 21-Sep-2022 10:20:39 GMT; path=/; SameSite=None; Secure;
date: Wed, 21 Sep 2022 10:10:38 GMT
content-length: 42
X-Firefox-Spdy: h2
|
|
| b.clarity.ms/collect | 20.75.32.255 | 204 No Content | 0 B |
IP20.75.32.255:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 521
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://go-afs.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Wed, 21 Sep 2022 10:10:39 GMT
X-Firefox-Spdy: h2
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-9QVVWF40FE>m=2oe9j0&_p=87798840&cid=282442245.1663755039&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663755038&sct=1&seg=0&dl=https%3A%2F%2Fgo-afs.com%2F&dt=AFS%20Agile%20Financial%20Systems%20Home&en=page_view&_fv=1&_ss=1 | 216.239.32.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-9QVVWF40FE>m=2oe9j0&_p=87798840&cid=282442245.1663755039&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663755038&sct=1&seg=0&dl=https%3A%2F%2Fgo-afs.com%2F&dt=AFS%20Agile%20Financial%20Systems%20Home&en=page_view&_fv=1&_ss=1 IP216.239.32.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-9QVVWF40FE>m=2oe9j0&_p=87798840&cid=282442245.1663755039&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663755038&sct=1&seg=0&dl=https%3A%2F%2Fgo-afs.com%2F&dt=AFS%20Agile%20Financial%20Systems%20Home&en=page_view&_fv=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://go-afs.com
date: Wed, 21 Sep 2022 10:10:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| b.clarity.ms/collect | 20.75.32.255 | 204 No Content | 0 B |
IP20.75.32.255:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 38617
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://go-afs.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Wed, 21 Sep 2022 10:10:39 GMT
X-Firefox-Spdy: h2
|
|
| b.clarity.ms/collect | 20.75.32.255 | 204 No Content | 0 B |
IP20.75.32.255:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 916
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://go-afs.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Wed, 21 Sep 2022 10:10:41 GMT
X-Firefox-Spdy: h2
|
|
| go-afs.com/media/zetbjpgz/gateway_hero.png | 104.19.191.28 | 200 OK | 2.1 MB |
URL HTTP/2go-afs.com/media/zetbjpgz/gateway_hero.png IP104.19.191.28:0
File typePNG image data, 1918 x 957, 8-bit/color RGBA, non-interlaced\012- data Size2.1 MB (2143459 bytes) Hashb6fb8459f4d7e52ff16894f1e8a4d3b3 e6fa78468a326de7b221dc1bb830074e2c4b2e1c b948cf2443d69a25748ffbdf604f599ea0d1897d4a0c4f245ad49678d67fb23a
GET /media/zetbjpgz/gateway_hero.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1; _gcl_au=1.1.1633729557.1663755038; _ga=GA1.1.282442245.1663755039; _gid=GA1.2.628111740.1663755039; _gat_UA-128791235-2=1; _gat_gtag_UA_128791235_2=1; _ga_9QVVWF40FE=GS1.1.1663755038.1.0.1663755038.0.0.0; _clck=n2bf11|1|f52|0; _clsk=119kvys|1663755039470|1|1|b.clarity.ms/collect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:44 GMT
content-type: image/png
content-length: 2143459
cf-ray: 74e203420901b512-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D960D027C21145"
