ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9e806d663b55904bcbcfd0575340df28
b204b8b83a639be5fdc96231de3d56da26b176a9
6aa0cc865c653254630efc6bd250ce740fb923ea722ca1e6704f7b71fbf664d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5178
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:17 GMT
Last-Modified: Wed, 08 Feb 2023 11:03:01 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6986
Expires: Wed, 08 Feb 2023 14:25:43 GMT
Date: Wed, 08 Feb 2023 12:29:17 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2646
Expires: Wed, 08 Feb 2023 13:13:23 GMT
Date: Wed, 08 Feb 2023 12:29:17 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10684
Expires: Wed, 08 Feb 2023 15:27:21 GMT
Date: Wed, 08 Feb 2023 12:29:17 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 11:36:38 GMT
content-type: application/json
age: 3159
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ONmFjEd2jMCgcql6M6avxLhRgNS9hEl8tXI4FSvXGxK3m1yAvd/n+Z15xiICt/rT1QSQLSmgM4o=
x-amz-request-id: RN0GP3JB0X96F35H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 11:45:57 GMT
age: 2600
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:17 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 11:51:20 GMT
age: 2277
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19040
Expires: Wed, 08 Feb 2023 17:46:37 GMT
Date: Wed, 08 Feb 2023 12:29:17 GMT
Connection: keep-alive
app.clickfunnels.com/assets/userevents/application.js
104.16.12.194200 OK 2.1 kB URL HTTP/2 app.clickfunnels.com/assets/userevents/application.js
IP 104.16.12.194:0
File type ASCII text, with very long lines (5244), with no line terminators
Hash 42861379d6361b1a0daec957602a1a8f
c69d0a28d18ee58b4fe6179baf8e431ea93f6843
e24717d4a79b1a810aa392c2405386b22aab65d054ba30252471b77db043b3b8
GET /assets/userevents/application.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://raulalvez033.clickfunnels.com/
Cookie: __cf_bm=r8PVZOLeBfcTu5rmoMRebdJgt.KDL5ZMC_xgO4aoo4g-1675859357-0-AaSxnm+WkMqfh68Tw2TjqfZfJXHTBTj7bjHmYvpKOGyzsZOz0t4ANlgvzQmuNFVFjIife19Kfi0D8fBCnX4htrlShi0L4bAQNWeB0QyQtwmM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 12:29:17 GMT
content-type: application/x-javascript
cf-ray: 79645ebaf93eb51b-OSL
access-control-allow-origin: *
age: 303
cache-control: public, max-age=1200
etag: W/"63dbd64f-147c"
expires: Wed, 08 Feb 2023 12:49:17 GMT
last-modified: Thu, 02 Feb 2023 15:27:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=FZ.6pjR9JoHFcJSwWN8GxdCCCbPHyOWsOaGXssUB_44-1675859357-0-ATfNiecIkw1e3CFLz8eUvrdaLFM2OqIKrsYwxyxFxL-0P1yv49cszGHQUjYFrkzzrAvk71khr62WKIbVv0ZCg-ML12PwW2mduvvgBRNgi8kk"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=FZ.6pjR9JoHFcJSwWN8GxdCCCbPHyOWsOaGXssUB_44-1675859357-0-ATfNiecIkw1e3CFLz8eUvrdaLFM2OqIKrsYwxyxFxL-0P1yv49cszGHQUjYFrkzzrAvk71khr62WKIbVv0ZCg-ML12PwW2mduvvgBRNgi8kk; report-to cf-csp-endpoint
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 15beb7bfb1e8bb9ad6f47c3a7945d341
9b28ae0959c9eb85356cead7d9dadbef4ef638fe
fc168abe9147f855283027ea0e5d90367d45c016fbdf181c06b0969e94c04e8f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5853
Cache-Control: max-age=90906
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:18 GMT
Etag: "63e23edb-118"
Expires: Thu, 09 Feb 2023 13:44:24 GMT
Last-Modified: Tue, 07 Feb 2023 12:06:51 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png
104.16.12.194200 OK 5.3 kB URL HTTP/2 images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png
IP 104.16.12.194:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d99a10ef5010513b3d30f7cf51614b5f
d60c1da11f05540f39632c7357c22b76c9ee1ed7
5dfa88a4dc8b6c0b834a62e45daee28a8dc37ed6ae7eb1545e4ed8b6382c0474
GET /3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png HTTP/1.1
Host: images.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://raulalvez033.clickfunnels.com/
Cookie: __cf_bm=r8PVZOLeBfcTu5rmoMRebdJgt.KDL5ZMC_xgO4aoo4g-1675859357-0-AaSxnm+WkMqfh68Tw2TjqfZfJXHTBTj7bjHmYvpKOGyzsZOz0t4ANlgvzQmuNFVFjIife19Kfi0D8fBCnX4htrlShi0L4bAQNWeB0QyQtwmM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 12:29:18 GMT
content-type: image/webp
content-length: 5276
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=9030
content-disposition: inline; filename="ClickfunnelsTag.webp"
etag: "a633777156a5ffeb58c92d3d59fa4e34"
last-modified: Fri, 03 Jan 2020 17:41:49 GMT
vary: Accept
x-amz-id-2: HOPexmz3lEGNIEx5Uu36mMbcoc0/Fy3/vIHWTFW0Sw5FPlrP0FhLDJXq1XloyMn3CNX2c2CcIOw=
x-amz-request-id: FVQAJS122FVNF251
cf-cache-status: HIT
age: 518
expires: Sat, 04 Mar 2023 12:29:18 GMT
cache-control: public, max-age=2073600
accept-ranges: bytes
server: cloudflare
cf-ray: 79645ebbfaecb51b-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 15beb7bfb1e8bb9ad6f47c3a7945d341
9b28ae0959c9eb85356cead7d9dadbef4ef638fe
fc168abe9147f855283027ea0e5d90367d45c016fbdf181c06b0969e94c04e8f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5853
Cache-Control: max-age=90906
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:18 GMT
Etag: "63e23edb-118"
Expires: Thu, 09 Feb 2023 13:44:24 GMT
Last-Modified: Tue, 07 Feb 2023 12:06:51 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
push.services.mozilla.com/
54.202.152.202101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.202.152.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6QxQBhlkyDFti77/IqaPvA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: W7tgB2v7n0VbpHwuBY28/Hp1ysE=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6410
Expires: Wed, 08 Feb 2023 14:16:09 GMT
Date: Wed, 08 Feb 2023 12:29:19 GMT
Connection: keep-alive
app.clickfunnels.com/assets/lander.css
104.16.12.194200 OK 72 kB URL HTTP/2 app.clickfunnels.com/assets/lander.css
IP 104.16.12.194:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (53232)
Hash d642a97d57211ef3ce1dcd277887f778
158c26489e3a30f12d0f8f222631b27bbb6ed5f7
c30f07373e71672a1e9850159221b1f096ae15d729bbe1f2a47b68b33244b4df
GET /assets/lander.css HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://raulalvez033.clickfunnels.com/
Cookie: __cf_bm=r8PVZOLeBfcTu5rmoMRebdJgt.KDL5ZMC_xgO4aoo4g-1675859357-0-AaSxnm+WkMqfh68Tw2TjqfZfJXHTBTj7bjHmYvpKOGyzsZOz0t4ANlgvzQmuNFVFjIife19Kfi0D8fBCnX4htrlShi0L4bAQNWeB0QyQtwmM
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 12:29:17 GMT
content-type: text/css
cf-ray: 79645ebaf943b51b-OSL
access-control-allow-origin: *
age: 303
cache-control: public, max-age=1200
etag: W/"63dbd64f-6a514"
expires: Wed, 08 Feb 2023 12:49:17 GMT
last-modified: Thu, 02 Feb 2023 15:27:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6410
Expires: Wed, 08 Feb 2023 14:16:09 GMT
Date: Wed, 08 Feb 2023 12:29:19 GMT
Connection: keep-alive
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.56.101200 OK 6.7 kB URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.56.101:0
Hash 40a8d9a163fc078a01376eedff7ab4e0
a0ec1bc88151e7cfc00ed87b4e3c89d107a50b51
723ba2019fa2655d9ede226401f17c0ff2fb9dc242ecd888dc259c0234031f93
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://raulalvez033.clickfunnels.com
Connection: keep-alive
Referer: https://raulalvez033.clickfunnels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 12:29:18 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 79645ebb88e10b45-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b327816bc2c6fd7291c75c693685d54
771070be61d0724b1c90ca86ea34c804bd7e501a
d45188239cacc7b228bc75ccc95afb48914aaa434c418cd5b786533e8b9cb983
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6838
x-amzn-requestid: 54fc5ae9-d37a-46cf-97e0-d05de1417cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7QEsCoAMFY1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-40de6212468fcd0e78a93708;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mgfr5wO7Bj5BVjKYY7O0c4ogLognfq09QrA9khZROr2CVyOWgKTz1g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:53:56 GMT
age: 52523
etag: "771070be61d0724b1c90ca86ea34c804bd7e501a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d2eccb9280b851aa1725df5681f6bbd
b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5
c64ece16f4c550feb05db1bccbf74b49d839e77fea31893d48a3f0c267939c92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10328
x-amzn-requestid: 0b0b3fcd-416c-47ac-afa0-51be0ab85665
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PPlGGqoAMFxYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c596-219ee5023d71e4ce17d49233;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1uPNh-FvA8oI5ZuruNle0ATMPSsyl-_ZjLrUnPQJrogPVREc8wrHMQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:12:09 GMT
etag: "b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5"
content-type: image/jpeg
age: 51430
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qwSN-ztVJgRfu3bFIjYaVYV8Cnx77j1ugkRjqhRtRXdPju7AhEMg-A==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 05:30:12 GMT
age: 25147
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/all.css
172.64.133.15200 OK 26 kB URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/all.css
IP 172.64.133.15:0
File type ASCII text, with very long lines (55782)
Hash f0ab9965ebe2274019f4b396a11a1896
fbc31433c3cd249bf839b69f0f3b68c69208480f
a85f1cd4c1c3364b9af416c8b6d75df15aa8604b8e293a61b6d87836b1cfa4f3
GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://raulalvez033.clickfunnels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 12:29:18 GMT
content-type: text/css
x-amz-id-2: cIB7RJR8YNkOt3c5odVNIsPWGanLxokh1zS2YvTVv7QSgKdKXNOroM5eyN2MvPjoE855Z9I1sPM=
x-amz-request-id: BCPBKD6BGPB27GGJ
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1034247
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3pB%2B1YBvAKPsIkz2Pdh23eX6V8zjq1qJthHLp0So1kNDS2PEs%2FAO1rpFustBDWk%2BAr%2B4uCnJu0RrSaGdUmq9L7o5RbeVFmw0j4uplQZoTshfjkyo%2BeMHogd8MxMBu8DsH5Kt9vj1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79645ebbcec1405e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 18a84ae645223aba0709b5e16c0207f7
0b865e797846520ccc6fff6fb2ee38d8836bd2c0
b1e4868045f074a84e3de1d82ec3ae22f6d2a1a4131b2a40bcce7f3f5375aff7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9760
x-amzn-requestid: d5d8fdde-048f-4705-9fa4-99fd7d29d804
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f582DETSIAMFmEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a826-52a3b175584df1914260c8ae;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: wUaruDuqNDIlR6CWz9G7DAofcvS7UNmtPM7C2ve-RRbp57J43rWPxQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 04:09:02 GMT
age: 30017
etag: "0b865e797846520ccc6fff6fb2ee38d8836bd2c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9c2a9eee923b84d4e06438a8b2acaff
520b122e3ce52220af153fee26bb7067283f9075
9ff4236fdcd05210a9c8bb48ea68179e142b1b05c8b19dd66282590dff69fa22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10058
x-amzn-requestid: 94374454-1e89-4c43-895b-0a90f39b851d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O5vEgcoAMFctg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c50a-0bf11cad4b0818c36188ba91;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1R4SRNvqhRHbrDZsGB06NJbBXf8WRgJEHmXTbop8pqf8etTJSlmQwQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:06:05 GMT
age: 51794
etag: "520b122e3ce52220af153fee26bb7067283f9075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 93e838f57d07e1ce6bb69cfd16bcd4be
90b119db54c5f0f2a3a8c00e5a43e0fd20dec0a2
d192f20c191fb4581c58645170bc92908014344b5ed59e2a52b9985d0cfb965b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4915
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:20 GMT
Last-Modified: Wed, 08 Feb 2023 11:07:25 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 727
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/22022369.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/22022369.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /file/IT-M/MoneyIT/Mooney_files/22022369.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
