tracking.flexibilitycapital.net/f/a/lvjrpzeF5FDSl15e9Zknsw~~/AAAHUQA~/RgRldJqIP0UgZWVjZDExNjljMWZjYTQzZWYxNjgyNGMxMjgyNzRhZWVEN2h0dHBzOi8vZmxleGliaWxpdHljYXBpdGFsLmNvbS9tZi9xdWljay1hcHBseT9zPW5ibGVhZHNXBXNwY2V1QgpjiIgVkmPxt7PQUhNsYXJyeWNsaWNrQGljd2cuY29tWAQAABC4
54.228.9.98308 Permanent Redirect 0 B URL HTTP/1.1 tracking.flexibilitycapital.net/f/a/lvjrpzeF5FDSl15e9Zknsw~~/AAAHUQA~/RgRldJqIP0UgZWVjZDExNjljMWZjYTQzZWYxNjgyNGMxMjgyNzRhZWVEN2h0dHBzOi8vZmxleGliaWxpdHljYXBpdGFsLmNvbS9tZi9xdWljay1hcHBseT9zPW5ibGVhZHNXBXNwY2V1QgpjiIgVkmPxt7PQUhNsYXJyeWNsaWNrQGljd2cuY29tWAQAABC4
IP 54.228.9.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f/a/lvjrpzeF5FDSl15e9Zknsw~~/AAAHUQA~/RgRldJqIP0UgZWVjZDExNjljMWZjYTQzZWYxNjgyNGMxMjgyNzRhZWVEN2h0dHBzOi8vZmxleGliaWxpdHljYXBpdGFsLmNvbS9tZi9xdWljay1hcHBseT9zPW5ibGVhZHNXBXNwY2V1QgpjiIgVkmPxt7PQUhNsYXJyeWNsaWNrQGljd2cuY29tWAQAABC4 HTTP/1.1
Host: tracking.flexibilitycapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 308 Permanent Redirect
Connection: close
Location: https://tracking.flexibilitycapital.net/f/a/lvjrpzeF5FDSl15e9Zknsw~~/AAAHUQA~/RgRldJqIP0UgZWVjZDExNjljMWZjYTQzZWYxNjgyNGMxMjgyNzRhZWVEN2h0dHBzOi8vZmxleGliaWxpdHljYXBpdGFsLmNvbS9tZi9xdWljay1hcHBseT9zPW5ibGVhZHNXBXNwY2V1QgpjiIgVkmPxt7PQUhNsYXJyeWNsaWNrQGljd2cuY29tWAQAABC4
Server: Caddy
Date: Fri, 09 Dec 2022 19:14:38 GMT
Content-Length: 0
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4733
Expires: Fri, 09 Dec 2022 20:33:31 GMT
Date: Fri, 09 Dec 2022 19:14:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4650
Expires: Fri, 09 Dec 2022 20:32:08 GMT
Date: Fri, 09 Dec 2022 19:14:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 19:08:20 GMT
content-type: application/json
age: 378
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3216
Expires: Fri, 09 Dec 2022 20:08:14 GMT
Date: Fri, 09 Dec 2022 19:14:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HfJ7/u7LOjuzOXCJtfPdzkSaG81ucnCHKukIqDoOV/YOmBm744ftkf81VF9tmFyhcR+rCkJByhQ=
x-amz-request-id: 0ASPVNCRPK2KNQ98
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 18:50:22 GMT
age: 1456
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
tracking.flexibilitycapital.net/f/a/lvjrpzeF5FDSl15e9Zknsw~~/AAAHUQA~/RgRldJqIP0UgZWVjZDExNjljMWZjYTQzZWYxNjgyNGMxMjgyNzRhZWVEN2h0dHBzOi8vZmxleGliaWxpdHljYXBpdGFsLmNvbS9tZi9xdWljay1hcHBseT9zPW5ibGVhZHNXBXNwY2V1QgpjiIgVkmPxt7PQUhNsYXJyeWNsaWNrQGljd2cuY29tWAQAABC4
54.73.152.72302 Found 154 B URL HTTP/2 tracking.flexibilitycapital.net/f/a/lvjrpzeF5FDSl15e9Zknsw~~/AAAHUQA~/RgRldJqIP0UgZWVjZDExNjljMWZjYTQzZWYxNjgyNGMxMjgyNzRhZWVEN2h0dHBzOi8vZmxleGliaWxpdHljYXBpdGFsLmNvbS9tZi9xdWljay1hcHBseT9zPW5ibGVhZHNXBXNwY2V1QgpjiIgVkmPxt7PQUhNsYXJyeWNsaWNrQGljd2cuY29tWAQAABC4
IP 54.73.152.72:0
File type HTML document, ASCII text, with no line terminators
Hash 5f2acd48ff0b1cca77c586a9414fdd9b
d288c82ef6a1a0c37a3d9b75e2a3c9e5dfc9af5b
ac316eb783fbd4cf9ee4e5717cadff37c4cff4aae6624e5a8679184a0e24b007
GET /f/a/lvjrpzeF5FDSl15e9Zknsw~~/AAAHUQA~/RgRldJqIP0UgZWVjZDExNjljMWZjYTQzZWYxNjgyNGMxMjgyNzRhZWVEN2h0dHBzOi8vZmxleGliaWxpdHljYXBpdGFsLmNvbS9tZi9xdWljay1hcHBseT9zPW5ibGVhZHNXBXNwY2V1QgpjiIgVkmPxt7PQUhNsYXJyeWNsaWNrQGljd2cuY29tWAQAABC4 HTTP/1.1
Host: tracking.flexibilitycapital.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
content-type: text/html; charset=utf-8
date: Fri, 09 Dec 2022 19:14:38 GMT
location: https://flexibilitycapital.com/mf/quick-apply?s=nbleads
vary: Accept
x-robots-tag: noindex
content-length: 154
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 19:14:38 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 18:33:13 GMT
age: 2486
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6136
Cache-Control: max-age=142472
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:14:39 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 10:49:11 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
assets.squarespace.com/universal/scripts-compressed/performance-331b79b03d742f69f5706-min.en-US.js
151.101.0.237200 OK 12 kB URL HTTP/2 assets.squarespace.com/universal/scripts-compressed/performance-331b79b03d742f69f5706-min.en-US.js
IP 151.101.0.237:0
File type ASCII text, with very long lines (40615)
Hash 2d20a0181b1303c089743afdd0d4e942
d52f03d7dfa4d4f0c9d1ef13fca206d12d74bb69
925cacf708df85ea1a2035492bcd1e242dbb4bc392fb9c864e1657a76ea4cd14
GET /universal/scripts-compressed/performance-331b79b03d742f69f5706-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 06 Dec 2023 01:12:56 GMT
last-modified: Mon, 05 Dec 2022 23:01:49 GMT
etag: "2d20a0181b1303c089743afdd0d4e942"
content-type: text/javascript
content-encoding: br
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 19:14:39 GMT
age: 324102
x-served-by: cache-iad-kcgs7200086-IAD, cache-bma1655-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 22841
x-timer: S1670613280.628785,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-length: 12234
X-Firefox-Spdy: h2
assets.squarespace.com/universal/scripts-compressed/extension-scripts-4924c2475dbc9d44975e6-min.en-US.js
151.101.0.237200 OK 22 kB URL HTTP/2 assets.squarespace.com/universal/scripts-compressed/extension-scripts-4924c2475dbc9d44975e6-min.en-US.js
IP 151.101.0.237:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8cf804c5927ca4ecf63b3804dbe55743
7bd52cd74723623798883bfe09a901128365c236
e752897cdc50aad7a19f752c30def566fbde4db6e8a4b8d8117aba0b661e301f
GET /universal/scripts-compressed/extension-scripts-4924c2475dbc9d44975e6-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 08 Dec 2023 18:28:31 GMT
last-modified: Thu, 08 Dec 2022 18:00:46 GMT
etag: "8cf804c5927ca4ecf63b3804dbe55743"
content-type: text/javascript
content-encoding: br
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 19:14:39 GMT
age: 89168
x-served-by: cache-iad-kiad7000123-IAD, cache-bma1655-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 5
x-timer: S1670613280.628763,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-length: 22288
X-Firefox-Spdy: h2
assets.squarespace.com/@sqs/polyfiller/1.6/modern.js
151.101.0.237200 OK 42 kB URL HTTP/2 assets.squarespace.com/@sqs/polyfiller/1.6/modern.js
IP 151.101.0.237:0
File type Unicode text, UTF-8 text, with very long lines (43878), with NEL line terminators
Hash fe0d53a94823df972dbf107bf190771a
0ae461e408323c0dd10c6ccfb0a673c6d0a173bf
8cb58343dcef08e359f0abd73b1218780ca7ea4eab16f2d9d43ffc272ad91206
GET /@sqs/polyfiller/1.6/modern.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 18:39:24 GMT
last-modified: Mon, 31 Oct 2022 21:19:57 GMT
etag: "fe0d53a94823df972dbf107bf190771a"
content-type: text/javascript
content-encoding: gzip
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 19:14:39 GMT
age: 174915
x-served-by: cache-iad-kjyo7100143-IAD, cache-bma1655-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 6229
x-timer: S1670613280.628862,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-length: 42447
X-Firefox-Spdy: h2
flexibilitycapital.com/mf/quick-apply?s=nbleads
198.49.23.144200 OK 37 kB URL HTTP/2 flexibilitycapital.com/mf/quick-apply?s=nbleads
IP 198.49.23.144:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (21096), with CRLF, LF line terminators
Hash 1c34481f77a8c03aa2e57cc87c871e5a
53ea437cc0402388ddcb59dbcc038a6e501d27ed
43899a0c98de6314364419b97da920e67b6ad6a699347b87b033472bce1bd368
Analyzer Verdict Alert fortinet Phishing
GET /mf/quick-apply?s=nbleads HTTP/1.1
Host: flexibilitycapital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
accept-ranges: bytes
age: 38538
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Fri, 09 Dec 2022 08:32:20 GMT
etag: W/"c4e09dd6e2e123ff96b94b2f22d1822e"
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Squarespace
set-cookie: crumb=BVeIDvaU02prNzJmZGZiNDA3NTYxYjZmMzk1MTU2Y2YzMThlOTMy;Path=/
strict-transport-security: max-age=43200
vary: Accept-Encoding
x-content-type-options: nosniff
x-contextid: V44tQdIp/SzHoqbLm
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-length: 36820
X-Firefox-Spdy: h2
assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-f5f8ed3bf6581fb08c8c8-min.en-US.js
151.101.0.237200 OK 15 kB URL HTTP/2 assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-f5f8ed3bf6581fb08c8c8-min.en-US.js
IP 151.101.0.237:0
File type ASCII text, with very long lines (44635)
Hash ffcc7874de213463d80967c20d454149
697d2adfc50caf49b168cb9cfdaf27e38bbc2002
d58cbde610e51dd18b6b218ce2b77dffc63c38f22b9e300e8e83d4ffc8aeb1eb