last-modified: Mon, 16 Aug 2021 16:08:58 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c472fe6-fe9b-4742-98f4-b71f53839315.jpeg | 34.120.237.76 | 200 OK | 4.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c472fe6-fe9b-4742-98f4-b71f53839315.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4df06b3e4176e8f080c997bfae578142 0850ed5db509f8a75439eca5866c2bb6ca3195d3 43e8bfd931d778ac5ebf2d4a8c9915cb05394b6499f9a8575cfc8ce93edd7d92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c472fe6-fe9b-4742-98f4-b71f53839315.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4789
x-amzn-requestid: 36ce3b9d-d2aa-4975-86e5-22875944d707
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiqljEIKoAMFhPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63242489-1a31957361790e766b8355c6;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:23:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uNmY94pnSglVwSsx4oEaFrQqFI0bxeVzH8o8PYApgHQk_CSrkk2R1g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:20:09 GMT
age: 42635
etag: "0850ed5db509f8a75439eca5866c2bb6ca3195d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 | 104.18.47.230 | 200 OK | 0 B |
URL HTTP/2static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 IP104.18.47.230:0
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://leads.go-afs.com
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e20316c933b4ff-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| go-afs.com/App_Plugins/UmbracoForms/Assets/aspnet-validation/dist/aspnet-validation.min.js | 104.19.191.28 | 200 OK | 0 B |
URL HTTP/2go-afs.com/App_Plugins/UmbracoForms/Assets/aspnet-validation/dist/aspnet-validation.min.js IP104.19.191.28:0
GET /App_Plugins/UmbracoForms/Assets/aspnet-validation/dist/aspnet-validation.min.js HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: application/x-javascript
cf-ray: 74e203196b0ab512-OSL
etag: W/"86755d19bcbd71:0"
last-modified: Wed, 27 Oct 2021 08:17:36 GMT
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans:300,400,700 | 216.58.211.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Open+Sans:300,400,700 IP216.58.211.10:0
GET /css?family=Open+Sans:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 10:10:37 GMT
date: Wed, 21 Sep 2022 10:10:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| goafs.kartra.com/front/domain_validation?step=2&domain=leads.go-afs.com&url=https%3A%2F%2Fleads.go-afs.com%2F%3FmsID%3Da4b733f1-fd5a-4545-b662-14ddd84e5e13 | 104.17.208.37 | 307 Temporary Redirect | 0 B |
URL HTTP/2goafs.kartra.com/front/domain_validation?step=2&domain=leads.go-afs.com&url=https%3A%2F%2Fleads.go-afs.com%2F%3FmsID%3Da4b733f1-fd5a-4545-b662-14ddd84e5e13 IP104.17.208.37:0
GET /front/domain_validation?step=2&domain=leads.go-afs.com&url=https%3A%2F%2Fleads.go-afs.com%2F%3FmsID%3Da4b733f1-fd5a-4545-b662-14ddd84e5e13 HTTP/1.1
Host: goafs.kartra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
date: Wed, 21 Sep 2022 10:10:36 GMT
content-type: text/html; charset=UTF-8