content-length: 0
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "63e39359-0"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.mooney.it/online/fonts/gotham/Gotham-Bold_Web.woff2
2.22.31.192200 OK 39 kB URL HTTP/2 www.mooney.it/online/fonts/gotham/Gotham-Bold_Web.woff2
IP 2.22.31.192:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 39264, version 3.19726\012- data
Hash 003e90cf8cb3f8b4bef30d6764da18ed
512e44f40b54d0e5e081dda9fd5ea8a4429a508c
319881caca6f5f0d1e8e24040579d93386008e39dee1045965124b86303143e1
GET /online/fonts/gotham/Gotham-Bold_Web.woff2 HTTP/1.1
Host: www.mooney.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://advance3.wpengine.com
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' blob: https:; img-src * data:
accept-ranges: bytes
last-modified: Wed, 21 Dec 2022 18:56:12 GMT
etag: W/"9960-185360b0ce0"
content-type: font/woff2
content-length: 39264
x-xss-protection: 1; mode=block
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
cache-control: public, max-age=604800
expires: Wed, 15 Feb 2023 12:29:20 GMT
date: Wed, 08 Feb 2023 12:29:20 GMT
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del, Access-Control-Expose-Headers
access-control-allow-headers: origin,range,hdntl,hdnts,accept,authorization,content-type,x-requested-with,X-EB-Username,X-EB-Password,X-EB-Auth-Token,X-EB-Accept-Language,X-EB-MarketId,X-EB-PlatformId,X-EB-SecurityId,X-EB-Resultcount
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.mooney.it/online/fonts/gotham/Gotham-Medium_Web.woff2
2.22.31.192200 OK 42 kB URL HTTP/2 www.mooney.it/online/fonts/gotham/Gotham-Medium_Web.woff2
IP 2.22.31.192:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 41488, version 3.19726\012- data
Hash 68ce85d44fef05344ea74f94f3e6b472
3a380914e04ef35820bbe619e1f902d4b250a997
ba17f8257b1f710aa0e7136f4bd4b91a9a7db4f9cac2c409caf8708a64787303
GET /online/fonts/gotham/Gotham-Medium_Web.woff2 HTTP/1.1
Host: www.mooney.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://advance3.wpengine.com
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' blob: https:; img-src * data:
accept-ranges: bytes
last-modified: Wed, 21 Dec 2022 18:56:12 GMT
etag: W/"a210-185360b0ce0"
content-type: font/woff2
content-length: 41488
x-xss-protection: 1; mode=block
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
cache-control: public, max-age=604800
expires: Wed, 15 Feb 2023 12:29:20 GMT
date: Wed, 08 Feb 2023 12:29:20 GMT
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del, Access-Control-Expose-Headers
access-control-allow-headers: origin,range,hdntl,hdnts,accept,authorization,content-type,x-requested-with,X-EB-Username,X-EB-Password,X-EB-Auth-Token,X-EB-Accept-Language,X-EB-MarketId,X-EB-PlatformId,X-EB-SecurityId,X-EB-Resultcount
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.mooney.it/online/fonts/gotham/Gotham-Book_Web.woff2
2.22.31.192200 OK 42 kB URL HTTP/2 www.mooney.it/online/fonts/gotham/Gotham-Book_Web.woff2
IP 2.22.31.192:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 41728, version 3.19726\012- data
Hash d838b98f75e3cb9574f9b8b796eb1e8f
fcdf131af872ce9ecda9a437cdf67d23c5940d97
3f51250e2d3ef478f59bc89cb67681b5ed423f8f8dc22062fb49e101e5032a2e
GET /online/fonts/gotham/Gotham-Book_Web.woff2 HTTP/1.1
Host: www.mooney.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://advance3.wpengine.com
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' blob: https:; img-src * data:
accept-ranges: bytes
last-modified: Wed, 21 Dec 2022 18:56:12 GMT
etag: W/"a300-185360b0ce0"
content-type: font/woff2
content-length: 41728
x-xss-protection: 1; mode=block
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
cache-control: public, max-age=604800
expires: Wed, 15 Feb 2023 12:29:21 GMT
date: Wed, 08 Feb 2023 12:29:21 GMT
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del, Access-Control-Expose-Headers
access-control-allow-headers: origin,range,hdntl,hdnts,accept,authorization,content-type,x-requested-with,X-EB-Username,X-EB-Password,X-EB-Auth-Token,X-EB-Accept-Language,X-EB-MarketId,X-EB-PlatformId,X-EB-SecurityId,X-EB-Resultcount
access-control-allow-origin: *
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/0
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/0
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /file/IT-M/MoneyIT/Mooney_files/0 HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 0
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "0-5f42f471c9c58"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 8
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/css
34.82.246.63200 OK 4.8 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/css
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 934bab83ecf5309a4c4dd1ba1390328b
4de47d4c10e5f0895f83308f6fcba9b4c9af97cc
a94888a3eab750209c5a16a6df32c27f51e9edb07cf352c4704b35572f4a32be
GET /file/IT-M/MoneyIT/Mooney_files/css HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 4836
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "12e4-5f42f471ccb39"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/pv(1)
34.82.246.63200 OK 53 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/pv(1)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash fa3255cab9c21c83e53f240f988a892a
e5aa877224dc3c40840141725930faed116e05d9
388bad7ba2d44d3ce7b4decb68efd6d83bddfead2230f15637d170b23175454c
GET /file/IT-M/MoneyIT/Mooney_files/pv(1) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 53
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "35-5f42f471d195b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/pv
34.82.246.63200 OK 53 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/pv
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash fa3255cab9c21c83e53f240f988a892a
e5aa877224dc3c40840141725930faed116e05d9
388bad7ba2d44d3ce7b4decb68efd6d83bddfead2230f15637d170b23175454c
GET /file/IT-M/MoneyIT/Mooney_files/pv HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 53
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "35-5f42f471d195b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/1417025048457107
34.82.246.63200 OK 25 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/1417025048457107
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (6688)
Hash 930797172553c1d7fe54cb8cd2f756f7
54219cd80b35cf5b9410c97e8d5786dc1ec8c222
0f3d942b36dfe8b18f3cbb6c2d10643e1ee175455091b9587e5fefdb7cd0e2f9
GET /file/IT-M/MoneyIT/Mooney_files/1417025048457107 HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 25197
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "626d-5f42f471cabf9"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
www.mooney.it/online/static/js/runtime-main.d019c9f0.js
2.22.31.192404 Not Found 18 kB URL HTTP/2 www.mooney.it/online/static/js/runtime-main.d019c9f0.js
IP 2.22.31.192:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (2286)
Hash 210ec1793f9b8515b5c493d6c5657a39
e6bbde53f8eb9d1c348a6b3d30b64635f9d64d82
e6cb88d2e708ffd731ffc5756b5ce7568fe6491ea860f82bf27482afeebf0004
GET /online/static/js/runtime-main.d019c9f0.js HTTP/1.1
Host: www.mooney.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: Apache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' blob: https:; img-src * data:
accept-ranges: bytes
last-modified: Wed, 21 Dec 2022 18:56:12 GMT
etag: W/"47e8-185360b0ce0"
content-type: text/html; charset=UTF-8
content-length: 18408
x-xss-protection: 1; mode=block
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
cache-control: public, max-age=86400
expires: Thu, 09 Feb 2023 12:29:21 GMT
date: Wed, 08 Feb 2023 12:29:21 GMT
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del, Access-Control-Expose-Headers
access-control-allow-headers: origin,range,hdntl,hdnts,accept,authorization,content-type,x-requested-with,X-EB-Username,X-EB-Password,X-EB-Auth-Token,X-EB-Accept-Language,X-EB-MarketId,X-EB-PlatformId,X-EB-SecurityId,X-EB-Resultcount
access-control-allow-origin: *
set-cookie: ak_bmsc=4C60F3D7B82558809B5F836E69AC8E2E~000000000000000000000000000000~YAAQvB8WAnWBFSeGAQAAtX0AMRKnJtlYx+KT950HVSqU3s5fDVTSfe1kDXAGc7GDQ0jftub5qkD2zHGuVO1B3Q1M8vIVTEQlVV/4DyHj8fYD3Te977XyhsRlUXHP1GHVcupncIvG/svvg/F13dAYyRfk78gA/ebNr6/UR4ltJdCrYq0amGIlZQbRW8cyPmfKWj7XUYi4xW6zi9k9c6ihqFGbDUKs120C44ufwfPNEiwzrYuVJEs+akbSbry51yQFNe+w6KhF0HKYwmJ8mrWX7sagvsMYpQ+7diPxaVsL82bShbPEOodyoAq/tXqz/SKvjZsdxMsGoZduJ8GPr5cRlOZZeXZmIuOT8+5DXYzPxzsjhAX8YpEuJdJmLSb7H6RY0P7JWtncxVQ=; Domain=.mooney.it; Path=/; Expires=Wed, 08 Feb 2023 14:29:20 GMT; Max-Age=7199; HttpOnly
X-Firefox-Spdy: h2
www.mooney.it/online/static/js/cartamooney.37da054d.chunk.js
2.22.31.192200 OK 9.2 kB URL HTTP/2 www.mooney.it/online/static/js/cartamooney.37da054d.chunk.js
IP 2.22.31.192:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (46361)
Hash 3d92b74d06444ec3494504c6d388e5f6
56a63774424aed2d90c79264c39c82bbc5b8a537
fb5de9343c97effec702a4d981f99b28574aa635b653d09438188e32425a3936
GET /online/static/js/cartamooney.37da054d.chunk.js HTTP/1.1
Host: www.mooney.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' blob: https:; img-src * data:
accept-ranges: bytes
last-modified: Wed, 21 Dec 2022 18:57:04 GMT
etag: W/"b56d-185360bd800-gzip"
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
content-length: 9236
cache-control: public, max-age=86400
expires: Thu, 09 Feb 2023 12:29:21 GMT
date: Wed, 08 Feb 2023 12:29:21 GMT
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del, Access-Control-Expose-Headers
access-control-allow-headers: origin,range,hdntl,hdnts,accept,authorization,content-type,x-requested-with,X-EB-Username,X-EB-Password,X-EB-Auth-Token,X-EB-Accept-Language,X-EB-MarketId,X-EB-PlatformId,X-EB-SecurityId,X-EB-Resultcount
access-control-allow-origin: *
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/js
34.82.246.63200 OK 113 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (1921)
Size 113 kB (113167 bytes)
Hash aa5e4ae2abe3b20531268de8e3e0f294
cfd39797f0c7549f7bd362010fea699b4d5454a3
2ca5b9f3af577cf6a78a82a89a854b4f2bacb90965e9ba0ec41422cd029af329
GET /file/IT-M/MoneyIT/Mooney_files/js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 113167
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "1ba0f-5f42f471cdada"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/fbevents.js
34.82.246.63200 OK 27 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/fbevents.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (64348)
Hash 6e2149811ce7e9996bcb41ef87346111
0340ec2a35e45ee23b9d289a17c04ecc42c8a7e9
75c1e8da9fb24240332d03c5e39ae02907650ee8153116c72f824b19bf9d50f6
GET /file/IT-M/MoneyIT/Mooney_files/fbevents.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-19b33"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/js(4)
34.82.246.63200 OK 115 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/js(4)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (1921)
Size 115 kB (114678 bytes)
Hash 98b572874caec58e8d18886f16b1a391
6b89f0dcf63137ccc2a857652329d56fe921382b
2b048c6a79dbd0d7bcae63ff8b2b3205760020c4574ac0689054950a1553c55a
GET /file/IT-M/MoneyIT/Mooney_files/js(4) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 114678
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "1bff6-5f42f471cea7a"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/js(1)
34.82.246.63200 OK 113 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/js(1)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (1921)
Size 113 kB (113167 bytes)
Hash f7f5c1a2dd5353c47d7189ea7fef1bab
dcf6996c9376294c5820fe6e082858c5cacfb325
8fe563706b0adfc5657a9bcf50db1ee1f0bdc6cb3645b22b3d83cbe199dcbea5
GET /file/IT-M/MoneyIT/Mooney_files/js(1) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 113167
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "1ba0f-5f42f471cdada"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/js(3)