GET /universal/scripts-compressed/extract-css-runtime-f5f8ed3bf6581fb08c8c8-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 08 Dec 2023 22:09:58 GMT
last-modified: Thu, 08 Dec 2022 21:45:15 GMT
etag: "ffcc7874de213463d80967c20d454149"
content-type: text/javascript
content-encoding: br
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 19:14:39 GMT
age: 75881
x-served-by: cache-iad-kcgs7200068-IAD, cache-bma1655-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 339
x-timer: S1670613280.635262,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-length: 14976
X-Firefox-Spdy: h2
assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-33f25cea66c84971c39d6-min.en-US.js
151.101.0.237200 OK 18 kB URL HTTP/2 assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-33f25cea66c84971c39d6-min.en-US.js
IP 151.101.0.237:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash bf4aa98d55eee8cce95ff27af398f599
eccfc800014e449cdfe1365dacc541f817cdd178
4d08cfbf346295d8cc4012bd9d3dc9fa797969a811898f2f83c5291158954f8d
GET /universal/scripts-compressed/cldr-resource-pack-33f25cea66c84971c39d6-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 21 Nov 2023 17:23:55 GMT
last-modified: Mon, 21 Nov 2022 16:42:30 GMT
etag: "bf4aa98d55eee8cce95ff27af398f599"
content-type: text/javascript
content-encoding: br
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 19:14:39 GMT
age: 1561845
x-served-by: cache-iad-kjyo7100046-IAD, cache-bma1655-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 126670
x-timer: S1670613280.635408,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-length: 18492
X-Firefox-Spdy: h2
assets.squarespace.com/universal/scripts-compressed/common-e9a8a4531d0abdbe34e1b-min.en-US.js
151.101.0.237200 OK 235 kB URL HTTP/2 assets.squarespace.com/universal/scripts-compressed/common-e9a8a4531d0abdbe34e1b-min.en-US.js
IP 151.101.0.237:0
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Size 235 kB (234718 bytes)
Hash 301a6348f23d73dedad8c1ba1b3678a1
27be3dc0fca8db40d48065288371cad5c20d23d6
51f62b624a7dbac4daf8cb17130b69b52057d8976a352cde37c3c26ffcde7b6e
GET /universal/scripts-compressed/common-e9a8a4531d0abdbe34e1b-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 08 Dec 2023 18:28:27 GMT
last-modified: Thu, 08 Dec 2022 18:01:49 GMT
etag: "301a6348f23d73dedad8c1ba1b3678a1"
content-type: text/javascript
content-encoding: br
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 19:14:39 GMT
age: 89172
x-served-by: cache-iad-kjyo7100131-IAD, cache-bma1655-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 3537
x-timer: S1670613280.628820,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-length: 234718
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.41.252.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.252.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Mo6HPeL4nXAwEToBbHzrLg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WmygtDiEoSqRYaOd1tGEwaLtfRY=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:14:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
code.jquery.com/jquery-3.5.1.min.js
69.16.175.42200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.5.1.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65451)
Hash 3700d0b271343804b9b9aa1c13efa521
3d6b03dbd74872ca3dfbb0529f6c80943788f918
fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e
GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:14:39 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670613279.dop219.sk1.t,1670613279.cds211.sk1.hn,1670613279.cds208.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:14:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.1ca98a153fb23c0f2efe1ecd45c3f098.js
151.101.0.238200 OK 43 kB URL HTTP/2 static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.1ca98a153fb23c0f2efe1ecd45c3f098.js
IP 151.101.0.238:0
File type ASCII text, with very long lines (65467)
Hash a7f4c766ab9f6faedaff36a67efb0149
00ff05a12c3a1ae47fad13720820b50524552d94
0a907d5d460850a74ad47ca80870127cf28c06159af9c0f2364e763a111d2f4c
GET /static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.1ca98a153fb23c0f2efe1ecd45c3f098.js HTTP/1.1
Host: static1.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=94608000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
pragma: cache
server: Squarespace
timing-allow-origin: *
x-content-type-options: nosniff
x-contextid: sIUMz2au/hLyas5A5
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 19:14:39 GMT
age: 12507
x-served-by: cache-dfw-kdfw8210129-DFW, cache-bma1672-BMA
x-cache: HIT, HIT
x-cache-hits: 29, 1136
x-timer: S1670613280.768976,VS0,VE0
vary: Accept-Encoding
tracepoint: Fastly
content-length: 43053
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-HVJMBLJ363
142.250.74.168200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-HVJMBLJ363
IP 142.250.74.168:0
File type ASCII text, with very long lines (20633)
Hash c333cad53d8e76a84a7457db5e82a552
55e988391e68b5b1a1f680fdfae7e7b47ce2fe73
3744acd8f00ffb6ea48a82a5e0f4637138e429b4cac01d1ce411f6ba2072e8fa
GET /gtag/js?id=G-HVJMBLJ363 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 19:14:39 GMT
expires: Fri, 09 Dec 2022 19:14:39 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77790
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 32f9ba3aefce7852b144eae83fd5e5a9
fd94d3adf8e74b41e159c770b0c14bc37287b1d1
dd680aea642522877f25ee8eecfed44dd42df06d706f191c955ef1980158a7fe
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 19:14:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 09:41:46 GMT
Expires: Tue, 13 Dec 2022 09:41:45 GMT
Etag: "fd94d3adf8e74b41e159c770b0c14bc37287b1d1"
Cache-Control: max-age=310625,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 777010a6faa11c02-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:14:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:14:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:14:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static1.squarespace.com/static/versioned-site-css/62be2633e9cdbe321dc30465/16/5c5a519771c10ba3470d8101/62be2634e9cdbe321dc30473/1323/site.css
151.101.0.238200 OK 98 kB URL HTTP/2 static1.squarespace.com/static/versioned-site-css/62be2633e9cdbe321dc30465/16/5c5a519771c10ba3470d8101/62be2634e9cdbe321dc30473/1323/site.css
IP 151.101.0.238:0
File type Unicode text, UTF-8 text, with very long lines (31968)
Hash bd307941a2d01a746698011d31a34078
de823e0516d4f6caf3f9e04b8c77f54660fcf3eb
68ae51a059ebc1fd66e8bc6676d1dd8f393e47b3f6e8dedc3737ee5340b851e7
GET /static/versioned-site-css/62be2633e9cdbe321dc30465/16/5c5a519771c10ba3470d8101/62be2634e9cdbe321dc30473/1323/site.css HTTP/1.1
Host: static1.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=94608000
content-encoding: gzip
content-type: text/css; charset=UTF-8
pragma: cache
server: Squarespace
timing-allow-origin: *
x-content-type-options: nosniff
x-contextid: o1KIqiOP/XS0KriJ8
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 19:14:40 GMT
age: 91534
x-served-by: cache-dfw-kdfw8210042-DFW, cache-bma1672-BMA
x-cache: HIT, MISS
x-cache-hits: 54, 0
x-timer: S1670613280.768602,VS0,VE409
vary: Accept-Encoding
tracepoint: Fastly
content-length: 98472
X-Firefox-Spdy: h2
apps.elfsight.com/p/platform.js
104.26.6.107301 Moved Permanently 472 B URL HTTP/2 apps.elfsight.com/p/platform.js
IP 104.26.6.107:0
Hash 32f9ba3aefce7852b144eae83fd5e5a9
fd94d3adf8e74b41e159c770b0c14bc37287b1d1
dd680aea642522877f25ee8eecfed44dd42df06d706f191c955ef1980158a7fe
GET /p/platform.js HTTP/1.1
Host: apps.elfsight.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 09 Dec 2022 19:14:39 GMT
location: https://static.elfsight.com/platform/platform.js
cache-control: max-age=3600
expires: Fri, 09 Dec 2022 20:14:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12JioNBUlaeoYkzfpAIBB28u3LMhiNf%2BjfFaXEkbkGN0wFPFtVHB19Z6bqp19KAzBtGStaZ%2FyRmBF0U9PVuhZoVTGp7cxmUQZZKjUyN0H3Pnxu2ts%2BMh2sNOg7CrdiutgWyL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 777010a6fb1fb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.squarespace-cdn.com/content/v1/62be2633e9cdbe321dc30465/5747e740-48ef-4718-ba0e-914ca1dfe9c4/3.png?format=1500w
95.101.10.80200 OK 60 kB URL HTTP/1.1 images.squarespace-cdn.com/content/v1/62be2633e9cdbe321dc30465/5747e740-48ef-4718-ba0e-914ca1dfe9c4/3.png?format=1500w
IP 95.101.10.80:0
ASN #20940 Akamai International B.V.