location: https://leads.go-afs.com/?msID=a4b733f1-fd5a-4545-b662-14ddd84e5e13&r_done=1
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74e203121e6b0b3d-OSL
X-Firefox-Spdy: h2
|
|
| go-afs.com/DependencyHandler.axd?s=L2Nzcy9BcnRpY2xlLUxpc3QuY3NzOy9jc3MvRm9vdGVyLUJhc2ljLmNzczsvY3NzL05hdmlnYXRpb24tQ2xlYW4xLmNzczsvY3NzL05ld3MtQ2FyZHMuY3NzOy9jc3MvU3R5bGVzRHJvcGRvd24uY3NzOy9jc3Mvc3R5bGVzLmNzczsvY3NzL3RpbGVzLWNhcm91c2VsLmNzczsvY3NzL0Nhcm91c2VsLUhlcm8uY3NzOy9jc3MvQWJvdXRVcy5jc3M7L2Nzcy9OZXdzQmxvZy5jc3M7L2Nzcy9DYXJlZXJzLmNzczsvY3NzL1BheW1lbnRTb2x1dGlvbnMuY3NzOy9jc3MvTGFuZGluZy1QYWdlcy5jc3M7L2Nzcy92aWRlb01vZGFsLmNzczs&t=Css&cdv=908616580 | 104.19.191.28 | 200 OK | 0 B |
URL HTTP/2go-afs.com/DependencyHandler.axd?s=L2Nzcy9BcnRpY2xlLUxpc3QuY3NzOy9jc3MvRm9vdGVyLUJhc2ljLmNzczsvY3NzL05hdmlnYXRpb24tQ2xlYW4xLmNzczsvY3NzL05ld3MtQ2FyZHMuY3NzOy9jc3MvU3R5bGVzRHJvcGRvd24uY3NzOy9jc3Mvc3R5bGVzLmNzczsvY3NzL3RpbGVzLWNhcm91c2VsLmNzczsvY3NzL0Nhcm91c2VsLUhlcm8uY3NzOy9jc3MvQWJvdXRVcy5jc3M7L2Nzcy9OZXdzQmxvZy5jc3M7L2Nzcy9DYXJlZXJzLmNzczsvY3NzL1BheW1lbnRTb2x1dGlvbnMuY3NzOy9jc3MvTGFuZGluZy1QYWdlcy5jc3M7L2Nzcy92aWRlb01vZGFsLmNzczs&t=Css&cdv=908616580 IP104.19.191.28:0
GET /DependencyHandler.axd?s=L2Nzcy9BcnRpY2xlLUxpc3QuY3NzOy9jc3MvRm9vdGVyLUJhc2ljLmNzczsvY3NzL05hdmlnYXRpb24tQ2xlYW4xLmNzczsvY3NzL05ld3MtQ2FyZHMuY3NzOy9jc3MvU3R5bGVzRHJvcGRvd24uY3NzOy9jc3Mvc3R5bGVzLmNzczsvY3NzL3RpbGVzLWNhcm91c2VsLmNzczsvY3NzL0Nhcm91c2VsLUhlcm8uY3NzOy9jc3MvQWJvdXRVcy5jc3M7L2Nzcy9OZXdzQmxvZy5jc3M7L2Nzcy9DYXJlZXJzLmNzczsvY3NzL1BheW1lbnRTb2x1dGlvbnMuY3NzOy9jc3MvTGFuZGluZy1QYWdlcy5jc3M7L2Nzcy92aWRlb01vZGFsLmNzczs&t=Css&cdv=908616580 HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: text/css
cf-ray: 74e203196b06b512-OSL
cache-control: public, must-revalidate, proxy-revalidate, max-age=383535, s-maxage=383535
etag: W/"4bd459398052b0208c952e4051514dbd"
expires: Sun, 25 Sep 2022 20:42:53 GMT
last-modified: Thu, 15 Sep 2022 20:42:53 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
set-cookie: ARRAffinity=b1ef89074c71e161dc4fc9e1fb894062be585b15fd3db58dcfd3dfb656c73999;Path=/;HttpOnly;Secure;Domain=a99cf50f-9e0d-4f64-b469-18205ba19ad9.azurewebsites.net
ARRAffinitySameSite=b1ef89074c71e161dc4fc9e1fb894062be585b15fd3db58dcfd3dfb656c73999;Path=/;HttpOnly;SameSite=None;Secure;Domain=a99cf50f-9e0d-4f64-b469-18205ba19ad9.azurewebsites.net
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css | 104.18.10.207 | 200 OK | 0 B |
URL HTTP/2maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css IP104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-03-10 20:26:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 121d365db7a9aba3915641185d93b963
cdn-cache: HIT
cf-cache-status: HIT
age: 13065844
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74e20319bcf6b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Nunito|LibreBaskerville | 216.58.211.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Nunito|LibreBaskerville IP216.58.211.10:0
GET /css?family=Nunito|LibreBaskerville HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 10:10:37 GMT