34.82.246.63200 OK 221 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/js(3)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (22462)
Size 221 kB (220701 bytes)
Hash fa8f9dbdb7ae57d6451647c26bba82f8
3ced78eaa6c00f932e693fd00b599ac7c1457893
ba07c217ebe1d8f0adea126096477cef735bdb8c21b7a8d77ef3c26dc7a82f99
GET /file/IT-M/MoneyIT/Mooney_files/js(3) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 220701
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "35e1d-5f42f471cea7a"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/js(2)
34.82.246.63200 OK 138 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/js(2)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (1921)
Size 138 kB (137967 bytes)
Hash 708a015bafbb68cd5c6d9c5fb5eb0b37
8da805bde36e134f59c3d3a01c21ef125eeccb3f
98cb40295431ca2efe2d6cf1f6f670be66ec6267b25e045c96920935d497b43d
GET /file/IT-M/MoneyIT/Mooney_files/js(2) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 137967
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "21aef-5f42f471cdada"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/sisalpay/sisalpay/prod/utag.js
23.38.200.249200 OK 19 kB URL HTTP/2 tags.tiqcdn.com/utag/sisalpay/sisalpay/prod/utag.js
IP 23.38.200.249:0
File type HTML document, ASCII text, with very long lines (13885)
Hash 2c6db5898a7458c3ffeccb8b9325393c
1357b1966b613166f379cc4f5bd4c89b1b64d3a0
c060f821574597d840ea12adebc1e91b5c3193e14495110cd1ca3daefa2a1960
GET /utag/sisalpay/sisalpay/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "1691084533429c8dc9563c9ffee619d8:1659617139.307789"
last-modified: Thu, 04 Aug 2022 12:45:39 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Wed, 08 Feb 2023 12:34:21 GMT
date: Wed, 08 Feb 2023 12:29:21 GMT
content-length: 19132
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/
34.82.246.63200 OK 94 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (64407)
Hash a7b83f724185d6cbaa0fed926dfc645a
27a71d356faabf031a8c5dcd07f9c6ae026c2a13
1ef36727f15348ce8cea3dd84b2f2adf77b73f3a2dbe6ef31c1cb3e7142ac2cb
GET /file/IT-M/MoneyIT/ HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://raulalvez033.clickfunnels.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
etag: W/"101aa3-5f42f471c9c58-gzip"
x-cache: HIT: 7
x-cache-group: normal
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/online/fonts/gotham/Gotham-Medium_Web.woff2
34.82.246.63404 Not Found 146 B URL HTTP/2 advance3.wpengine.com/online/fonts/gotham/Gotham-Medium_Web.woff2
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /online/fonts/gotham/Gotham-Medium_Web.woff2 HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/main.37caeda3.chunk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 08 Feb 2023 12:29:21 GMT
content-type: text/html
content-length: 146
vary: Accept-Encoding
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.sync.js
34.82.246.63200 OK 236 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.sync.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 94d513189e7835fc7f4922f96d76b630
2bb68ada963300548a0207e705c253c726a944bb
c658c375be8fa7c6254774155f20d11b3140ceec0615f31a2f178a95e4845ea4
GET /file/IT-M/MoneyIT/Mooney_files/utag.sync.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-6d"
cache-control: public, max-age=31536000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(7)
34.82.246.63200 OK 5.3 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(7)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash d5de004519ff24373c9810c67e0dc7ba
23201c983294aea33994a182618f883868352dd2
413e599a31869170274b3d231cc87b49decd63007715da64c8497bd79f1b595a
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon(7) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 5259
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "148b-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(9)
34.82.246.63200 OK 2.1 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(9)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash d6de2380e86b4c865086387e5523b077
886312eb864ecbf9ed522f2d231c958fe1adf675
4f15966848ac686df1c2c3667d5223660c271a8593b03ca66eedf6b9a6e0e549
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon(9) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 2141
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "85d-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/chat-icon.png
34.82.246.63200 OK 6.6 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/chat-icon.png
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 63 x 63, 8-bit/color RGBA, non-interlaced\012- data
Hash 5047a8b5bdb8060de0a60a10082e3803
f59c7f7285622494c1370da388d8a926c347d2be
62356ea43b86bb41d87f20103ba888cd1e3a48c6f0f707c7842b96213059e481
GET /file/IT-M/MoneyIT/Mooney_files/chat-icon.png HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: image/png
content-length: 6635
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "63e39359-19eb"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(3)
34.82.246.63200 OK 12 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(3)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 26df8c83606d944c3e2c2960a3be6b2d
7c84c6a77a1c05abbeda3f403cbd0d3c04d050e2
5a29d0274f1665901d9bd2b938988fb6adbe4d0372aac8d69d97a7559f4633ba
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon(3) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 12083
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "2f33-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon
34.82.246.63200 OK 989 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash f2daecd522fa676b9cdf94423d4510f7
d0316161ec98149be73217c39ef770281359a9b3
8cb099a08cbdaf0b1a9b3e6eaf30a0afd7616eaf5265897e492a7249852559e6
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 989
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "3dd-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(1)
34.82.246.63200 OK 4.3 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(1)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 078145a923c14a5124997a097134f399
ceafcc8e15519d60b87cb6006d32db9e95622441
2da5afa47d89a04c3cda9a29a4d50442addc3f188de3c9638a136137dea1a42d
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon(1) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 4272
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "10b0-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(4)
34.82.246.63200 OK 11 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(4)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 56d6509f3b2eabe6cb28f880d382ab45
cc8db64b72964df4544e6f2266449de62e833774
02bc9799bfc22337afe080e601e4f46fc0f0aee0877117fb3dba9f9bb3f3a13d
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon(4) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 10928
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "2ab0-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(6)
34.82.246.63200 OK 1.3 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(6)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash f2064bddc2a52d9ef6879aa61b7ae69e
eeb5b5d7ff3f07d9ea262de195c565b8a833a7e9
f790ec45b9961ba7bfe6dcd2a65f26ad1f4939ffbb3735e72b2ffbab41054c86
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon(6) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 1254
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "4e6-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(5)
34.82.246.63200 OK 18 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(5)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash be5e8af9b5bf0f18edcfb0af5c713b5f
dc34a37f60d023abea1beb9ec61a5fca21dec0a4
af1b6c71f0440d1e360a8f8e7173ed4a64daaff1c73cd201ef434caeb74574f7
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon(5) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 17958
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "4626-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(8)
34.82.246.63200 OK 9.0 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(8)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 220df1e784ce2fe459b782d25b3aae10
56ccc5bb9cddb2592b5ac745a8204e00c49648cb
e46bf6d04ba4ffdf62b95541e5a50fea3ef7f43a4d279ff802c56fa6a5f203df
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon(8) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 8970
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "230a-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(10)
34.82.246.63200 OK 8.6 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(10)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash c99fabefe588216cb5e6fc2792ef54a0
05bcb71581fb117418eedbf24861faf73b0a7989
7cbccb4843919919c4f455a7ecaf8ed85801cc296ad63c0bede508a09d2acdaa
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon(10) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 8580
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "2184-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(11)
34.82.246.63200 OK 11 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(11)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 56d6509f3b2eabe6cb28f880d382ab45
cc8db64b72964df4544e6f2266449de62e833774
02bc9799bfc22337afe080e601e4f46fc0f0aee0877117fb3dba9f9bb3f3a13d
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon(11) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 10928
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "2ab0-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(12)
34.82.246.63200 OK 1.5 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(12)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 3eca45cdc1c30cc8f442816675388439
5f5f1b37d07699e40aee0dbc4ad7db466856f7ed
9d54b5222dd396afc5041cde876be1066a7c4c91fd9ed95dbb558e94f87baa36
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon(12) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 1529
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "5f9-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(13)
34.82.246.63200 OK 6.8 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(13)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 34f1e190f40476496ced00ebbc4340b1
c0684a4a859bf475e5dbc8931d8c2945dc40571f
60dc07e6053552bab7e336d7cde21edb7af58670f6922e2765d9dcbb17676656
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon(13) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 6778
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "1a7a-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(14)
34.82.246.63200 OK 3.6 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(14)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 1744af772809b414f92178db05caddc3
891d683bb3f8c9d8430f01174c8b9d7ab90a1af2
07ead13ba3731acbfc2733f9f06da5d7a670b6fd88756537571d3e2ddab988de
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon(14) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 3586
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "e02-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(16)
34.82.246.63200 OK 10 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(16)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 6f33362e25533efb914080e066aad99e
b7e3d5694bb248f570bdf3f75d3ac5758587363e
4962c9f09aa7d726b5642311fb8b05cfd23a6a30725186df29f0e174854170c6
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon(16) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 10094
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "276e-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(15)
34.82.246.63200 OK 7.0 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(15)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 3b06d43a04f700b4b6135e5dd405ef2b
d1460f545882cb453f7644ea28c1f83ac0b3b385
fe4e2ce80c73cde63e6136b90a2488cc410059535c54aeee24785c83cad354db
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon(15) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 7017