File type PNG image data, 1500 x 225, 8-bit/color RGBA, non-interlaced\012- data
Hash 1227b87d431fe4e7f5fcff67b6f5e6e3
7c7a59998fa7ce12cfbf824554d8bd2b83b7b9e5
d362c8d66acb6e83612da155ea615498714d3908028af60e705cd38781ec2585
GET /content/v1/62be2633e9cdbe321dc30465/5747e740-48ef-4718-ba0e-914ca1dfe9c4/3.png?format=1500w HTTP/1.1
Host: images.squarespace-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Timing-allow-origin: *
Access-Control-Expose-Headers: Content-Length, Timing-Allow-Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
ETag: CMCLhu6l1vgCEAE=
Content-Length: 60326
Accept-Ranges: bytes
Cache-Control: max-age=604800
Date: Fri, 09 Dec 2022 19:14:40 GMT
Connection: keep-alive
Vary: "Accept-Encoding"
Tracepoint: "Akamai"
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:14:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c9208747f2926b414bae65ed0e18fac5
3b25f459b1fe1a63689880699450305a8aee8b77
2c5333a23ade630e8dd8242aa59e371fa2208e265c58916e6fa799683d53f196
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:14:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c9208747f2926b414bae65ed0e18fac5
3b25f459b1fe1a63689880699450305a8aee8b77
2c5333a23ade630e8dd8242aa59e371fa2208e265c58916e6fa799683d53f196
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:14:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
form.jotform.com/jsform/222364711945154
35.201.118.58200 OK 28 kB URL HTTP/2 form.jotform.com/jsform/222364711945154
IP 35.201.118.58:0
Hash 7999ff7bed06b25be2b9deffeb5b9463
a9866ed702d43a5d336d55775e65c0a7e71bd097
014b761d443f7092edec89c41bcede8d25740202804819c49194ce4f84bd0553
GET /jsform/222364711945154 HTTP/1.1
Host: form.jotform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: no-cache
cache-hit: 1
content-encoding: gzip
content-type: text/javascript; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: CacheX v2.1
vary: Accept-Encoding
date: Fri, 09 Dec 2022 19:14:39 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Hash 8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 20:09:28 GMT
expires: Thu, 07 Dec 2023 20:09:28 GMT
cache-control: public, max-age=31536000
age: 169512
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
216.58.207.227200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:11 GMT
expires: Sat, 09 Dec 2023 13:33:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
age: 20489
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1070feb712e69de3d00dcca0189301a0
1479115faa91354187041df16f63158f54294edc
16f5c29dd0c844264b0efc2d1ebbcee038d171a159713bf9e69143e02976f729
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "16F5C29DD0C844264B0EFC2D1EBBCEE038D171A159713BF9E69143E02976F729"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12411
Expires: Fri, 09 Dec 2022 22:41:31 GMT
Date: Fri, 09 Dec 2022 19:14:40 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1070feb712e69de3d00dcca0189301a0
1479115faa91354187041df16f63158f54294edc
16f5c29dd0c844264b0efc2d1ebbcee038d171a159713bf9e69143e02976f729
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "16F5C29DD0C844264B0EFC2D1EBBCEE038D171A159713BF9E69143E02976F729"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8415
Expires: Fri, 09 Dec 2022 21:34:55 GMT
Date: Fri, 09 Dec 2022 19:14:40 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1070feb712e69de3d00dcca0189301a0
1479115faa91354187041df16f63158f54294edc
16f5c29dd0c844264b0efc2d1ebbcee038d171a159713bf9e69143e02976f729
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "16F5C29DD0C844264B0EFC2D1EBBCEE038D171A159713BF9E69143E02976F729"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8476
Expires: Fri, 09 Dec 2022 21:35:56 GMT
Date: Fri, 09 Dec 2022 19:14:40 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1070feb712e69de3d00dcca0189301a0
1479115faa91354187041df16f63158f54294edc
16f5c29dd0c844264b0efc2d1ebbcee038d171a159713bf9e69143e02976f729
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "16F5C29DD0C844264B0EFC2D1EBBCEE038D171A159713BF9E69143E02976F729"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21033
Expires: Sat, 10 Dec 2022 01:05:13 GMT
Date: Fri, 09 Dec 2022 19:14:40 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1070feb712e69de3d00dcca0189301a0
1479115faa91354187041df16f63158f54294edc
16f5c29dd0c844264b0efc2d1ebbcee038d171a159713bf9e69143e02976f729
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "16F5C29DD0C844264B0EFC2D1EBBCEE038D171A159713BF9E69143E02976F729"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6803
Expires: Fri, 09 Dec 2022 21:08:03 GMT
Date: Fri, 09 Dec 2022 19:14:40 GMT
Connection: keep-alive
flexibilitycapital.com/api/1/performance/settings
198.49.23.144200 OK 53 B URL HTTP/2 flexibilitycapital.com/api/1/performance/settings
IP 198.49.23.144:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ef294d68df667fde65ff53818c96e64b
0c260ad6a63670c5950e71b8d44df7eb17c95463
1726088b9e3e1abefab1ee254b52b4b588cdd7115de876d0a4d5564e7f762e38
Analyzer Verdict Alert fortinet Phishing
GET /api/1/performance/settings HTTP/1.1
Host: flexibilitycapital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/mf/quick-apply?s=nbleads
Cookie: crumb=BVeIDvaU02prNzJmZGZiNDA3NTYxYjZmMzk1MTU2Y2YzMThlOTMy; _ga_HVJMBLJ363=GS1.1.1670613279.1.0.1670613279.0.0.0; _ga=GA1.1.137678478.1670613279
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Fri, 09 Dec 2022 19:14:40 GMT
server: Squarespace
vary: Accept-Encoding, User-Agent
x-contextid: V44tQdIp/CmTjzeL5
content-length: 53
X-Firefox-Spdy: h2
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/floating-cart.c99d90932cc9af8a4e24.js
151.101.0.238200 OK 286 B URL HTTP/2 static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/floating-cart.c99d90932cc9af8a4e24.js
IP 151.101.0.238:0
File type ASCII text, with very long lines (433), with no line terminators
Hash 5c162adb824fa6dc619e3ae37d6844ad
249c827264dd50b5c3cad8588f0fffcd5ab6187b
00c6d5d937aadb1d07288c235218ecd97f04efbef46fe275999c93a97fc74c6f
GET /static/vta/5c5a519771c10ba3470d8101/scripts/floating-cart.c99d90932cc9af8a4e24.js HTTP/1.1
Host: static1.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=94608000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
pragma: cache
server: Squarespace
timing-allow-origin: *
x-content-type-options: nosniff
x-contextid: qJZMjkFh/ik87YDso
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 19:14:40 GMT
age: 347456
x-served-by: cache-dfw-kdfw8210082-DFW, cache-bma1672-BMA
x-cache: HIT, HIT
x-cache-hits: 10, 21542
x-timer: S1670613281.681987,VS0,VE0
vary: Accept-Encoding
tracepoint: Fastly
content-length: 286
X-Firefox-Spdy: h2
assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-ded59447778e1491d87fa-min.en-US.js
151.101.0.237200 OK 4.2 kB URL HTTP/2 assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-ded59447778e1491d87fa-min.en-US.js
IP 151.101.0.237:0
Hash f2e731c222b19a0f6209718ff4db1b56
76f119833de331d2e440e80ba5d0788052e8c03d
576b06e72ebc78c74711d9f14670947cc00ef48db407c62c2c9fd77adf7a0531
GET /universal/scripts-compressed/common-vendors-stable-ded59447778e1491d87fa-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 22 Nov 2023 21:48:02 GMT
last-modified: Tue, 22 Nov 2022 21:08:15 GMT
etag: "a2aba54ac71d7b847b67a49a66957627"
content-type: text/javascript
content-encoding: br
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 19:14:39 GMT
age: 1459597
x-served-by: cache-iad-kjyo7100036-IAD, cache-bma1655-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 106103
x-timer: S1670613280.652706,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-length: 70636
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:14:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLm21lVF9eO.woff2
216.58.207.227200 OK 8.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLm21lVF9eO.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 8712, version 1.0\012- data