date: Wed, 21 Sep 2022 10:10:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| leads.go-afs.com/?msID=a4b733f1-fd5a-4545-b662-14ddd84e5e13 | 104.17.208.37 | 302 Found | 0 B |
URL HTTP/2leads.go-afs.com/?msID=a4b733f1-fd5a-4545-b662-14ddd84e5e13 IP104.17.208.37:0
GET /?msID=a4b733f1-fd5a-4545-b662-14ddd84e5e13 HTTP/1.1
Host: leads.go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Wed, 21 Sep 2022 10:10:36 GMT
content-type: text/html; charset=UTF-8
location: https://leads.go-afs.com/front/domain_validation?step=1&domain=leads.go-afs.com&url=https%3A%2F%2Fleads.go-afs.com%2F%3FmsID%3Da4b733f1-fd5a-4545-b662-14ddd84e5e13
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74e2030d787ab506-OSL
X-Firefox-Spdy: h2
|
|
| leads.go-afs.com/cdn-cgi/rum? | 104.17.208.37 | 200 OK | 0 B |
URL HTTP/2leads.go-afs.com/cdn-cgi/rum? IP104.17.208.37:0
POST /cdn-cgi/rum? HTTP/1.1
Host: leads.go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 330
Origin: https://leads.go-afs.com
Connection: keep-alive
Referer: https://leads.go-afs.com/?msID=a4b733f1-fd5a-4545-b662-14ddd84e5e13&r_done=1
Cookie: kartra_visited=a4d2fcb8893f27d5c03d3e00e7df4304c88f8de5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: text/plain
access-control-allow-origin: https://leads.go-afs.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 74e203191a5cb506-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| go-afs.com/DependencyHandler.axd?s=L3NjcmlwdHMvbmF2aWdhdGlvbk1lbnUuanM7L3NjcmlwdHMvbG9hZEV2ZW50cy5qczsvc2NyaXB0cy9jb250YWN0Rm9ybS5qczsvc2NyaXB0cy9yZXNwb25zaXZlLmpzOw&t=Javascript&cdv=908616580 | 104.19.191.28 | 200 OK | 0 B |
URL HTTP/2go-afs.com/DependencyHandler.axd?s=L3NjcmlwdHMvbmF2aWdhdGlvbk1lbnUuanM7L3NjcmlwdHMvbG9hZEV2ZW50cy5qczsvc2NyaXB0cy9jb250YWN0Rm9ybS5qczsvc2NyaXB0cy9yZXNwb25zaXZlLmpzOw&t=Javascript&cdv=908616580 IP104.19.191.28:0
GET /DependencyHandler.axd?s=L3NjcmlwdHMvbmF2aWdhdGlvbk1lbnUuanM7L3NjcmlwdHMvbG9hZEV2ZW50cy5qczsvc2NyaXB0cy9jb250YWN0Rm9ybS5qczsvc2NyaXB0cy9yZXNwb25zaXZlLmpzOw&t=Javascript&cdv=908616580 HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=vk41uezopagwpmxzt5dl4xuk; __RequestVerificationToken=EtT5HtAoGzN9cPIUl7z3SePeoW1xwqcx4Oo1tUwApmZ5iZ6yZggqEyXBtafgqvrZdd9NQzelZwUdEYHccvTgMlh6rp44klgS4JQMlFPdm7E1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:10:37 GMT
content-type: application/x-javascript
cf-ray: 74e203197b23b512-OSL
cache-control: public, must-revalidate, proxy-revalidate, max-age=383535, s-maxage=383535
etag: W/"8184d85837fe845d751fe87b91b6590b"
expires: Sun, 25 Sep 2022 20:42:53 GMT
last-modified: Thu, 15 Sep 2022 20:42:53 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
set-cookie: ARRAffinity=b1ef89074c71e161dc4fc9e1fb894062be585b15fd3db58dcfd3dfb656c73999;Path=/;HttpOnly;Secure;Domain=a99cf50f-9e0d-4f64-b469-18205ba19ad9.azurewebsites.net
ARRAffinitySameSite=b1ef89074c71e161dc4fc9e1fb894062be585b15fd3db58dcfd3dfb656c73999;Path=/;HttpOnly;SameSite=None;Secure;Domain=a99cf50f-9e0d-4f64-b469-18205ba19ad9.azurewebsites.net
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|