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "1b69-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(17)
34.82.246.63200 OK 4.3 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(17)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 078145a923c14a5124997a097134f399
ceafcc8e15519d60b87cb6006d32db9e95622441
2da5afa47d89a04c3cda9a29a4d50442addc3f188de3c9638a136137dea1a42d
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon(17) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 4272
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "10b0-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(18)
34.82.246.63200 OK 14 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(18)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 77655c1470859a096dbc75947f49d6dd
3cbcf4b72caa46cdd321c1aa1b567480df382471
c116ea52e8d9c5bb2f50b9231f27614d0630530e4b417510a4eaf4aeee4087d6
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon(18) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 13678
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "356e-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(19)
34.82.246.63200 OK 7.6 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(19)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash a7250c04f936b22d83c58b72c0dff698
2d6494acba28511b708d6cbaeb3e2da09efdf2d1
6dab7b944fa748cb82f899eba2b59775b41482f5f6846f5f53f40ff0c5c5bf83
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon(19) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 7584
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "1da0-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash bc714cc4fe20deaec74843394925f5c0
d5de18939cd1b870756463d1d7ab38d764d5f8dc
ed32731e561f0c8c92fe34e2b078c27df7ecdc893821a7a50465ba10f3eca853
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155035
Date: Wed, 08 Feb 2023 12:29:22 GMT
Etag: "63e3403e-1d7"
Expires: Fri, 10 Feb 2023 07:33:17 GMT
Last-Modified: Wed, 08 Feb 2023 06:25:02 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ITb5mjRoepaNRuSi5v4YwHlcF7Uf6neNrJzZPZ_3DFJ2K_ki9QNNRw==
Age: 4095
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash bc714cc4fe20deaec74843394925f5c0
d5de18939cd1b870756463d1d7ab38d764d5f8dc
ed32731e561f0c8c92fe34e2b078c27df7ecdc893821a7a50465ba10f3eca853
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 12:29:22 GMT
Last-Modified: Wed, 08 Feb 2023 11:01:07 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YonsJ-duqfw_Ssjy-F9rrrOeSoeybt4wVtnAMfi5o6RnVW-s1bsxtg==
Age: 5295
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash bc714cc4fe20deaec74843394925f5c0
d5de18939cd1b870756463d1d7ab38d764d5f8dc
ed32731e561f0c8c92fe34e2b078c27df7ecdc893821a7a50465ba10f3eca853
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154045
Date: Wed, 08 Feb 2023 12:29:22 GMT
Etag: "63e3403e-1d7"
Expires: Fri, 10 Feb 2023 07:16:47 GMT
Last-Modified: Wed, 08 Feb 2023 06:25:02 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bf9sxUAamauVpOCriCV8oeJC_6hmYHK6qafUvnorwaBQnVtZ1AUEkA==
Age: 3105
mooney-avacy-storage-vapor.s3.eu-south-1.amazonaws.com/bc9edf73-5676-4b92-afcf-3470be24fa3f.json
52.95.153.30200 OK 11 kB URL HTTP/1.1 mooney-avacy-storage-vapor.s3.eu-south-1.amazonaws.com/bc9edf73-5676-4b92-afcf-3470be24fa3f.json
IP 52.95.153.30:0
File type JSON data\012- HTML document, ASCII text, with very long lines (747)
Hash 1fce87c405ae542aa3da19346aaa2be8
b019fafea6a14983dcf2dfcf6b74ee98301b2f79
8796e86c5f7673979ef213c0df283cd17f5f9d5b86565b1236366b7dc4ecbe00
GET /bc9edf73-5676-4b92-afcf-3470be24fa3f.json HTTP/1.1
Host: mooney-avacy-storage-vapor.s3.eu-south-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://advance3.wpengine.com/
Origin: https://advance3.wpengine.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 4DMtRSoTgiD5rwlnzVKYCbuOnQOjeyvaMSLGAhQdX8oUqgI9hqucwl4TAYnslczju+bUzD/A4/0=
x-amz-request-id: XQXW6BT5TC33ZG48
Date: Wed, 08 Feb 2023 12:29:23 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, PUT, POST
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Last-Modified: Fri, 27 Jan 2023 15:24:59 GMT
ETag: "1fce87c405ae542aa3da19346aaa2be8"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/json
Server: AmazonS3
Content-Length: 10673
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5bcb9125c18e4ed3562ceb950dc6eaad
a6c6944804b772de3a487723e3e866c0219de230
94947430d745a6648a2e87f163bf474b4fd4513519360bf4bfecfabc141e5ff1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/anchor?ar=1&k=6LcaMfIcAAAAAIlRBtF27zhGV1ETLRrsE-jfWUoA&co=aHR0cHM6Ly9hZHZhbmNlMy53cGVuZ2luZS5jb206NDQz&hl=fr&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=dkjvegr2jmc
216.58.207.228200 OK 1.1 kB URL HTTP/2 www.google.com/recaptcha/api2/anchor?ar=1&k=6LcaMfIcAAAAAIlRBtF27zhGV1ETLRrsE-jfWUoA&co=aHR0cHM6Ly9hZHZhbmNlMy53cGVuZ2luZS5jb206NDQz&hl=fr&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=dkjvegr2jmc
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (309)
Hash 93adff9bad4d17a2e748f6c4ef13af65
ab0c3e49fb0ad91600da1e640dfde875ee253e5a
47373de66ec81cc829c93c5d608440130e20d0fd75bfacaaed5f1b4c671356ca
GET /recaptcha/api2/anchor?ar=1&k=6LcaMfIcAAAAAIlRBtF27zhGV1ETLRrsE-jfWUoA&co=aHR0cHM6Ly9hZHZhbmNlMy53cGVuZ2luZS5jb206NDQz&hl=fr&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=dkjvegr2jmc HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-security-policy: script-src 'nonce-bv1Ggvv8K2o_tNwiU0uUwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
content-encoding: gzip
date: Wed, 08 Feb 2023 12:29:22 GMT
expires: Wed, 08 Feb 2023 12:29:22 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1051
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/0
34.82.246.63304 Not Modified 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/0
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /file/IT-M/MoneyIT/Mooney_files/0 HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Cookie: utag_main=v_id:01863101527600022f5d55abc7c100050003000900918$_sn:1$_se:1$_ss:1$_st:1675861215671$ses_id:1675859415671%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-None-Match: "0-5f42f471c9c58"
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Wed, 08 Feb 2023 12:29:22 GMT
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "0-5f42f471c9c58"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 9
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/activityi(3).html
34.82.246.63200 OK 1.1 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/activityi(3).html
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (464)
Hash ee4275239c56345373714841e00298a5
d7ec11893b545c8c4487a66344f2bfd1c8ab11e8
497e3d4a23c7c3702efb84cf3268a9b08e933239c0e50abe03676cd921d6c0b5
GET /file/IT-M/MoneyIT/Mooney_files/activityi(3).html HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Cookie: utag_main=v_id:01863101527600022f5d55abc7c100050003000900918$_sn:1$_se:1$_ss:1$_st:1675861215671$ses_id:1675859415671%3Bexp-session$_pn:1%3Bexp-session
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:22 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
etag: W/"54a-5f42f471cbb99-gzip"
x-cache: HIT: 7
x-cache-group: normal
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/saved_resource
34.82.246.63304 Not Modified 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/saved_resource
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /file/IT-M/MoneyIT/Mooney_files/saved_resource HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Cookie: utag_main=v_id:01863101527600022f5d55abc7c100050003000900918$_sn:1$_se:1$_ss:1$_st:1675861215671$ses_id:1675859415671%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-None-Match: "788-5f42f471d28fc"
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Wed, 08 Feb 2023 12:29:22 GMT
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "788-5f42f471d28fc"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 11
x-cache-group: normal
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/anchor.html
34.82.246.63200 OK 47 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/anchor.html
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (34773)
Hash 01bf7456f122dd7d7fdd946b42f2c02c
ed08c6ea7f4ccc3b0720a0bdb1624e4813c0f929
686c4c61c3e6b7b7fe87eb9d220017ecc4864865908c48e28b1a706c1f7c28b3
GET /file/IT-M/MoneyIT/Mooney_files/anchor.html HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Cookie: utag_main=v_id:01863101527600022f5d55abc7c100050003000900918$_sn:1$_se:1$_ss:1$_st:1675861215671$ses_id:1675859415671%3Bexp-session$_pn:1%3Bexp-session
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:22 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
etag: W/"ad5c-5f42f471cbb99-gzip"
x-cache: HIT: 7
x-cache-group: normal
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/359.html
34.82.246.63200 OK 1.7 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/359.html
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (518)
Hash 8f92ae8a19cda5cbaac1230e8a25cdb1
edbe6393888cfbeeeba5abb8ef6d6c4b3aec06f8
44642ec5da1f2364021a0a00c76457e8827c1a1d91b60c6ce22af56b63d77c2f
GET /file/IT-M/MoneyIT/Mooney_files/359.html HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Cookie: utag_main=v_id:01863101527600022f5d55abc7c100050003000900918$_sn:1$_se:1$_ss:1$_st:1675861215671$ses_id:1675859415671%3Bexp-session$_pn:1%3Bexp-session
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:22 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
etag: W/"7b3-5f42f471cabf9-gzip"
x-cache: HIT: 7
x-cache-group: normal
content-encoding: br
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__fr.js
216.58.211.3200 OK 166 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__fr.js
IP 216.58.211.3:0
File type ASCII text, with very long lines (727)
Size 166 kB (166370 bytes)
Hash 9caf6d7051f77cc890ab0b225ec0bb23
d351e293122a1dfd613ffd3fb1f5853dcace908b
62fc62f58458ded92a494bd4a420bee3bbd2c26611c6204c1d074d39ab39c490
GET /recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__fr.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166370
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 08:56:51 GMT
expires: Mon, 05 Feb 2024 08:56:51 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
content-type: text/javascript
age: 271951
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 44e62f241d69a3189e7706c96d828f68
ee5bb61c29d267c7ec65303ff5b6babe75660066
5b1126ec8a926f69398ece4b7acd3ff7d0eb37769f30d4806253a4acf4a8fb4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 44e62f241d69a3189e7706c96d828f68
ee5bb61c29d267c7ec65303ff5b6babe75660066
5b1126ec8a926f69398ece4b7acd3ff7d0eb37769f30d4806253a4acf4a8fb4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/recaptcha__fr.js.t%C3%A9l%C3%A9chargement
34.82.246.63301 Moved Permanently 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/recaptcha__fr.js.t%C3%A9l%C3%A9chargement
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /file/IT-M/MoneyIT/Mooney_files/recaptcha__fr.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/anchor.html
Cookie: utag_main=v_id:01863101527600022f5d55abc7c100050003000900918$_sn:1$_se:1$_ss:1$_st:1675861215671$ses_id:1675859415671%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 08 Feb 2023 12:29:22 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/recaptcha__fr.js.t%C3%A9l%C3%A9chargement/
x-redirect-by: WordPress
x-powered-by: WP Engine
x-cacheable: non200
cache-control: max-age=600, must-revalidate
x-cache: HIT: 5
x-cache-group: normal
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 44e62f241d69a3189e7706c96d828f68
ee5bb61c29d267c7ec65303ff5b6babe75660066
5b1126ec8a926f69398ece4b7acd3ff7d0eb37769f30d4806253a4acf4a8fb4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/activityi(2).html
34.82.246.63200 OK 520 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/activityi(2).html
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (468)
Hash 2de14ff004eaaf48cd9700982afc1b1b