Hash 2c12ab3a0b1db8654af95a12a6320231
a3e7876a3bb8b3a8c38bc8dbef51b1140b51b38d
f0ae296f5c19db047491f1311d621ff18960b34cfa9cb07b69932a02ec298366
GET /s/poppins/v20/pxiDyp8kv8JHgFVrJJLm21lVF9eO.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 15:46:20 GMT
expires: Wed, 06 Dec 2023 15:46:20 GMT
cache-control: public, max-age=31536000
age: 271700
last-modified: Wed, 27 Apr 2022 16:05:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
flexibilitycapital.com/api/ui-extensions/script-registrations
198.49.23.144200 OK 328 B URL HTTP/2 flexibilitycapital.com/api/ui-extensions/script-registrations
IP 198.49.23.144:0
File type JSON data\012- , ASCII text, with very long lines (410), with no line terminators
Hash 81113add1e72932131d77b9ebc62b005
493d63f75e4031e10bd5fdf76b2b2e4b01d2a90e
3f63b06f7386049f2e3ea5fc3b3fa42a12485ffba71239b1840804cbe38386d4
Analyzer Verdict Alert fortinet Phishing
GET /api/ui-extensions/script-registrations HTTP/1.1
Host: flexibilitycapital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-CSRF-Token: BVeIDvaU02prNzJmZGZiNDA3NTYxYjZmMzk1MTU2Y2YzMThlOTMy
Connection: keep-alive
Referer: https://flexibilitycapital.com/mf/quick-apply?s=nbleads
Cookie: crumb=BVeIDvaU02prNzJmZGZiNDA3NTYxYjZmMzk1MTU2Y2YzMThlOTMy; _ga_HVJMBLJ363=GS1.1.1670613279.1.0.1670613279.0.0.0; _ga=GA1.1.137678478.1670613279
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json;charset=utf-8
date: Fri, 09 Dec 2022 19:14:40 GMT
server: Squarespace
strict-transport-security: max-age=43200
vary: Accept-Encoding, User-Agent
x-content-type-options: nosniff
x-contextid: V44tQdIp/JHd23Jlu
content-length: 328
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 09 Dec 2022 18:41:08 GMT
expires: Fri, 09 Dec 2022 20:41:08 GMT
cache-control: public, max-age=7200
age: 2012
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/raRVPOI4L3s
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/raRVPOI4L3s
IP 142.250.74.131:0
Hash 2bc196cca9eb8fb3401120a19dbe2a38
0e8f8883784f59acaf8c861b5835b961920015ac
8cd000d3bea8d6e9f07b4025fcbf23e93c598be2891739848736ed7e199fb562
POST /s/gts1d4/raRVPOI4L3s HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:14:40 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/raRVPOI4L3s
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/raRVPOI4L3s
IP 142.250.74.131:0
Hash 2bc196cca9eb8fb3401120a19dbe2a38
0e8f8883784f59acaf8c861b5835b961920015ac
8cd000d3bea8d6e9f07b4025fcbf23e93c598be2891739848736ed7e199fb562
POST /s/gts1d4/raRVPOI4L3s HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:14:40 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 101b88a5a141e4659cc3150b7ca565b6
898ea48b6bb3c316e651cb4bc6451be06c050ab9
5ae54f788fa6724f16af03528f24db2ecbbefd8e5fc9af7fb2a79551911ca09f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4927
Cache-Control: max-age=166814
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:14:40 GMT
Etag: "63935e7f-1d7"
Expires: Sun, 11 Dec 2022 17:34:54 GMT
Last-Modified: Fri, 09 Dec 2022 16:12:47 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
assets.squarespace.com/universal/scripts-compressed/announcement-bar-46646eb11221aa9d00811-min.en-US.js
151.101.0.237200 OK 17 kB URL HTTP/2 assets.squarespace.com/universal/scripts-compressed/announcement-bar-46646eb11221aa9d00811-min.en-US.js
IP 151.101.0.237:0
File type ASCII text, with very long lines (48294)
Hash 69a245bfaeeaac6e2df1438a19e5fe06
e754a4aa12bb060866a70aa94cb539e770135f33
d4ebdecc335521c1553054fc4cf19928a25d022e81128b73d15eb78a2b4cb326
GET /universal/scripts-compressed/announcement-bar-46646eb11221aa9d00811-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Tue, 05 Dec 2023 22:40:06 GMT
last-modified: Mon, 05 Dec 2022 21:54:53 GMT
etag: "69a245bfaeeaac6e2df1438a19e5fe06"
content-type: text/javascript
content-encoding: br
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 19:14:40 GMT
age: 333274
x-served-by: cache-iad-kjyo7100080-IAD, cache-bma1655-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1308
x-timer: S1670613281.829557,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-length: 16655
X-Firefox-Spdy: h2
edge.fullstory.com/s/fs.js
35.201.112.186200 OK 66 kB URL HTTP/2 edge.fullstory.com/s/fs.js
IP 35.201.112.186:0
File type ASCII text, with very long lines (65410)
Hash b3cc89ae11072c9ee7b443faa623e0e9
00a8279e679a5fb97dfc16860a1572094ff33f3b
0ac7e1b0178f6929b5aeb30c820f83a0101c6258415b280044955bad3974148c
GET /s/fs.js HTTP/1.1
Host: edge.fullstory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsjxLWgaYrGSn5U9YFVGFANlH3Cqy-FCHfHk2n3Uqj3CYdQjpBafQk3csXDnH-ESpW0BjfwKOuA0ibc7SSWVO-VPisE24PZ
x-goog-generation: 1667940125290071
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
x-goog-stored-content-length: 65803
content-encoding: br
x-goog-hash: crc32c=LkMtdQ==, md5=s8yJrhEHLJ7ntEP6piPg6Q==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 65803
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 09 Dec 2022 18:57:39 GMT
expires: Fri, 09 Dec 2022 19:57:39 GMT
cache-control: public, max-age=3600,no-transform
age: 1021
last-modified: Tue, 08 Nov 2022 20:42:05 GMT
etag: "b3cc89ae11072c9ee7b443faa623e0e9"
content-type: application/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4471
Expires: Fri, 09 Dec 2022 20:29:11 GMT
Date: Fri, 09 Dec 2022 19:14:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4471
Expires: Fri, 09 Dec 2022 20:29:11 GMT
Date: Fri, 09 Dec 2022 19:14:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4471
Expires: Fri, 09 Dec 2022 20:29:11 GMT
Date: Fri, 09 Dec 2022 19:14:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4471
Expires: Fri, 09 Dec 2022 20:29:11 GMT
Date: Fri, 09 Dec 2022 19:14:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nXaZ1pazAGWMI9GFYZjGlvVVIb8wX6feD0O8VpzjsL8F8l3mFmydAw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:59 GMT
age: 43241
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4471
Expires: Fri, 09 Dec 2022 20:29:11 GMT
Date: Fri, 09 Dec 2022 19:14:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:15 GMT
age: 43285
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
flexibilitycapital.com/api/census/RecordHit
198.49.23.144200 OK 17 B URL HTTP/2 flexibilitycapital.com/api/census/RecordHit
IP 198.49.23.144:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer Verdict Alert fortinet Phishing
POST /api/census/RecordHit HTTP/1.1
Host: flexibilitycapital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
X-CSRF-Token: BVeIDvaU02prNzJmZGZiNDA3NTYxYjZmMzk1MTU2Y2YzMThlOTMy
Content-Length: 821
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://flexibilitycapital.com/mf/quick-apply?s=nbleads
Cookie: crumb=BVeIDvaU02prNzJmZGZiNDA3NTYxYjZmMzk1MTU2Y2YzMThlOTMy; _ga_HVJMBLJ363=GS1.1.1670613279.1.0.1670613279.0.0.0; _ga=GA1.1.137678478.1670613279; ss_cvr=514d1a85-4c4f-49d3-aaf7-d371cb4cde5a|1670613279760|1670613279760|1670613279760|1; ss_cvt=1670613279760
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: application/json;charset=utf-8
date: Fri, 09 Dec 2022 19:14:40 GMT
server: Squarespace
strict-transport-security: max-age=43200
x-content-type-options: nosniff
x-contextid: V44tQdIp/qaREyQzM
content-length: 17
X-Firefox-Spdy: h2
flexibilitycapital.com/api/census/button-render
198.49.23.144200 OK 17 B URL HTTP/2 flexibilitycapital.com/api/census/button-render
IP 198.49.23.144:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer Verdict Alert fortinet Phishing
POST /api/census/button-render HTTP/1.1
Host: flexibilitycapital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-CSRF-Token: BVeIDvaU02prNzJmZGZiNDA3NTYxYjZmMzk1MTU2Y2YzMThlOTMy
Content-Length: 408
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://flexibilitycapital.com/mf/quick-apply?s=nbleads