21015d77958d2deecd3a587431764e78eca1c2b7
7c039bba8a8e14d2ed54e05860a3482e6b22fe0c35a32a2d894e53d62d56e4d2
GET /file/IT-M/MoneyIT/Mooney_files/activityi(2).html HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Cookie: utag_main=v_id:01863101527600022f5d55abc7c100050003000900918$_sn:1$_se:1$_ss:1$_st:1675861215671$ses_id:1675859415671%3Bexp-session$_pn:1%3Bexp-session
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:22 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
etag: W/"30a-5f42f471cbb99-gzip"
x-cache: HIT: 7
x-cache-group: normal
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 44e62f241d69a3189e7706c96d828f68
ee5bb61c29d267c7ec65303ff5b6babe75660066
5b1126ec8a926f69398ece4b7acd3ff7d0eb37769f30d4806253a4acf4a8fb4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c471b21d134490ae24442cdb78208a9d
bfa9c84e2ee28ac6fdc9d505fd00439d8792043b
d1b607c65d35a568c2b04ae86635d85bb84912cfe78f6e2915e325d659259b08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/saved_resource(1).html
34.82.246.63200 OK 134 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/saved_resource(1).html
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b3c2c315a72fe90eae3139df26f5b8c7
fcdfe165bd43dad000a627a155eeed2f1028fae1
8a1631f758caf0971a0b345314e7e468513e10eaa9934a25eb1109670abe728c
GET /file/IT-M/MoneyIT/Mooney_files/saved_resource(1).html HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Cookie: utag_main=v_id:01863101527600022f5d55abc7c100050003000900918$_sn:1$_se:1$_ss:1$_st:1675861215671$ses_id:1675859415671%3Bexp-session$_pn:1%3Bexp-session
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:22 GMT
content-type: text/html
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding, Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
etag: W/"95-5f42f471d28fc-gzip"
x-cache: HIT: 7
x-cache-group: normal
content-encoding: br
X-Firefox-Spdy: h2
www.google.co.uk/pagead/1p-user-list/981295693/?random=1671480468840&cv=11&fst=1671480000000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1536&u_h=864&frm=0&url=https%3A%2F%2Fwww.mooney.it%2Fcarta-prepagata&tiba=Carta%20prepagata%20Mooney%20%E2%80%93%20La%20carta%20per%20le%20tue%20operazioni%20quotidiane&data=event%3Dpage_view&fmt=3&is_vtc=1&random=3042363553&rmt_tld=1&ipr=y
142.250.74.99200 OK 42 B URL HTTP/2 www.google.co.uk/pagead/1p-user-list/981295693/?random=1671480468840&cv=11&fst=1671480000000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1536&u_h=864&frm=0&url=https%3A%2F%2Fwww.mooney.it%2Fcarta-prepagata&tiba=Carta%20prepagata%20Mooney%20%E2%80%93%20La%20carta%20per%20le%20tue%20operazioni%20quotidiane&data=event%3Dpage_view&fmt=3&is_vtc=1&random=3042363553&rmt_tld=1&ipr=y
IP 142.250.74.99:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/981295693/?random=1671480468840&cv=11&fst=1671480000000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1536&u_h=864&frm=0&url=https%3A%2F%2Fwww.mooney.it%2Fcarta-prepagata&tiba=Carta%20prepagata%20Mooney%20%E2%80%93%20La%20carta%20per%20le%20tue%20operazioni%20quotidiane&data=event%3Dpage_view&fmt=3&is_vtc=1&random=3042363553&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 12:29:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/dc_pre=CKD26Pq9hvwCFSbDOwIdgDgMjw
34.82.246.63200 OK 42 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/dc_pre=CKD26Pq9hvwCFSbDOwIdgDgMjw
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /file/IT-M/MoneyIT/Mooney_files/dc_pre=CKD26Pq9hvwCFSbDOwIdgDgMjw HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/activityi(3).html
Cookie: utag_main=v_id:01863101527600022f5d55abc7c100050003000900918$_sn:1$_se:1$_ss:1$_st:1675861215671$ses_id:1675859415671%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:22 GMT
content-length: 42
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "2a-5f42f471ccb39"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 5
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/activityi(5).html
34.82.246.63200 OK 693 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/activityi(5).html
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (464)
Hash ab41b449be6dd26956678181a6b744e5
bd8cb98ebc4a8d3d051073567d35a38151f6dbfc
f7c9c6f00aa53aa1149666603fe44d1ee20e6383db126514e66d239762aa3f66
GET /file/IT-M/MoneyIT/Mooney_files/activityi(5).html HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Cookie: utag_main=v_id:01863101527600022f5d55abc7c100050003000900918$_sn:1$_se:1$_ss:1$_st:1675861215671$ses_id:1675859415671%3Bexp-session$_pn:1%3Bexp-session
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:22 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
etag: W/"54d-5f42f471cbb99-gzip"
x-cache: HIT: 7
x-cache-group: normal
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/src=9923532(1)
34.82.246.63200 OK 42 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/src=9923532(1)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /file/IT-M/MoneyIT/Mooney_files/src=9923532(1) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/activityi(5).html
Cookie: utag_main=v_id:01863101527600022f5d55abc7c100050003000900918$_sn:1$_se:1$_ss:1$_st:1675861215671$ses_id:1675859415671%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:22 GMT
content-length: 42
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "2a-5f42f471d28fc"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 5
x-cache-group: normal
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c471b21d134490ae24442cdb78208a9d
bfa9c84e2ee28ac6fdc9d505fd00439d8792043b
d1b607c65d35a568c2b04ae86635d85bb84912cfe78f6e2915e325d659259b08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.co.uk/pagead/1p-user-list/981295693/?random=1671480464225&cv=11&fst=1671480000000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1536&u_h=864&frm=0&url=https%3A%2F%2Fwww.mooney.it%2Fcarta-prepagata&tiba=Carta%20prepagata%20Mooney%20%E2%80%93%20La%20carta%20per%20le%20tue%20operazioni%20quotidiane&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2750033986&rmt_tld=1&ipr=y
142.250.74.99200 OK 42 B URL HTTP/2 www.google.co.uk/pagead/1p-user-list/981295693/?random=1671480464225&cv=11&fst=1671480000000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1536&u_h=864&frm=0&url=https%3A%2F%2Fwww.mooney.it%2Fcarta-prepagata&tiba=Carta%20prepagata%20Mooney%20%E2%80%93%20La%20carta%20per%20le%20tue%20operazioni%20quotidiane&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2750033986&rmt_tld=1&ipr=y
IP 142.250.74.99:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/981295693/?random=1671480464225&cv=11&fst=1671480000000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1536&u_h=864&frm=0&url=https%3A%2F%2Fwww.mooney.it%2Fcarta-prepagata&tiba=Carta%20prepagata%20Mooney%20%E2%80%93%20La%20carta%20per%20le%20tue%20operazioni%20quotidiane&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2750033986&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 12:29:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/dc_pre=COjytvy9hvwCFXnIOwIdwKkLoA
34.82.246.63200 OK 42 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/dc_pre=COjytvy9hvwCFXnIOwIdwKkLoA
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /file/IT-M/MoneyIT/Mooney_files/dc_pre=COjytvy9hvwCFXnIOwIdwKkLoA HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/activityi(5).html
Cookie: utag_main=v_id:01863101527600022f5d55abc7c100050003000900918$_sn:1$_se:1$_ss:1$_st:1675861215671$ses_id:1675859415671%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:22 GMT
content-length: 42
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "2a-5f42f471ccb39"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 5
x-cache-group: normal
X-Firefox-Spdy: h2
9965807.fls.doubleclick.net/activityi;src=9965807;type=invmedia;cat=moone00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8238857324039.606?
142.250.74.70200 OK 270 B URL HTTP/2 9965807.fls.doubleclick.net/activityi;src=9965807;type=invmedia;cat=moone00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8238857324039.606?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (527), with no line terminators
Hash 63f60d5a52aa1962ce50da7e2a63bed6
c30e57e849fbc1f19b0808f5e961c493daf79cdf
adf62b1e36d80f191fff3ae3b2b18e6525da84256bf16d375f272d620f3f0434
GET /activityi;src=9965807;type=invmedia;cat=moone00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8238857324039.606? HTTP/1.1
Host: 9965807.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 12:29:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 270
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 08-Feb-2023 12:44:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.co.uk/pagead/1p-user-list/981295693/?random=1671480468949&cv=11&fst=1671480000000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1536&u_h=864&frm=0&url=https%3A%2F%2Fwww.mooney.it%2Fcarta-prepagata&tiba=Carta%20prepagata%20Mooney%20%E2%80%93%20La%20carta%20per%20le%20tue%20operazioni%20quotidiane&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=689029227&rmt_tld=1&ipr=y
142.250.74.99200 OK 42 B URL HTTP/2 www.google.co.uk/pagead/1p-user-list/981295693/?random=1671480468949&cv=11&fst=1671480000000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1536&u_h=864&frm=0&url=https%3A%2F%2Fwww.mooney.it%2Fcarta-prepagata&tiba=Carta%20prepagata%20Mooney%20%E2%80%93%20La%20carta%20per%20le%20tue%20operazioni%20quotidiane&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=689029227&rmt_tld=1&ipr=y
IP 142.250.74.99:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/981295693/?random=1671480468949&cv=11&fst=1671480000000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1536&u_h=864&frm=0&url=https%3A%2F%2Fwww.mooney.it%2Fcarta-prepagata&tiba=Carta%20prepagata%20Mooney%20%E2%80%93%20La%20carta%20per%20le%20tue%20operazioni%20quotidiane&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=689029227&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 12:29:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ad.doubleclick.net/ddm/activity/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1742070918907.629?
142.250.74.70302 Found 0 B URL HTTP/2 ad.doubleclick.net/ddm/activity/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1742070918907.629?
IP 142.250.74.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/activity/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1742070918907.629? HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 12:29:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1742070918907.629;~oref=https://advance3.wpengine.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 08-Feb-2023 12:44:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
9965807.fls.doubleclick.net/activityi;src=9965807;type=invmedia;cat=moone0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8227264942134.227?
142.250.74.70200 OK 269 B URL HTTP/2 9965807.fls.doubleclick.net/activityi;src=9965807;type=invmedia;cat=moone0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8227264942134.227?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (526), with no line terminators
Hash 04909e904513370d9c6a2af3769bd0db
08dd243a035b2595c937d77607e066a8c6d58dbe
fddbaaeeb897c4eab398e80c242925d18ebc0280d61acb4e67514f50ba66923d
GET /activityi;src=9965807;type=invmedia;cat=moone0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8227264942134.227? HTTP/1.1
Host: 9965807.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 12:29:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 269
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 08-Feb-2023 12:44:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ad.doubleclick.net/ddm/activity/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8460716623006.9375?
142.250.74.70302 Found 0 B URL HTTP/2 ad.doubleclick.net/ddm/activity/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8460716623006.9375?
IP 142.250.74.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/activity/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8460716623006.9375? HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 12:29:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8460716623006.9375;~oref=https://advance3.wpengine.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 08-Feb-2023 12:44:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 91b85e7e299ce2ed5cba5d3d6aac641e
aa1f3aa9a2512f5fe1b6c127c1730977c64f7c4e
8c06f9ef5176a9b360a02bf8a6bbff32caa284adbbf146766843759f811e7222
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c471b21d134490ae24442cdb78208a9d
bfa9c84e2ee28ac6fdc9d505fd00439d8792043b
d1b607c65d35a568c2b04ae86635d85bb84912cfe78f6e2915e325d659259b08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c471b21d134490ae24442cdb78208a9d
bfa9c84e2ee28ac6fdc9d505fd00439d8792043b
d1b607c65d35a568c2b04ae86635d85bb84912cfe78f6e2915e325d659259b08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ed3f32fef9b843f5511bb882c0a38358
a1a60921f7cb6ab14b645c77bb7d77c20b8201ef
9a4b9e269aa66258c1d9b10fb1af899a3e669de3e244dcfd843a0bce87646f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ed3f32fef9b843f5511bb882c0a38358
a1a60921f7cb6ab14b645c77bb7d77c20b8201ef
9a4b9e269aa66258c1d9b10fb1af899a3e669de3e244dcfd843a0bce87646f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ed3f32fef9b843f5511bb882c0a38358
a1a60921f7cb6ab14b645c77bb7d77c20b8201ef
9a4b9e269aa66258c1d9b10fb1af899a3e669de3e244dcfd843a0bce87646f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ed3f32fef9b843f5511bb882c0a38358
a1a60921f7cb6ab14b645c77bb7d77c20b8201ef
9a4b9e269aa66258c1d9b10fb1af899a3e669de3e244dcfd843a0bce87646f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=9965807;type=invmedia;cat=moone00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8238857324039.606;~oref=https://advance3.wpengine.com/
216.58.211.2200 OK 274 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=9965807;type=invmedia;cat=moone00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8238857324039.606;~oref=https://advance3.wpengine.com/
IP 216.58.211.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (526), with no line terminators
Hash 78dbada996aa5447a0e0dd48c95fc2f6
4f23232bcf4da962f5ee2eb13f929dc7706b85b8
ffbc5a3016f30e751e850575ed7da59a234810946aa113eacd57262964a73f11
GET /ddm/fls/i/src=9965807;type=invmedia;cat=moone00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8238857324039.606;~oref=https://advance3.wpengine.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9965807.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 12:29:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 274
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 21:48:03 GMT
expires: Fri, 02 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 484879
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/p/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8460716623006.9375;~oref=https://advance3.wpengine.com/
216.58.211.2302 Found 0 B URL HTTP/2 adservice.google.com/ddm/fls/p/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8460716623006.9375;~oref=https://advance3.wpengine.com/
IP 216.58.211.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/p/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8460716623006.9375;~oref=https://advance3.wpengine.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://advance3.wpengine.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 12:29:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.no/ddm/fls/p/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8460716623006.9375;~oref=https://advance3.wpengine.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=9965807;type=invmedia;cat=moone0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8227264942134.227;~oref=https://advance3.wpengine.com/
216.58.211.2200 OK 273 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=9965807;type=invmedia;cat=moone0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8227264942134.227;~oref=https://advance3.wpengine.com/
IP 216.58.211.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (525), with no line terminators
Hash 02266ffb3fe7851c7bf9e3696a417b87
82733e0ee3fa1e17a02814116e66a102ae05e664
b75c831c79399cd3640bee917b77b7bcc91ead0821ec0270dcbb22f850282adc
GET /ddm/fls/i/src=9965807;type=invmedia;cat=moone0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8227264942134.227;~oref=https://advance3.wpengine.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9965807.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 12:29:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 273
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/p/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1742070918907.629;~oref=https://advance3.wpengine.com/
216.58.211.2302 Found 0 B URL HTTP/2 adservice.google.com/ddm/fls/p/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1742070918907.629;~oref=https://advance3.wpengine.com/
IP 216.58.211.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/p/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1742070918907.629;~oref=https://advance3.wpengine.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://advance3.wpengine.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 12:29:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.no/ddm/fls/p/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1742070918907.629;~oref=https://advance3.wpengine.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tr.outbrain.com/log?apiObjVersion=undefined&obtpVersion=2.0.5&msg=%7B%22error%22%3A%22LOAD%22%2C%20%22apiObjVersion%22%3A%20undefined%2C%20%22marketerID%22%3A%20undefined%2C%20%22referrer%22%3A%20https%3A%2F%2Fraulalvez033.clickfunnels.com%2F%2C%20%22extra%22%3A%20%7B%22name%22%3A%22TypeError%22%2C%22line%22%3A%221%22%2C%22script%22%3A%22https%3A%2F%2Fadvance3.wpengine.com%2Ffile%2FIT-M%2FMoneyIT%2FMooney_files%2Fobtp.js%22%2C%22stack%22%3A%22368%2Ft.runQ%40https%3A%2F%2Fadvance3.wpengine.com%2Ffile%2FIT-M%2FMoneyIT%2FMooney_files%2Fobtp.js%3A1%3A2168%0A341%40https%3A%2F%2Fadvance3.wpengine.com%2Ffile%2FIT-M%2FMoneyIT%2FMooney_files%2Fobtp.js%3A1%3A3222%0Ar%40https%3A%2F%2Fadvance3.wpengine.com%2Ffile%2FIT-M%2FMoneyIT%2FMooney_files%2Fobtp.js%3A1%3A16525%0A%40https%3A%2F%2Fadvance3.wpengine.com%2Ffile%2FIT-M%2FMoneyIT%2FMooney_files%2Fobtp.js%3A1%3A16565%0A%40https%3A%2F%2Fadvance3.wpengine.com%2Ffile%2FIT-M%2FMoneyIT%2FMooney_files%2Fobtp.js%3A1%3A16572%0A%22%2C%22message%22%3A%22can%27t%20access%20property%20%22length%22%2C%20o.apiObj.queue%20is%20undefined%22%7D%7D
70.42.32.95200 OK 53 B URL HTTP/1.1 tr.outbrain.com/log?apiObjVersion=undefined&obtpVersion=2.0.5&msg=%7B%22error%22%3A%22LOAD%22%2C%20%22apiObjVersion%22%3A%20undefined%2C%20%22marketerID%22%3A%20undefined%2C%20%22referrer%22%3A%20https%3A%2F%2Fraulalvez033.clickfunnels.com%2F%2C%20%22extra%22%3A%20%7B%22name%22%3A%22TypeError%22%2C%22line%22%3A%221%22%2C%22script%22%3A%22https%3A%2F%2Fadvance3.wpengine.com%2Ffile%2FIT-M%2FMoneyIT%2FMooney_files%2Fobtp.js%22%2C%22stack%22%3A%22368%2Ft.runQ%40https%3A%2F%2Fadvance3.wpengine.com%2Ffile%2FIT-M%2FMoneyIT%2FMooney_files%2Fobtp.js%3A1%3A2168%0A341%40https%3A%2F%2Fadvance3.wpengine.com%2Ffile%2FIT-M%2FMoneyIT%2FMooney_files%2Fobtp.js%3A1%3A3222%0Ar%40https%3A%2F%2Fadvance3.wpengine.com%2Ffile%2FIT-M%2FMoneyIT%2FMooney_files%2Fobtp.js%3A1%3A16525%0A%40https%3A%2F%2Fadvance3.wpengine.com%2Ffile%2FIT-M%2FMoneyIT%2FMooney_files%2Fobtp.js%3A1%3A16565%0A%40https%3A%2F%2Fadvance3.wpengine.com%2Ffile%2FIT-M%2FMoneyIT%2FMooney_files%2Fobtp.js%3A1%3A16572%0A%22%2C%22message%22%3A%22can%27t%20access%20property%20%22length%22%2C%20o.apiObj.queue%20is%20undefined%22%7D%7D
IP 70.42.32.95:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 414bd2a5161db03fdd910327b42c6daa
65d4cf50496813c5f1a34eddd5c50dc67d44ff47
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
GET /log?apiObjVersion=undefined&obtpVersion=2.0.5&msg=%7B%22error%22%3A%22LOAD%22%2C%20%22apiObjVersion%22%3A%20undefined%2C%20%22marketerID%22%3A%20undefined%2C%20%22referrer%22%3A%20https%3A%2F%2Fraulalvez033.clickfunnels.com%2F%2C%20%22extra%22%3A%20%7B%22name%22%3A%22TypeError%22%2C%22line%22%3A%221%22%2C%22script%22%3A%22https%3A%2F%2Fadvance3.wpengine.com%2Ffile%2FIT-M%2FMoneyIT%2FMooney_files%2Fobtp.js%22%2C%22stack%22%3A%22368%2Ft.runQ%40https%3A%2F%2Fadvance3.wpengine.com%2Ffile%2FIT-M%2FMoneyIT%2FMooney_files%2Fobtp.js%3A1%3A2168%0A341%40https%3A%2F%2Fadvance3.wpengine.com%2Ffile%2FIT-M%2FMoneyIT%2FMooney_files%2Fobtp.js%3A1%3A3222%0Ar%40https%3A%2F%2Fadvance3.wpengine.com%2Ffile%2FIT-M%2FMoneyIT%2FMooney_files%2Fobtp.js%3A1%3A16525%0A%40https%3A%2F%2Fadvance3.wpengine.com%2Ffile%2FIT-M%2FMoneyIT%2FMooney_files%2Fobtp.js%3A1%3A16565%0A%40https%3A%2F%2Fadvance3.wpengine.com%2Ffile%2FIT-M%2FMoneyIT%2FMooney_files%2Fobtp.js%3A1%3A16572%0A%22%2C%22message%22%3A%22can%27t%20access%20property%20%22length%22%2C%20o.apiObj.queue%20is%20undefined%22%7D%7D HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 12:29:22 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: 0d6095d71e922862a3ba9505c99ce29d
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2ccbef7dcf1b1d32956833f5127c1ad5
af220576c82f064130ee7bfa3ea966d033e51707
f6eceec81f5b6deb7005fa9f3855ecb54e4bd6b3159c705decf0921e3a49067d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2ccbef7dcf1b1d32956833f5127c1ad5
af220576c82f064130ee7bfa3ea966d033e51707
f6eceec81f5b6deb7005fa9f3855ecb54e4bd6b3159c705decf0921e3a49067d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2ccbef7dcf1b1d32956833f5127c1ad5
af220576c82f064130ee7bfa3ea966d033e51707
f6eceec81f5b6deb7005fa9f3855ecb54e4bd6b3159c705decf0921e3a49067d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2ccbef7dcf1b1d32956833f5127c1ad5
af220576c82f064130ee7bfa3ea966d033e51707
f6eceec81f5b6deb7005fa9f3855ecb54e4bd6b3159c705decf0921e3a49067d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/p/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8460716623006.9375;~oref=https://advance3.wpengine.com/
142.250.74.130200 OK 42 B URL HTTP/2 adservice.google.no/ddm/fls/p/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8460716623006.9375;~oref=https://advance3.wpengine.com/
IP 142.250.74.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/fls/p/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8460716623006.9375;~oref=https://advance3.wpengine.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://advance3.wpengine.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 12:29:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=9965807;type=invmedia;cat=moone0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8227264942134.227;~oref=https://advance3.wpengine.com/
142.250.74.130200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=9965807;type=invmedia;cat=moone0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8227264942134.227;~oref=https://advance3.wpengine.com/
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=9965807;type=invmedia;cat=moone0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8227264942134.227;~oref=https://advance3.wpengine.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 12:29:22 GMT
expires: Wed, 08 Feb 2023 12:29:22 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/p/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1742070918907.629;~oref=https://advance3.wpengine.com/
142.250.74.130200 OK 42 B URL HTTP/2 adservice.google.no/ddm/fls/p/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1742070918907.629;~oref=https://advance3.wpengine.com/
IP 142.250.74.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/fls/p/src=9923532;type=invmedia;cat=pixel0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1742070918907.629;~oref=https://advance3.wpengine.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://advance3.wpengine.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 12:29:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/activityi(4).html
34.82.246.63200 OK 519 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/activityi(4).html
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (468)
Hash 897480d7b37909bbb78234579b7d8813
4ab6bb532b74f9193905e7f7625e8edf02824e65
b8a164465629a8f6f5a0ac4ee7dd3239af5213110b97703d8ee6ab853af96cf7
GET /file/IT-M/MoneyIT/Mooney_files/activityi(4).html HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Cookie: utag_main=v_id:01863101527600022f5d55abc7c100050003000900918$_sn:1$_se:1$_ss:1$_st:1675861215671$ses_id:1675859415671%3Bexp-session$_pn:1%3Bexp-session
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:22 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
etag: W/"30a-5f42f471cbb99-gzip"
x-cache: HIT: 7
x-cache-group: normal
content-encoding: br
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=9965807;type=invmedia;cat=moone00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8238857324039.606;~oref=https://advance3.wpengine.com/
142.250.74.130200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=9965807;type=invmedia;cat=moone00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8238857324039.606;~oref=https://advance3.wpengine.com/
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=9965807;type=invmedia;cat=moone00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=8238857324039.606;~oref=https://advance3.wpengine.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 12:29:22 GMT
expires: Wed, 08 Feb 2023 12:29:22 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/styles__ltr.css
34.82.246.63200 OK 31 kB URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/styles__ltr.css
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (52913), with no line terminators
Hash 9d62eb146eede3ce7eb2aa096c933d0b
2d246149f750d1a5b684f0c36647dc1176d2b565
89e9bdc9e738c79a0dd95b4921e69f866f5ffd09fbc59f6b4daadbf180225171
GET /file/IT-M/MoneyIT/Mooney_files/styles__ltr.css HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/anchor.html
Cookie: utag_main=v_id:01863101527600022f5d55abc7c100050003000900918$_sn:1$_se:1$_ss:1$_st:1675861215671$ses_id:1675859415671%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:22 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-ceb1"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://advance3.wpengine.com
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 17:20:45 GMT
expires: Tue, 06 Feb 2024 17:20:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 155317
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.jumpgroup.it/assets/vendor-list.json
205.185.216.10200 OK 410 kB URL HTTP/2 cdn.jumpgroup.it/assets/vendor-list.json
IP 205.185.216.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size 410 kB (409832 bytes)
Hash dd5e6d444109736accfeca7278bfc7a1
ff3d52cb032cf8341ee062c18fbc143d17b7ac22
4a8c38b83efa6d1043fbd52e32b38f2bcbab3014033b6dcabc8abcbe1fe00c8f
GET /assets/vendor-list.json HTTP/1.1