Cookie: crumb=BVeIDvaU02prNzJmZGZiNDA3NTYxYjZmMzk1MTU2Y2YzMThlOTMy; _ga_HVJMBLJ363=GS1.1.1670613279.1.0.1670613279.0.0.0; _ga=GA1.1.137678478.1670613279; ss_cvr=514d1a85-4c4f-49d3-aaf7-d371cb4cde5a|1670613279760|1670613279760|1670613279760|1; ss_cvt=1670613279760
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: application/json;charset=utf-8
date: Fri, 09 Dec 2022 19:14:40 GMT
server: Squarespace
strict-transport-security: max-age=43200
x-content-type-options: nosniff
x-contextid: V44tQdIp/o953DcvV
content-length: 17
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/raRVPOI4L3s
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/raRVPOI4L3s
IP 142.250.74.131:0
Hash 2bc196cca9eb8fb3401120a19dbe2a38
0e8f8883784f59acaf8c861b5835b961920015ac
8cd000d3bea8d6e9f07b4025fcbf23e93c598be2891739848736ed7e199fb562
POST /s/gts1d4/raRVPOI4L3s HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:14:40 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dGxzuQ6zj6wXQbkBuKBnOKxwKJDHUyGoi7PgcugcpdX4QYruNiFxsQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:24 GMT
age: 76996
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
flexibilitycapital.com/api/census/button-render
198.49.23.144200 OK 17 B URL HTTP/2 flexibilitycapital.com/api/census/button-render
IP 198.49.23.144:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer Verdict Alert fortinet Phishing
POST /api/census/button-render HTTP/1.1
Host: flexibilitycapital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-CSRF-Token: BVeIDvaU02prNzJmZGZiNDA3NTYxYjZmMzk1MTU2Y2YzMThlOTMy
Content-Length: 408
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://flexibilitycapital.com/mf/quick-apply?s=nbleads
Cookie: crumb=BVeIDvaU02prNzJmZGZiNDA3NTYxYjZmMzk1MTU2Y2YzMThlOTMy; _ga_HVJMBLJ363=GS1.1.1670613279.1.0.1670613279.0.0.0; _ga=GA1.1.137678478.1670613279; ss_cvr=514d1a85-4c4f-49d3-aaf7-d371cb4cde5a|1670613279760|1670613279760|1670613279760|1; ss_cvt=1670613279760
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: application/json;charset=utf-8
date: Fri, 09 Dec 2022 19:14:40 GMT
server: Squarespace
strict-transport-security: max-age=43200
x-content-type-options: nosniff
x-contextid: V44tQdIp/WsTP9Nvy
content-length: 17
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.221.16200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.221.16:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: sS4Z4DcMAR8/A+x/u1EqMeM553qW7sfxHi1G9wegqnCfo38U5fDIXGGLnx5Onr+FlvcvAadhXxRMy+6znAdccQ==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 19:14:40 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:38:26 GMT
age: 56174
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
flexibilitycapital.com/api/census/button-render
198.49.23.144200 OK 17 B URL HTTP/2 flexibilitycapital.com/api/census/button-render
IP 198.49.23.144:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer Verdict Alert fortinet Phishing
POST /api/census/button-render HTTP/1.1
Host: flexibilitycapital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-CSRF-Token: BVeIDvaU02prNzJmZGZiNDA3NTYxYjZmMzk1MTU2Y2YzMThlOTMy
Content-Length: 406
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://flexibilitycapital.com/mf/quick-apply?s=nbleads
Cookie: crumb=BVeIDvaU02prNzJmZGZiNDA3NTYxYjZmMzk1MTU2Y2YzMThlOTMy; _ga_HVJMBLJ363=GS1.1.1670613279.1.0.1670613279.0.0.0; _ga=GA1.1.137678478.1670613279; ss_cvr=514d1a85-4c4f-49d3-aaf7-d371cb4cde5a|1670613279760|1670613279760|1670613279760|1; ss_cvt=1670613279760
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: application/json;charset=utf-8
date: Fri, 09 Dec 2022 19:14:40 GMT
server: Squarespace
strict-transport-security: max-age=43200
x-content-type-options: nosniff
x-contextid: V44tQdIp/AxT1EeKm
content-length: 17
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: swNGUcNy2i0w9UGe-EJhwslE01TzTC3rrDhLhVVxHyhWMGSC1uq0mA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:46:15 GMT
age: 52105
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 101b88a5a141e4659cc3150b7ca565b6
898ea48b6bb3c316e651cb4bc6451be06c050ab9
5ae54f788fa6724f16af03528f24db2ecbbefd8e5fc9af7fb2a79551911ca09f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4927
Cache-Control: max-age=166814
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 19:14:40 GMT
Etag: "63935e7f-1d7"
Expires: Sun, 11 Dec 2022 17:34:54 GMT
Last-Modified: Fri, 09 Dec 2022 16:12:47 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
region1.google-analytics.com/g/collect?v=2&tid=G-HVJMBLJ363>m=2oebu0&_p=1146777802&cid=137678478.1670613279&ul=en-us&sr=1280x1024&_s=1&sid=1670613279&sct=1&seg=0&dl=https%3A%2F%2Fflexibilitycapital.com%2Fmf%2Fquick-apply%3Fs%3Dnbleads&dt=Apply%20Now%20%E2%80%94%20Flexibility%20Capital&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-HVJMBLJ363>m=2oebu0&_p=1146777802&cid=137678478.1670613279&ul=en-us&sr=1280x1024&_s=1&sid=1670613279&sct=1&seg=0&dl=https%3A%2F%2Fflexibilitycapital.com%2Fmf%2Fquick-apply%3Fs%3Dnbleads&dt=Apply%20Now%20%E2%80%94%20Flexibility%20Capital&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HVJMBLJ363>m=2oebu0&_p=1146777802&cid=137678478.1670613279&ul=en-us&sr=1280x1024&_s=1&sid=1670613279&sct=1&seg=0&dl=https%3A%2F%2Fflexibilitycapital.com%2Fmf%2Fquick-apply%3Fs%3Dnbleads&dt=Apply%20Now%20%E2%80%94%20Flexibility%20Capital&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://flexibilitycapital.com
date: Fri, 09 Dec 2022 19:14:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
images.squarespace-cdn.com/content/v1/62be2633e9cdbe321dc30465/885a8ce9-f51c-4550-86d0-f4392ff44e78/favicon.ico?format=100w
95.101.10.80200 OK 4.5 kB URL HTTP/1.1 images.squarespace-cdn.com/content/v1/62be2633e9cdbe321dc30465/885a8ce9-f51c-4550-86d0-f4392ff44e78/favicon.ico?format=100w
IP 95.101.10.80:0
ASN #20940 Akamai International B.V.
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 812f9313a4cdd9dd00f7a728e18040cb
4de01671fe3ba15d4379ddf2d643023a0455acdd
76e271f192e8afa4914b0fc0276bebc745c5222c79dcbf85e057dbfc6fb3ea43
GET /content/v1/62be2633e9cdbe321dc30465/885a8ce9-f51c-4550-86d0-f4392ff44e78/favicon.ico?format=100w HTTP/1.1
Host: images.squarespace-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Timing-allow-origin: *
Access-Control-Expose-Headers: Content-Length, Timing-Allow-Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
ETag: CPHxhu3D8/gCEAE=
Content-Length: 4548
Accept-Ranges: bytes
Cache-Control: max-age=604771
Date: Fri, 09 Dec 2022 19:14:41 GMT
Connection: keep-alive
Vary: "Accept-Encoding"
Tracepoint: "Akamai"
images.squarespace-cdn.com/content/v1/62be2633e9cdbe321dc30465/91a3ce0a-5cd0-4e06-960e-5e2ed6842035/1.jpg?format=1500w
95.101.10.80200 OK 43 kB URL HTTP/1.1 images.squarespace-cdn.com/content/v1/62be2633e9cdbe321dc30465/91a3ce0a-5cd0-4e06-960e-5e2ed6842035/1.jpg?format=1500w
IP 95.101.10.80:0
ASN #20940 Akamai International B.V.
File type JPEG image data, progressive, precision 8, 1500x750, components 3\012- data
Hash 1e6945014d4b8619f9c5d7c92a40cce0
40350961803fba54f796d2ffe651525bdfdc8a76
9a70ccd757ab4a02cb79b264c65ed7a2013de86058be617673aa00e15675e7c6
GET /content/v1/62be2633e9cdbe321dc30465/91a3ce0a-5cd0-4e06-960e-5e2ed6842035/1.jpg?format=1500w HTTP/1.1
Host: images.squarespace-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Timing-allow-origin: *
Access-Control-Expose-Headers: Content-Length, Timing-Allow-Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
ETag: CNqFp66p1vgCEAE=
Content-Length: 43352
Accept-Ranges: bytes
Cache-Control: max-age=604800
Date: Fri, 09 Dec 2022 19:14:41 GMT
Connection: keep-alive
Vary: "Accept-Encoding"
Tracepoint: "Akamai"
images.squarespace-cdn.com/content/v1/62be2633e9cdbe321dc30465/f44efb43-81c4-4c1b-94ec-a41ac0966b85/Flex+Landing+Logo.png?format=750w
95.101.10.80200 OK 13 kB URL HTTP/1.1 images.squarespace-cdn.com/content/v1/62be2633e9cdbe321dc30465/f44efb43-81c4-4c1b-94ec-a41ac0966b85/Flex+Landing+Logo.png?format=750w
IP 95.101.10.80:0
ASN #20940 Akamai International B.V.