Host: cdn.jumpgroup.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://advance3.wpengine.com
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 12:29:22 GMT
accept-ranges: bytes
cache-control: max-age=3600
content-length: 409832
content-type: application/json
x-hw: 1675859362.dop230.sk1.t,1675859362.cds255.sk1.hn,1675859362.cds219.sk1.p
x-rgw-object-type: Normal
etag: "dd5e6d444109736accfeca7278bfc7a1"
x-amz-request-id: tx000000000000001489ec9-0063e395a2-326a4b26-ams3a
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 0
age: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 08 Feb 2023 00:00:01 GMT
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/dc_pre=CMmNwvy9hvwCFfnJOwIdeY8JEw
34.82.246.63200 OK 42 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/dc_pre=CMmNwvy9hvwCFfnJOwIdeY8JEw
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /file/IT-M/MoneyIT/Mooney_files/dc_pre=CMmNwvy9hvwCFfnJOwIdeY8JEw HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/activityi.html
Cookie: utag_main=v_id:01863101527600022f5d55abc7c100050003000900918$_sn:1$_se:1$_ss:1$_st:1675861215671$ses_id:1675859415671%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:22 GMT
content-length: 42
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "2a-5f42f471ccb39"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 5
x-cache-group: normal
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9d2ab52e37336b674d6593f30f6969b2
124d06824dcf3613ad35fe50e5f9c36460ce5ad4
5eec0e093e53541305980d291561621eabce85d803bf916ace4e020aa911e6ec
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3806
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:23 GMT
Last-Modified: Wed, 08 Feb 2023 11:25:57 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9d2ab52e37336b674d6593f30f6969b2
124d06824dcf3613ad35fe50e5f9c36460ce5ad4
5eec0e093e53541305980d291561621eabce85d803bf916ace4e020aa911e6ec
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3806
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:23 GMT
Last-Modified: Wed, 08 Feb 2023 11:25:57 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9d2ab52e37336b674d6593f30f6969b2
124d06824dcf3613ad35fe50e5f9c36460ce5ad4
5eec0e093e53541305980d291561621eabce85d803bf916ace4e020aa911e6ec
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2798
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:23 GMT
Last-Modified: Wed, 08 Feb 2023 11:42:45 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9d2ab52e37336b674d6593f30f6969b2
124d06824dcf3613ad35fe50e5f9c36460ce5ad4
5eec0e093e53541305980d291561621eabce85d803bf916ace4e020aa911e6ec
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6123
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:23 GMT
Last-Modified: Wed, 08 Feb 2023 10:47:20 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9d2ab52e37336b674d6593f30f6969b2
124d06824dcf3613ad35fe50e5f9c36460ce5ad4
5eec0e093e53541305980d291561621eabce85d803bf916ace4e020aa911e6ec
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3244
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 12:29:23 GMT
Last-Modified: Wed, 08 Feb 2023 11:35:19 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
cdn.avacysolution.com/configurations/mooney/cookie.png
205.185.216.42200 OK 7.0 kB URL HTTP/2 cdn.avacysolution.com/configurations/mooney/cookie.png
IP 205.185.216.42:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d22af81b8bc579034f7db99e6c1ba3e
29f583d5dbb52d8bdfc530c5aa9e464d7ea12f69
0b69ba9accdaf80967edf340934fd29e726ac33e8e087cf6b17cd280a66bd872
GET /configurations/mooney/cookie.png HTTP/1.1
Host: cdn.avacysolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 12:29:23 GMT
cache-control: max-age=88
content-length: 7025
content-type: image/png
last-modified: Wed, 29 Sep 2021 07:28:04 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "9d22af81b8bc579034f7db99e6c1ba3e"
x-amz-request-id: tx00000000000001d85a292-0063e387eb-85aa146b-fra1b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1675859363.dop202.sk1.t,1675859363.cds245.sk1.hn,1675859363.cds243.sk1.c
X-Firefox-Spdy: h2
avacysolution.fra1.digitaloceanspaces.com/configurations/mooney/custom-vendor-list.json
5.101.109.44200 OK 4.4 kB URL HTTP/2 avacysolution.fra1.digitaloceanspaces.com/configurations/mooney/custom-vendor-list.json
IP 5.101.109.44:0
ASN #14061 DIGITALOCEAN-ASN
Hash f4ba777726e01ed1458c226eec2bc6e4
4abb59a71f044cc91e710a4aa6616bee69c4633a
38675d50d0beecb5e69041adb17625bbe30df0af61287d44d6a643ddcfb51595
GET /configurations/mooney/custom-vendor-list.json HTTP/1.1
Host: avacysolution.fra1.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://advance3.wpengine.com
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 4356
accept-ranges: bytes
last-modified: Fri, 10 Dec 2021 10:01:00 GMT
x-rgw-object-type: Normal
etag: "f4ba777726e01ed1458c226eec2bc6e4"
x-amz-request-id: tx00000000000001dd1d74a-0063e395a3-852b6119-fra1b
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 0
content-type: application/json
date: Wed, 08 Feb 2023 12:29:23 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2
avacysolution.fra1.digitaloceanspaces.com/configurations/mooney/custom-vendor-list.json
5.101.109.44200 OK 4.4 kB URL HTTP/2 avacysolution.fra1.digitaloceanspaces.com/configurations/mooney/custom-vendor-list.json
IP 5.101.109.44:0
ASN #14061 DIGITALOCEAN-ASN
Hash f4ba777726e01ed1458c226eec2bc6e4
4abb59a71f044cc91e710a4aa6616bee69c4633a
38675d50d0beecb5e69041adb17625bbe30df0af61287d44d6a643ddcfb51595
GET /configurations/mooney/custom-vendor-list.json HTTP/1.1
Host: avacysolution.fra1.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://advance3.wpengine.com
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 4356
accept-ranges: bytes
last-modified: Fri, 10 Dec 2021 10:01:00 GMT
x-rgw-object-type: Normal
etag: "f4ba777726e01ed1458c226eec2bc6e4"
x-amz-request-id: tx00000000000001dd1d757-0063e395a3-852b6119-fra1b
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 0
content-type: application/json
date: Wed, 08 Feb 2023 12:29:23 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2
cdn.jumpgroup.it/assets/purposes-it.json
205.185.216.10200 OK 32 kB URL HTTP/2 cdn.jumpgroup.it/assets/purposes-it.json
IP 205.185.216.10:0
File type JSON data\012- , ASCII text, with very long lines (32506), with no line terminators
Hash d9b605281001c5ae033d477d8fc1877b
f56ebe80aa08580c7e5bd0c5599666f48fc9df35
2d4d847ed574c750752191ef781298f668d581072adee1e9cac78fc18cc944c0
GET /assets/purposes-it.json HTTP/1.1
Host: cdn.jumpgroup.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://advance3.wpengine.com
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 12:29:23 GMT
accept-ranges: bytes
cache-control: max-age=3600
content-length: 32506
content-type: application/json
x-hw: 1675859363.dop230.sk1.t,1675859363.cds255.sk1.hn,1675859363.cds214.sk1.p
x-rgw-object-type: Normal
etag: "d9b605281001c5ae033d477d8fc1877b"
x-amz-request-id: tx00000000000000147bb16-0063e3942a-327fa6de-ams3a
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 0
age: 376
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 08 Feb 2023 00:00:15 GMT
X-Firefox-Spdy: h2
avacysolution.fra1.digitaloceanspaces.com/configurations/mooney/custom-vendor-list.json
5.101.109.44200 OK 4.4 kB URL HTTP/2 avacysolution.fra1.digitaloceanspaces.com/configurations/mooney/custom-vendor-list.json
IP 5.101.109.44:0
ASN #14061 DIGITALOCEAN-ASN
Hash f4ba777726e01ed1458c226eec2bc6e4
4abb59a71f044cc91e710a4aa6616bee69c4633a
38675d50d0beecb5e69041adb17625bbe30df0af61287d44d6a643ddcfb51595
GET /configurations/mooney/custom-vendor-list.json HTTP/1.1
Host: avacysolution.fra1.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://advance3.wpengine.com
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 4356
accept-ranges: bytes
last-modified: Fri, 10 Dec 2021 10:01:00 GMT
x-rgw-object-type: Normal
etag: "f4ba777726e01ed1458c226eec2bc6e4"
x-amz-request-id: tx00000000000001dbd4d2f-0063e395a3-852b5b97-fra1b
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 0
content-type: application/json
date: Wed, 08 Feb 2023 12:29:23 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2
avacysolution.fra1.digitaloceanspaces.com/configurations/mooney/custom-vendor-list.json
5.101.109.44200 OK 4.4 kB URL HTTP/2 avacysolution.fra1.digitaloceanspaces.com/configurations/mooney/custom-vendor-list.json
IP 5.101.109.44:0
ASN #14061 DIGITALOCEAN-ASN
Hash f4ba777726e01ed1458c226eec2bc6e4
4abb59a71f044cc91e710a4aa6616bee69c4633a
38675d50d0beecb5e69041adb17625bbe30df0af61287d44d6a643ddcfb51595
GET /configurations/mooney/custom-vendor-list.json HTTP/1.1
Host: avacysolution.fra1.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://advance3.wpengine.com
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 4356
accept-ranges: bytes
last-modified: Fri, 10 Dec 2021 10:01:00 GMT
x-rgw-object-type: Normal
etag: "f4ba777726e01ed1458c226eec2bc6e4"
x-amz-request-id: tx00000000000001dbd4d33-0063e395a3-852b5b97-fra1b
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 0
content-type: application/json
date: Wed, 08 Feb 2023 12:29:23 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2
avacysolution.fra1.digitaloceanspaces.com/configurations/mooney/custom-vendor-list.json
5.101.109.44200 OK 4.4 kB URL HTTP/2 avacysolution.fra1.digitaloceanspaces.com/configurations/mooney/custom-vendor-list.json
IP 5.101.109.44:0
ASN #14061 DIGITALOCEAN-ASN
Hash f4ba777726e01ed1458c226eec2bc6e4
4abb59a71f044cc91e710a4aa6616bee69c4633a
38675d50d0beecb5e69041adb17625bbe30df0af61287d44d6a643ddcfb51595
GET /configurations/mooney/custom-vendor-list.json HTTP/1.1
Host: avacysolution.fra1.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://advance3.wpengine.com
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 4356
accept-ranges: bytes
last-modified: Fri, 10 Dec 2021 10:01:00 GMT
x-rgw-object-type: Normal
etag: "f4ba777726e01ed1458c226eec2bc6e4"
x-amz-request-id: tx00000000000001dcc585b-0063e395a3-85aa146b-fra1b
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 0
content-type: application/json
date: Wed, 08 Feb 2023 12:29:23 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/logo-positive.svg
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/logo-positive.svg
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/logo-positive.svg HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-c01"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/card.svg
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/card.svg
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/card.svg HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-308"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/360.html
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/360.html
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/360.html HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Cookie: utag_main=v_id:01863101527600022f5d55abc7c100050003000900918$_sn:1$_se:1$_ss:1$_st:1675861215671$ses_id:1675859415671%3Bexp-session$_pn:1%3Bexp-session
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:22 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
etag: W/"7b7-5f42f471cabf9-gzip"
x-cache: HIT: 7
x-cache-group: normal
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/oilstub.min.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/oilstub.min.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/oilstub.min.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-78f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/oil.min.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/oil.min.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/oil.min.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-58bc3"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(21)
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(21)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon(21) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 14583
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "38f7-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.1.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.1.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/utag.1.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-17340"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/f(2).txt
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/f(2).txt
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/f(2).txt HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: text/plain
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-7da"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/bat.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/bat.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/bat.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-98d5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/WatsonAssistantChatEntry.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/WatsonAssistantChatEntry.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/WatsonAssistantChatEntry.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-3073b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.34.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.34.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/utag.34.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-6822"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.3.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.3.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/utag.3.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-f9c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/saved_resource
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/saved_resource
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/saved_resource HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 1928
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "788-5f42f471d28fc"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 10
x-cache-group: normal
X-Firefox-Spdy: h2
app.clickfunnels.com/assets/pushcrew.js
104.16.12.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/assets/pushcrew.js
IP 104.16.12.194:0
GET /assets/pushcrew.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://raulalvez033.clickfunnels.com/
Cookie: __cf_bm=r8PVZOLeBfcTu5rmoMRebdJgt.KDL5ZMC_xgO4aoo4g-1675859357-0-AaSxnm+WkMqfh68Tw2TjqfZfJXHTBTj7bjHmYvpKOGyzsZOz0t4ANlgvzQmuNFVFjIife19Kfi0D8fBCnX4htrlShi0L4bAQNWeB0QyQtwmM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 12:29:17 GMT
content-type: application/x-javascript
cf-ray: 79645ebaf942b51b-OSL
access-control-allow-origin: *
age: 1076
cache-control: public, max-age=1200
etag: W/"63dbd64e-27d"
expires: Wed, 08 Feb 2023 12:49:17 GMT
last-modified: Thu, 02 Feb 2023 15:27:10 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/obtp.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/obtp.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/obtp.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-40be"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.32.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.32.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/utag.32.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-85a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/close-popup.svg