File type PNG image data, 750 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash e5160c9a6469b59e0b800691dd764106
a01a607eefef508174ac8047dbabd762b66023e5
91c9b26bf3c1e9a244451751921ac8e103795970a5c4c0e02b410e56b15f2675
GET /content/v1/62be2633e9cdbe321dc30465/f44efb43-81c4-4c1b-94ec-a41ac0966b85/Flex+Landing+Logo.png?format=750w HTTP/1.1
Host: images.squarespace-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Timing-allow-origin: *
Access-Control-Expose-Headers: Content-Length, Timing-Allow-Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
ETag: CK3+gsS3nvkCEAE=
Content-Length: 13289
Accept-Ranges: bytes
Cache-Control: max-age=604739
Date: Fri, 09 Dec 2022 19:14:41 GMT
Connection: keep-alive
Vary: "Accept-Encoding"
Tracepoint: "Akamai"
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e6ae43d2f350ebbc5f10ba6627baa4b4
26bbcd77da1c93dae0047394577e48439d704b98
b42b7eb413fbe08a299818725f3343bcd1565b9cfe3fa5d440477ef265c5ba36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B42B7EB413FBE08A299818725F3343BCD1565B9CFE3FA5D440477EF265C5BA36"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2251
Expires: Fri, 09 Dec 2022 19:52:12 GMT
Date: Fri, 09 Dec 2022 19:14:41 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash f77a0ab9dc59287c49e551277a3f523e
9bf6d0cb9f4996b3014d70b0aacef0b7cb1bf44f
98541e398292baabf163593cff5a10e4c8709746b628cdee078cf599f51ceb34
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 19:14:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Dec 2022 00:00:23 GMT
Expires: Thu, 15 Dec 2022 00:00:22 GMT
Etag: "9bf6d0cb9f4996b3014d70b0aacef0b7cb1bf44f"
Cache-Control: max-age=448540,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 777010b0fc141c02-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash f77a0ab9dc59287c49e551277a3f523e
9bf6d0cb9f4996b3014d70b0aacef0b7cb1bf44f
98541e398292baabf163593cff5a10e4c8709746b628cdee078cf599f51ceb34
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 19:14:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Dec 2022 00:00:23 GMT
Expires: Thu, 15 Dec 2022 00:00:22 GMT
Etag: "9bf6d0cb9f4996b3014d70b0aacef0b7cb1bf44f"
Cache-Control: max-age=448540,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 777010b0f9cc0b65-OSL
cdn03.jotfor.ms/css/styles/payment/payment_feature.css?3.3.37786
104.22.72.81200 OK 4.6 kB URL HTTP/2 cdn03.jotfor.ms/css/styles/payment/payment_feature.css?3.3.37786
IP 104.22.72.81:0
Hash 440adb84b554d3d3b56bb78c645c872c
59faf55123b6520cc28701409ea2f7c83f78479e
14e542b01b9a9cac6f11642910984fee1460d29e4672499e9768c277d1962517
GET /css/styles/payment/payment_feature.css?3.3.37786 HTTP/1.1
Host: cdn03.jotfor.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:14:40 GMT
content-type: text/css
last-modified: Thu, 24 Nov 2022 12:22:16 GMT
vary: Accept-Encoding
x-static: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT
etag: W/"637f61f8-55e7"
cache-control: max-age=3600
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 175640
server: cloudflare
cf-ray: 777010abebf89914-ARN
X-Firefox-Spdy: h2
app-widgets.jotform.io/termsConditions/?qid=98&ref=https%3A%2F%2Fflexibilitycapital.com&ndt=1&injectCSS=false
35.202.31.6200 OK 865 B URL HTTP/1.1 app-widgets.jotform.io/termsConditions/?qid=98&ref=https%3A%2F%2Fflexibilitycapital.com&ndt=1&injectCSS=false
IP 35.202.31.6:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c74c27a332a638518daf10edf3ad1b13
80ec4fd52abcdfb5fa50398fe9bb2f7535fa09c8
83ddb50dc2fd6a13f03211a2baedc4e0cb6ca19a471489462f2309aa95e36a0d
GET /termsConditions/?qid=98&ref=https%3A%2F%2Fflexibilitycapital.com&ndt=1&injectCSS=false HTTP/1.1
Host: app-widgets.jotform.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 19:14:41 GMT
Content-Type: text/html
Content-Length: 865
Last-Modified: Mon, 21 Nov 2022 06:59:18 GMT
Connection: close
ETag: "637b21c6-361"
Accept-Ranges: bytes
code.jquery.com/jquery-3.6.1.min.js
69.16.175.42200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.1.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65447)
Hash 2c8fb5f779970f005faea6e0f60c7e85
c9b676abdb36ea6ccf133eb7641236a7f53dd815
d14d28eea362f345cb56e1ae1244737768d80bc60dea930f308bde89dfa0c0f1
GET /jquery-3.6.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-widgets.jotform.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:14:41 GMT
content-encoding: gzip
content-length: 30957
content-type: application/javascript; charset=utf-8
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
accept-ranges: bytes
server: nginx
etag: W/"63090485-15e40"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670613281.dop219.sk1.t,1670613281.cds211.sk1.hn,1670613281.cds206.sk1.c
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=587833451703759&ev=PageView&dl=https%3A%2F%2Fflexibilitycapital.com%2Fmf%2Fquick-apply%3Fs%3Dnbleads&rl=&if=false&ts=1670613280556&sw=1280&sh=1024&v=2.9.89&r=stable&a=plsquarespace&ec=0&o=30&fbp=fb.1.1670613280555.368034743&it=1670613280017&coo=false&rqm=GET
157.240.221.35200 OK 1.8 kB URL HTTP/2 www.facebook.com/tr/?id=587833451703759&ev=PageView&dl=https%3A%2F%2Fflexibilitycapital.com%2Fmf%2Fquick-apply%3Fs%3Dnbleads&rl=&if=false&ts=1670613280556&sw=1280&sh=1024&v=2.9.89&r=stable&a=plsquarespace&ec=0&o=30&fbp=fb.1.1670613280555.368034743&it=1670613280017&coo=false&rqm=GET
IP 157.240.221.35:0
Hash 2834be533df5180b4bc5a3e25d425859
b935195e842cc174f6a42509475524752de32ece
8863524c1a0e7a7a3e5306b043ef1105348504665a5bf5a497fb2f833791e594
GET /tr/?id=587833451703759&ev=PageView&dl=https%3A%2F%2Fflexibilitycapital.com%2Fmf%2Fquick-apply%3Fs%3Dnbleads&rl=&if=false&ts=1670613280556&sw=1280&sh=1024&v=2.9.89&r=stable&a=plsquarespace&ec=0&o=30&fbp=fb.1.1670613280555.368034743&it=1670613280017&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 09 Dec 2022 19:14:41 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e6ae43d2f350ebbc5f10ba6627baa4b4
26bbcd77da1c93dae0047394577e48439d704b98
b42b7eb413fbe08a299818725f3343bcd1565b9cfe3fa5d440477ef265c5ba36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B42B7EB413FBE08A299818725F3343BCD1565B9CFE3FA5D440477EF265C5BA36"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2251
Expires: Fri, 09 Dec 2022 19:52:12 GMT
Date: Fri, 09 Dec 2022 19:14:41 GMT
Connection: keep-alive
cdn.weglot.com/weglot_squarespace-8.min.js?api_key=wg_cf00c652c7367b2043f264c01920c3c77
143.204.55.31200 OK 28 kB URL HTTP/2 cdn.weglot.com/weglot_squarespace-8.min.js?api_key=wg_cf00c652c7367b2043f264c01920c3c77
IP 143.204.55.31:0
File type Unicode text, UTF-8 text, with very long lines (65061), with no line terminators
Hash 3fe8403fb88b5ddb8e9dd56da0ee8ed3
fb4fecdc3b6cdc14e319e985a6b555b2cc862add
94a1e9cb5afa1bbc093861871439807ef05506502d8446bdd29d7484e233f710
GET /weglot_squarespace-8.min.js?api_key=wg_cf00c652c7367b2043f264c01920c3c77 HTTP/1.1
Host: cdn.weglot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 09 Dec 2022 13:22:07 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31104000
last-modified: Fri, 22 Jul 2022 11:31:09 GMT
x-amz-version-id: null
etag: W/"115b387d093d84ca25b5780df5723d3a"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bIDi5AWu7w4OXXJ4qJRt0wYxqjaN6hd3Kgb41LpdqB2t1sxYIZhftA==
age: 21155
X-Firefox-Spdy: h2
app-widgets.jotform.io/termsConditions/min/scripts.min.js?v=6c2b7fae868cffcfcdd30c49a3e4e2c6
35.202.31.6200 OK 3.3 kB URL HTTP/1.1 app-widgets.jotform.io/termsConditions/min/scripts.min.js?v=6c2b7fae868cffcfcdd30c49a3e4e2c6
IP 35.202.31.6:0
File type ASCII text, with very long lines (7564), with no line terminators
Hash 8e50c03b77a2f82f2803e6a1061e5453
021b3d9a9ad935b01ec0e7390ac763b7a5774595
e016032c23a1cfa5d8630783a68b76a2cc0de2afd76fd7d4ea99af7cc1ff9b49
GET /termsConditions/min/scripts.min.js?v=6c2b7fae868cffcfcdd30c49a3e4e2c6 HTTP/1.1
Host: app-widgets.jotform.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-widgets.jotform.io/termsConditions/?qid=99&ref=https%3A%2F%2Fflexibilitycapital.com&ndt=1&injectCSS=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 19:14:42 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 21 Nov 2022 06:59:18 GMT
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
ETag: W/"637b21c6-1d8c"
Content-Encoding: gzip
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 7227d0ed62631324cda23be955c9b2f5
c8222b4c486ba9568e6aa9c905c7e2878c667568
39e92645382ecc5f42c2f53d1bf42a143c680cffcddfbdbf16777eca2b84f331
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 19:14:42 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 23:47:39 GMT
Expires: Wed, 14 Dec 2022 23:47:38 GMT
Etag: "c8222b4c486ba9568e6aa9c905c7e2878c667568"
Cache-Control: max-age=447775,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 777010b66f940b65-OSL
cdn.jotfor.ms//js/errorNavigation.js?v=3.3.37786
104.22.72.81200 OK 2.1 kB URL HTTP/2 cdn.jotfor.ms//js/errorNavigation.js?v=3.3.37786
IP 104.22.72.81:0
Hash 2bd6623b97b97d75d3f802b9240884c9
0c7d57b9a7cdb4a584553970e65729fe534e0401
fef43e3cd1a0deadcd894eaa8098133f23ab2b5704118722eb713e4c6e71f8d6
GET //js/errorNavigation.js?v=3.3.37786 HTTP/1.1
Host: cdn.jotfor.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:14:40 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Nov 2022 12:22:16 GMT
vary: Accept-Encoding
x-static: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT
etag: W/"637f61f8-16c2"
cache-control: max-age=3600
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 359179
server: cloudflare
cf-ray: 777010ac5c6d9914-ARN
X-Firefox-Spdy: h2
edge.fullstory.com/s/settings/o-1EQXR1-na1/v1/web
35.201.112.186200 OK 3.8 kB URL HTTP/2 edge.fullstory.com/s/settings/o-1EQXR1-na1/v1/web
IP 35.201.112.186:0
File type JSON data\012- , ASCII text, with very long lines (52247)
Hash 163420a35828948802e347fa9ea4c734
26824a7437810517c812560a702f36aba4ca81b2
40f1d63e5fea7811b5787f74e84494593bb39a84602765027068dfc16a751c51
GET /s/settings/o-1EQXR1-na1/v1/web HTTP/1.1
Host: edge.fullstory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsf0ojJzpj1KSB82C0ZUEtf-nGYF3Uavs_HXnLg0bZyhdZ0Kj01ipRA3W2y34n6cdrxgLiXgRbJvIvVXhQpNSGeXA
x-goog-generation: 1670605385646677
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3775
content-encoding: gzip
x-goog-hash: crc32c=VDKXqg==, md5=FjQgo1golIgC40f6nqTHNA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 3775
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 09 Dec 2022 19:05:07 GMT
expires: Fri, 09 Dec 2022 19:20:07 GMT
cache-control: public,max-age=900,no-transform
age: 575
last-modified: Fri, 09 Dec 2022 17:03:05 GMT
etag: "163420a35828948802e347fa9ea4c734"
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
app-widgets.jotform.io/termsConditions/img/minimal.png
35.202.31.6200 OK 1.1 kB URL HTTP/1.1 app-widgets.jotform.io/termsConditions/img/minimal.png
IP 35.202.31.6:0
File type PNG image data, 200 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 5374dd98e677fe8171af180e2cd70fe2
afc5a9079dfab56dc21c16655f8c7ddb5ec45c99
2ec52d6497f27f697e161200fcc0dae3c20ba11c3322d2e2e9d0ad19355ea298
GET /termsConditions/img/minimal.png HTTP/1.1
Host: app-widgets.jotform.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-widgets.jotform.io/termsConditions/min/styles.min.css?v=6c2b7fae868cffcfcdd30c49a3e4e2c6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 19:14:42 GMT
Content-Type: image/png
Content-Length: 1114
Last-Modified: Tue, 07 Dec 2021 12:05:54 GMT
Connection: close
ETag: "61af4e22-45a"
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 7227d0ed62631324cda23be955c9b2f5
c8222b4c486ba9568e6aa9c905c7e2878c667568
39e92645382ecc5f42c2f53d1bf42a143c680cffcddfbdbf16777eca2b84f331
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 19:14:42 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 23:47:39 GMT
Expires: Wed, 14 Dec 2022 23:47:38 GMT
Etag: "c8222b4c486ba9568e6aa9c905c7e2878c667568"
Cache-Control: max-age=447775,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 777010b7c8f10b65-OSL
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:11 GMT
expires: Sat, 09 Dec 2023 13:33:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
age: 20491
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn01.jotfor.ms/js/vendor/maskedinput.min.js?v=3.3.37786
104.22.72.81200 OK 0 B URL HTTP/2 cdn01.jotfor.ms/js/vendor/maskedinput.min.js?v=3.3.37786
IP 104.22.72.81:0
GET /js/vendor/maskedinput.min.js?v=3.3.37786 HTTP/1.1
Host: cdn01.jotfor.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:14:40 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Nov 2022 12:22:17 GMT
vary: Accept-Encoding
x-static: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT
etag: W/"637f61f9-16e80"
cache-control: max-age=3600
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 359132
server: cloudflare
cf-ray: 777010abdbe49914-ARN
X-Firefox-Spdy: h2
assets.squarespace.com/universal/scripts-compressed/common-vendors-6fa50369cb7cdafa7a8e2-min.en-US.js
151.101.0.237200 OK 0 B URL HTTP/2 assets.squarespace.com/universal/scripts-compressed/common-vendors-6fa50369cb7cdafa7a8e2-min.en-US.js
IP 151.101.0.237:0
GET /universal/scripts-compressed/common-vendors-6fa50369cb7cdafa7a8e2-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 08 Dec 2023 18:28:27 GMT
last-modified: Thu, 08 Dec 2022 18:01:47 GMT
etag: "bfce3522d9091e54a31e342fbb184bcc"
content-type: text/javascript
content-encoding: br
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 Dec 2022 19:14:39 GMT
age: 89172
x-served-by: cache-iad-kcgs7200082-IAD, cache-bma1655-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 3674
x-timer: S1670613280.652641,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-length: 165590
X-Firefox-Spdy: h2
cdn01.jotfor.ms/themes/CSS/5e6b428acc8c4e222d1beb91.css?themeRevisionID=5f7ed99c2c2c7240ba580251
104.22.72.81200 OK 0 B URL HTTP/2 cdn01.jotfor.ms/themes/CSS/5e6b428acc8c4e222d1beb91.css?themeRevisionID=5f7ed99c2c2c7240ba580251
IP 104.22.72.81:0
GET /themes/CSS/5e6b428acc8c4e222d1beb91.css?themeRevisionID=5f7ed99c2c2c7240ba580251 HTTP/1.1
Host: cdn01.jotfor.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:14:40 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
expires: Thu, 01 Jan 1970 00:00:01 GMT
last-modified: Wed, 30 Nov 2022 08:49:21 GMT
cache-control: max-age=3600
pragma: no-cache
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
x-form-cache: MISS-APP
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 815119
server: cloudflare
cf-ray: 777010ac5c719914-ARN
X-Firefox-Spdy: h2
cdn02.jotfor.ms/static/jotform.forms.js?3.3.37786
104.22.72.81200 OK 0 B URL HTTP/2 cdn02.jotfor.ms/static/jotform.forms.js?3.3.37786
IP 104.22.72.81:0
GET /static/jotform.forms.js?3.3.37786 HTTP/1.1
Host: cdn02.jotfor.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:14:40 GMT
content-type: application/x-javascript
last-modified: Mon, 05 Dec 2022 15:24:51 GMT
vary: Accept-Encoding
etag: W/"638e0d43-886c8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 359204
server: cloudflare
cf-ray: 777010ac58531685-ARN
X-Firefox-Spdy: h2
cdn.jotfor.ms/fonts/inter/fonts/Inter-Regular.woff2
104.22.72.81200 OK 0 B URL HTTP/2 cdn.jotfor.ms/fonts/inter/fonts/Inter-Regular.woff2
IP 104.22.72.81:0
GET /fonts/inter/fonts/Inter-Regular.woff2 HTTP/1.1
Host: cdn.jotfor.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://cdn01.jotfor.ms/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:14:41 GMT
content-type: text/html
last-modified: Wed, 07 Dec 2022 07:51:17 GMT
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: HIT
age: 89730
server: cloudflare
cf-ray: 777010aedf4b9914-ARN
X-Firefox-Spdy: h2
service-reviews-ultimate.elfsight.com/data/reviews?uris%5B%5D=ChIJ90zT5VRYwokR3mkAW9hHQog&with_text_only=1&min_rating=5&page_length=100&order=date
104.26.6.107200 OK 0 B URL HTTP/2 service-reviews-ultimate.elfsight.com/data/reviews?uris%5B%5D=ChIJ90zT5VRYwokR3mkAW9hHQog&with_text_only=1&min_rating=5&page_length=100&order=date
IP 104.26.6.107:0
GET /data/reviews?uris%5B%5D=ChIJ90zT5VRYwokR3mkAW9hHQog&with_text_only=1&min_rating=5&page_length=100&order=date HTTP/1.1
Host: service-reviews-ultimate.elfsight.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flexibilitycapital.com/
Origin: https://flexibilitycapital.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:14:42 GMT
content-type: application/json
cf-ray: 777010b55b2b1bfe-OSL
access-control-allow-origin: https://flexibilitycapital.com
cache-control: no-cache, private
strict-transport-security: max-age=0
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
cf-apo-via: origin,host
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYNXaswtRL9BlMyI7k6bRPeAQ0QJ6MipH3IgQ9GSH3YTdOYBv8oO5VpWZopVzw5YxZfL93xaIxpc%2FLuvgZsgLtP1Y6TpTk1rrOh99QI3qhpKa4%2F9kBnd%2FhqzNNgF8gaD5YdiedWwFmqq68wrA1K0%2F3kvfhLYzAs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.weglot.com/projects-settings/cf00c652c7367b2043f264c01920c3c77.json
143.204.55.31200 OK 0 B URL HTTP/2 cdn.weglot.com/projects-settings/cf00c652c7367b2043f264c01920c3c77.json
IP 143.204.55.31:0
GET /projects-settings/cf00c652c7367b2043f264c01920c3c77.json HTTP/1.1
Host: cdn.weglot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flexibilitycapital.com/
Origin: https://flexibilitycapital.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Fri, 09 Dec 2022 13:22:08 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Fri, 29 Jul 2022 17:29:50 GMT
x-amz-version-id: null
etag: W/"e5d6f58208451cc90582ef12272c46c3"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Tw9gCCzcxqwVW2eex_LVZwxRv_YUPFtOB8CxAoPqpk6NRF6MOspLBw==
age: 21154
X-Firefox-Spdy: h2
rs.fullstory.com/rec/page
35.186.194.58200 OK 0 B URL HTTP/2 rs.fullstory.com/rec/page
IP 35.186.194.58:0
POST /rec/page HTTP/1.1
Host: rs.fullstory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 407
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://flexibilitycapital.com
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 09 Dec 2022 19:14:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.jotfor.ms/wizards/languageWizard/custom-dropdown/css/lang-dd.css?3.3.37786
104.22.72.81200 OK 0 B URL HTTP/2 cdn.jotfor.ms/wizards/languageWizard/custom-dropdown/css/lang-dd.css?3.3.37786
IP 104.22.72.81:0
GET /wizards/languageWizard/custom-dropdown/css/lang-dd.css?3.3.37786 HTTP/1.1
Host: cdn.jotfor.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:14:40 GMT
content-type: text/css
last-modified: Thu, 24 Nov 2022 12:22:18 GMT
vary: Accept-Encoding
x-static: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT
etag: W/"637f61fa-4069"
cache-control: max-age=3600