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/close-popup.svg
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/close-popup.svg HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: image/svg+xml
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-ec"
cache-control: public, max-age=31536000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(20)
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(20)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon(20) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 3961
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "f79-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP 142.250.74.74:0
GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://raulalvez033.clickfunnels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 Feb 2023 12:29:18 GMT
date: Wed, 08 Feb 2023 12:29:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.40.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.40.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/utag.40.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-a96"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/px.html
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/px.html
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/px.html HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Cookie: utag_main=v_id:01863101527600022f5d55abc7c100050003000900918$_sn:1$_se:1$_ss:1$_st:1675861215671$ses_id:1675859415671%3Bexp-session$_pn:1%3Bexp-session
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:22 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
etag: W/"1529-5f42f471d195b-gzip"
x-cache: HIT: 6
x-cache-group: normal
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/analytics.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/analytics.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/analytics.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-c436"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.7.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.7.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/utag.7.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-438a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.14.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.14.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/utag.14.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-1440"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.28.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.28.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/utag.28.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-84f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
app.clickfunnels.com/cf.js
104.16.12.194301 Moved Permanently 0 B URL HTTP/2 app.clickfunnels.com/cf.js
IP 104.16.12.194:0
GET /cf.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://raulalvez033.clickfunnels.com/
Cookie: __cf_bm=r8PVZOLeBfcTu5rmoMRebdJgt.KDL5ZMC_xgO4aoo4g-1675859357-0-AaSxnm+WkMqfh68Tw2TjqfZfJXHTBTj7bjHmYvpKOGyzsZOz0t4ANlgvzQmuNFVFjIife19Kfi0D8fBCnX4htrlShi0L4bAQNWeB0QyQtwmM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 08 Feb 2023 12:29:18 GMT
content-type: text/html
location: https://www.clickfunnels.com/cf.js
cf-ray: 79645ebf685ab51b-OSL
age: 518
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/identity.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/identity.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/identity.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-ff06"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.35.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.35.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/utag.35.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-6c4"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
raulalvez033.clickfunnels.com/optinlk1yhzk4
104.16.12.194302 Found 0 B URL HTTP/2 raulalvez033.clickfunnels.com/optinlk1yhzk4
IP 104.16.12.194:0
GET /optinlk1yhzk4 HTTP/1.1
Host: raulalvez033.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Wed, 08 Feb 2023 12:29:17 GMT
content-type: text/html; charset=utf-8
location: https://raulalvez033.clickfunnels.com/optin1673710293310
cf-ray: 79645eb6ba3db51b-OSL
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
status: 302 Found
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 6a9e51979d77d571e65f5febedcede3a
x-runtime: 0.058975
set-cookie: __cf_bm=r8PVZOLeBfcTu5rmoMRebdJgt.KDL5ZMC_xgO4aoo4g-1675859357-0-AaSxnm+WkMqfh68Tw2TjqfZfJXHTBTj7bjHmYvpKOGyzsZOz0t4ANlgvzQmuNFVFjIife19Kfi0D8fBCnX4htrlShi0L4bAQNWeB0QyQtwmM; path=/; expires=Wed, 08-Feb-23 12:59:17 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
raulalvez033.clickfunnels.com/optin1673710293310
104.16.12.194200 OK 0 B URL HTTP/2 raulalvez033.clickfunnels.com/optin1673710293310
IP 104.16.12.194:0
GET /optin1673710293310 HTTP/1.1
Host: raulalvez033.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=r8PVZOLeBfcTu5rmoMRebdJgt.KDL5ZMC_xgO4aoo4g-1675859357-0-AaSxnm+WkMqfh68Tw2TjqfZfJXHTBTj7bjHmYvpKOGyzsZOz0t4ANlgvzQmuNFVFjIife19Kfi0D8fBCnX4htrlShi0L4bAQNWeB0QyQtwmM
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 12:29:17 GMT
content-type: text/html; charset=utf-8
cf-ray: 79645eb81c95b51b-OSL
access-control-allow-origin: *
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Wed, 08 Feb 2023 12:22:50 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
status: 200 OK
x-content-digest: b8618dca4c3a34e90e19b36a4489d1da4d7986f3
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: stale, valid, store
x-request-id: aca973920a2f7fe5e6cff2e2c6c2659f
x-runtime: 0.184818
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/omg.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/omg.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/omg.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-13d4c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/0da783df891e1.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/0da783df891e1.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/0da783df891e1.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-6087c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/api.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/api.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/api.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-374"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/main.37caeda3.chunk.css
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/main.37caeda3.chunk.css
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/main.37caeda3.chunk.css HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-8b11c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/2.chunk.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/2.chunk.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/2.chunk.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-5f0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/f.txt
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/f.txt
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/f.txt HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: text/plain
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-7de"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.27.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.27.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/utag.27.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-832"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/f(3).txt
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/f(3).txt
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/f(3).txt HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: text/plain
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-7dc"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(2)
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/layout_icon(2)
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/layout_icon(2) HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 10782
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "2a1e-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__fr.js
216.58.211.3200 OK 0 B URL HTTP/2 www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__fr.js
IP 216.58.211.3:0
GET /recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__fr.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://advance3.wpengine.com
Connection: keep-alive
Referer: https://advance3.wpengine.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166370
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 08:56:51 GMT
expires: Mon, 05 Feb 2024 08:56:51 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
content-type: text/javascript
age: 271951
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.17.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.17.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/utag.17.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-1264"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.15.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.15.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/utag.15.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-55f3"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/44.e2f6a8cc.chunk.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/44.e2f6a8cc.chunk.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/44.e2f6a8cc.chunk.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-76f37"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/utag.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-12ece"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/f(1).txt
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/f(1).txt
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/f(1).txt HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: text/plain
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-7de"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/script.html
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/script.html
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/script.html HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Cookie: utag_main=v_id:01863101527600022f5d55abc7c100050003000900918$_sn:1$_se:1$_ss:1$_st:1675861215671$ses_id:1675859415671%3Bexp-session$_pn:1%3Bexp-session
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:22 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
etag: W/"a1d-5f42f471d28fc-gzip"
x-cache: HIT: 7
x-cache-group: normal
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/locator-pin.svg
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/locator-pin.svg
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/locator-pin.svg HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-1d6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
app.clickfunnels.com/assets/lander.js
104.16.12.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/assets/lander.js
IP 104.16.12.194:0
GET /assets/lander.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://raulalvez033.clickfunnels.com/
Cookie: __cf_bm=r8PVZOLeBfcTu5rmoMRebdJgt.KDL5ZMC_xgO4aoo4g-1675859357-0-AaSxnm+WkMqfh68Tw2TjqfZfJXHTBTj7bjHmYvpKOGyzsZOz0t4ANlgvzQmuNFVFjIife19Kfi0D8fBCnX4htrlShi0L4bAQNWeB0QyQtwmM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 12:29:17 GMT
content-type: application/x-javascript
cf-ray: 79645ebaf941b51b-OSL
access-control-allow-origin: *
age: 194
cache-control: public, max-age=1200
etag: W/"63dbd6a4-239357"
expires: Wed, 08 Feb 2023 12:49:17 GMT
last-modified: Thu, 02 Feb 2023 15:28:36 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP 172.64.133.15:0
GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://raulalvez033.clickfunnels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 12:29:18 GMT
content-type: text/css
x-amz-id-2: WpVlr9E4LNAdFsXi6U7ITEvBAF0od/nY8z13ckAJA/I/wFoGHyoSwlXOyhWr8pqbj6dB1MeQp5k=
x-amz-request-id: CN86A7VHSM61Q680
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2160461
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOg5VqXREQVzhNchsZc1cX%2FqeOPqWXhzLbR9PjJ69RM%2BQiAeVk0rqikUukxPFl%2BNWktuLcskFgW6K%2F1kJ8gF1MoC%2B2Qu4c00EJSrXq%2FuC2mHoRApZGWh6Lx%2FeHCwnwdzzkSlof7E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79645ebbcec3405e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/recaptcha__fr.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/recaptcha__fr.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/recaptcha__fr.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-65edb"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/saved_resource(2).html
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/saved_resource(2).html
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/saved_resource(2).html HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/anchor.html
Cookie: utag_main=v_id:01863101527600022f5d55abc7c100050003000900918$_sn:1$_se:1$_ss:1$_st:1675861215671$ses_id:1675859415671%3Bexp-session$_pn:1%3Bexp-session
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:22 GMT
content-type: text/html
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding, Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
etag: W/"95-5f42f471d28fc-gzip"
x-cache: HIT: 5
x-cache-group: normal
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/JVX2U4KRUB
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/JVX2U4KRUB
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/JVX2U4KRUB HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-length: 194143
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: "2f65f-5f42f471cfa1b"
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
accept-ranges: bytes
x-cache: HIT: 7
x-cache-group: normal
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/main.bd9adb9f.chunk.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/main.bd9adb9f.chunk.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/main.bd9adb9f.chunk.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-1fa5b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.18.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.18.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/utag.18.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-2c1b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.8.js
34.82.246.63200 OK 0 B URL HTTP/2 advance3.wpengine.com/file/IT-M/MoneyIT/Mooney_files/utag.8.js
IP 34.82.246.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /file/IT-M/MoneyIT/Mooney_files/utag.8.js HTTP/1.1
Host: advance3.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://advance3.wpengine.com/file/IT-M/MoneyIT/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 12:29:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Feb 2023 12:19:37 GMT
etag: W/"63e39359-1f21"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2