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 359251
server: cloudflare
cf-ray: 777010ac1c279914-ARN
X-Firefox-Spdy: h2
cdn.jotfor.ms//js/vendor/smoothscroll.min.js?v=3.3.37786
104.22.72.81200 OK 0 B URL HTTP/2 cdn.jotfor.ms//js/vendor/smoothscroll.min.js?v=3.3.37786
IP 104.22.72.81:0
GET //js/vendor/smoothscroll.min.js?v=3.3.37786 HTTP/1.1
Host: cdn.jotfor.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:14:40 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Nov 2022 12:22:17 GMT
vary: Accept-Encoding
x-static: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT
etag: W/"637f61f9-13c0"
cache-control: max-age=3600
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 359179
server: cloudflare
cf-ray: 777010ac5c729914-ARN
X-Firefox-Spdy: h2
www.datadoghq-browser-agent.com/datadog-logs-v4.js
54.230.217.110200 OK 0 B URL HTTP/2 www.datadoghq-browser-agent.com/datadog-logs-v4.js
IP 54.230.217.110:0
GET /datadog-logs-v4.js HTTP/1.1
Host: www.datadoghq-browser-agent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 06 Dec 2022 09:54:58 GMT
server: AmazonS3
content-encoding: br
date: Fri, 09 Dec 2022 19:14:21 GMT
cache-control: max-age=14400, s-maxage=60
etag: W/"cfa0c32c6bb26d3a1a92887dd5939579"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dFy8pMeYBthW6FtkobbvCdjUHaeRT-tld60Ru5JKfM7PASJWU68F6A==
age: 27
timing-allow-origin: *
X-Firefox-Spdy: h2
submit.jotform.co/server.php?action=getFormTranslations&formID=222364711945154&langCode=en
35.201.118.58200 OK 0 B URL HTTP/2 submit.jotform.co/server.php?action=getFormTranslations&formID=222364711945154&langCode=en
IP 35.201.118.58:0
GET /server.php?action=getFormTranslations&formID=222364711945154&langCode=en HTTP/1.1
Host: submit.jotform.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, text/html, application/xml, text/xml, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
X-Prototype-Version: 1.7
Origin: https://flexibilitycapital.com
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 19:14:42 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
expires: Thu, 01 Jan 1970 00:00:01 GMT
last-modified: Fri, 09 Dec 2022 19:14:42 GMT
cache-control: no-cache
pragma: no-cache
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
access-control-allow-origin: *
access-control-request-method: POST, OPTIONS, GET
access-control-allow-headers: X-Requested-With, X-Prototype-Version
access-control-expose-headers: Content-Length, X-JSON
x-form-cache: MISS-APP
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn02.jotfor.ms/js/vendor/jquery.maskedinput.min.js?v=3.3.37786
104.22.72.81200 OK 0 B URL HTTP/2 cdn02.jotfor.ms/js/vendor/jquery.maskedinput.min.js?v=3.3.37786
IP 104.22.72.81:0
GET /js/vendor/jquery.maskedinput.min.js?v=3.3.37786 HTTP/1.1
Host: cdn02.jotfor.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:14:40 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Nov 2022 12:22:17 GMT
vary: Accept-Encoding
x-static: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT
etag: W/"637f61f9-1124"
cache-control: max-age=3600
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 359132
server: cloudflare
cf-ray: 777010abdff61685-ARN
X-Firefox-Spdy: h2
cdn02.jotfor.ms/css/styles/payment/payment_styles.css?3.3.37786
104.22.72.81200 OK 0 B URL HTTP/2 cdn02.jotfor.ms/css/styles/payment/payment_styles.css?3.3.37786
IP 104.22.72.81:0
GET /css/styles/payment/payment_styles.css?3.3.37786 HTTP/1.1
Host: cdn02.jotfor.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:14:40 GMT
content-type: text/css
last-modified: Thu, 24 Nov 2022 12:22:16 GMT
vary: Accept-Encoding
x-static: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT
etag: W/"637f61f8-10973"
cache-control: max-age=3600
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 359179
server: cloudflare
cf-ray: 777010ac18211685-ARN
X-Firefox-Spdy: h2
cdn03.jotfor.ms/js/vendor/math-processor.js?v=3.3.37786
104.22.72.81200 OK 0 B URL HTTP/2 cdn03.jotfor.ms/js/vendor/math-processor.js?v=3.3.37786
IP 104.22.72.81:0
GET /js/vendor/math-processor.js?v=3.3.37786 HTTP/1.1
Host: cdn03.jotfor.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:14:40 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Nov 2022 12:22:17 GMT
vary: Accept-Encoding
x-static: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT
etag: W/"637f61f9-e5f"
cache-control: max-age=3600
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 358906
server: cloudflare
cf-ray: 777010ac3c4a9914-ARN
X-Firefox-Spdy: h2
cdn.jotfor.ms/js/formTranslation.v2.js?3.3.37786
104.22.72.81200 OK 0 B URL HTTP/2 cdn.jotfor.ms/js/formTranslation.v2.js?3.3.37786
IP 104.22.72.81:0
GET /js/formTranslation.v2.js?3.3.37786 HTTP/1.1
Host: cdn.jotfor.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:14:40 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Nov 2022 12:22:16 GMT
vary: Accept-Encoding
x-static: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT
etag: W/"637f61f8-e713"
cache-control: max-age=3600
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 359251
server: cloudflare
cf-ray: 777010ac4c679914-ARN
X-Firefox-Spdy: h2
cdn01.jotfor.ms/static/prototype.forms.js?3.3.37786
104.22.72.81200 OK 0 B URL HTTP/2 cdn01.jotfor.ms/static/prototype.forms.js?3.3.37786
IP 104.22.72.81:0
GET /static/prototype.forms.js?3.3.37786 HTTP/1.1
Host: cdn01.jotfor.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:14:40 GMT
content-type: application/x-javascript
last-modified: Mon, 05 Dec 2022 15:24:51 GMT
vary: Accept-Encoding
etag: W/"638e0d43-1f932"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 359204
server: cloudflare
cf-ray: 777010ac5c6a9914-ARN
X-Firefox-Spdy: h2
cdn03.jotfor.ms/js/vendor/jquery-1.8.0.min.js?v=3.3.37786
104.22.72.81200 OK 0 B URL HTTP/2 cdn03.jotfor.ms/js/vendor/jquery-1.8.0.min.js?v=3.3.37786
IP 104.22.72.81:0
GET /js/vendor/jquery-1.8.0.min.js?v=3.3.37786 HTTP/1.1
Host: cdn03.jotfor.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:14:40 GMT
content-type: application/x-javascript
last-modified: Thu, 24 Nov 2022 12:22:17 GMT
vary: Accept-Encoding
x-static: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT
etag: W/"637f61f9-16633"
cache-control: max-age=3600
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 358994
server: cloudflare
cf-ray: 777010ac5c819914-ARN
X-Firefox-Spdy: h2
js.jotform.com/vendor/postMessage.js?3.3.37786
104.23.133.11200 OK 0 B URL HTTP/2 js.jotform.com/vendor/postMessage.js?3.3.37786
IP 104.23.133.11:0
GET /vendor/postMessage.js?3.3.37786 HTTP/1.1
Host: js.jotform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:14:40 GMT
content-type: application/x-javascript
last-modified: Wed, 02 Feb 2022 10:51:54 GMT
vary: Accept-Encoding
etag: W/"61fa624a-16bd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
x-static: 1
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 777010ac2b21b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.weglot.com/weglot.min.css?v=4
143.204.55.31200 OK 0 B URL HTTP/2 cdn.weglot.com/weglot.min.css?v=4
IP 143.204.55.31:0
GET /weglot.min.css?v=4 HTTP/1.1
Host: cdn.weglot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flexibilitycapital.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
date: Thu, 01 Dec 2022 11:52:42 GMT
cache-control: max-age=2592000
last-modified: Wed, 30 Nov 2022 11:42:00 GMT
x-amz-version-id: null
etag: W/"b72cdd8118949f04803d561712cf0c5e"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aUJMQbNYjvEXTuXjg2WUzAudKfn0hdXlZdU6yK2-e0reCYMQ6JY1_Q==
age: 717720
X-Firefox-Spdy: h2
service-reviews-ultimate.elfsight.com/data/sources?uris%5B%5D=ChIJ90zT5VRYwokR3mkAW9hHQog
104.26.6.107200 OK 0 B URL HTTP/2 service-reviews-ultimate.elfsight.com/data/sources?uris%5B%5D=ChIJ90zT5VRYwokR3mkAW9hHQog
IP 104.26.6.107:0
GET /data/sources?uris%5B%5D=ChIJ90zT5VRYwokR3mkAW9hHQog HTTP/1.1
Host: service-reviews-ultimate.elfsight.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flexibilitycapital.com/
Origin: https://flexibilitycapital.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:14:42 GMT
content-type: application/json
cf-ray: 777010b55b281bfe-OSL
access-control-allow-origin: https://flexibilitycapital.com
cache-control: no-cache, private
strict-transport-security: max-age=0
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
cf-apo-via: origin,host
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCM8T%2Fe4%2BY%2FbgZO8nnZWaaYGW126ChLGIeo7yAW5AYKBbila%2BWXi8YsMMxNEWOnUec1iPTGofwqVeTOmSVUTrlW4mUESIUhBZPftNkW3gfg9OMU60xhBXGgI9NwfKAU5hOuqgrRX2juiKLMlgHjKWc2bPZpNMG4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jotfor.ms/themes/CSS/defaultV2.css
104.22.72.81200 OK 0 B URL HTTP/2 cdn.jotfor.ms/themes/CSS/defaultV2.css
IP 104.22.72.81:0
GET /themes/CSS/defaultV2.css HTTP/1.1
Host: cdn.jotfor.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-widgets.jotform.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 19:14:42 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
expires: Thu, 01 Jan 1970 00:00:01 GMT
last-modified: Wed, 30 Nov 2022 08:49:58 GMT
cache-control: max-age=3600
pragma: no-cache
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
x-form-cache: MISS-APP
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 815084
server: cloudflare
cf-ray: 777010b739559914-ARN
X-Firefox-Spdy: h2