r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3899
Expires: Tue, 31 Jan 2023 21:14:09 GMT
Date: Tue, 31 Jan 2023 20:09:10 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3468
Expires: Tue, 31 Jan 2023 21:06:58 GMT
Date: Tue, 31 Jan 2023 20:09:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 19:43:19 GMT
content-type: application/json
age: 1551
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7087
Expires: Tue, 31 Jan 2023 22:07:17 GMT
Date: Tue, 31 Jan 2023 20:09:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Q+axOKQjV6XE65Nod/C3P8uCHWpvsTkfydibVlKWVblM4/zbS2IJH47Ewwq26iupyMn3to4MQL4t9vhJxtTK7w==
x-amz-request-id: METXXSFZ0A4TG892
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 19:22:20 GMT
age: 2810
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:09:10 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
intuit.connect.com.do/?TRANSACTION_ID=Nx5D-2BL7321DQ
104.21.45.113301 Moved Permanently 162 B URL HTTP/1.1 intuit.connect.com.do/?TRANSACTION_ID=Nx5D-2BL7321DQ
IP 104.21.45.113:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET /?TRANSACTION_ID=Nx5D-2BL7321DQ HTTP/1.1
Host: intuit.connect.com.do
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 31 Jan 2023 20:09:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://intuit.connect.com.do/?TRANSACTION_ID=Nx5D-2BL7321DQ
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVEBuZvvR0R19B0iMJCHYhM8ZLM16icQys1osuy9Bwe%2FBLxzj5mnW9n7KwTlU7eZw0BFnU3wVBjz62LEaxEdnuXmh2T%2BH7r%2F1eiW69RN2vCDodcoIylxqojzCX%2FRfvLH0pz0%2FMMQBGo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 792515618edab512-OSL
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d84a37f05265147e32be140935dee74e
a78a852ee13a81c244e3e9f9580faaa78c32a124
3d2875e9fee681f3669b7be9d091cf540437d1d279f855166ad58029a4be93cf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3D2875E9FEE681F3669B7BE9D091CF540437D1D279F855166AD58029A4BE93CF"
Last-Modified: Tue, 31 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 01 Feb 2023 02:09:11 GMT
Date: Tue, 31 Jan 2023 20:09:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 19:41:42 GMT
age: 1649
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21504
Expires: Wed, 01 Feb 2023 02:07:35 GMT
Date: Tue, 31 Jan 2023 20:09:11 GMT
Connection: keep-alive
push.services.mozilla.com/
52.35.167.249101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.167.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EKIIyEmpdxWt96aGPUB1Lg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: P4YuDsYs0FYanmiWN5MikWDg2rY=
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d84a37f05265147e32be140935dee74e
a78a852ee13a81c244e3e9f9580faaa78c32a124
3d2875e9fee681f3669b7be9d091cf540437d1d279f855166ad58029a4be93cf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3D2875E9FEE681F3669B7BE9D091CF540437D1D279F855166AD58029A4BE93CF"
Last-Modified: Tue, 31 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Wed, 01 Feb 2023 02:09:11 GMT
Date: Tue, 31 Jan 2023 20:09:12 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c004ef398fc2138876eac9e202e6e7c9
9b695108fe043113ee8dc3369be58234f1a73323
ab71d4c6d64f3c7a0114070414615b26843c22de34b0f04c9ad932ca112031c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c004ef398fc2138876eac9e202e6e7c9
9b695108fe043113ee8dc3369be58234f1a73323
ab71d4c6d64f3c7a0114070414615b26843c22de34b0f04c9ad932ca112031c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=DC-11006105&l=dataLayer&cx=c
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-11006105&l=dataLayer&cx=c
IP 142.250.74.40:0
File type ASCII text, with very long lines (1759)
Hash 364f78091edd93e8e60085bcfae03b96
c2805e98e97b0c4555e68da3014be2e97feb480f
79d638e54cfa05a426df6bc34a44726a245fceeff1f41b77391a1326524fcc58
GET /gtag/js?id=DC-11006105&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 31 Jan 2023 20:09:12 GMT
expires: Tue, 31 Jan 2023 20:09:12 GMT
cache-control: private, max-age=900
last-modified: Tue, 31 Jan 2023 18:21:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44368
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=DC-9540830&l=dataLayer&cx=c
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-9540830&l=dataLayer&cx=c
IP 142.250.74.40:0
File type ASCII text, with very long lines (1759)
Hash 1afa9dc1c00a8fe35901fc09a996a9e5
703e2ca2b33ac74a8a8a50cc837b27065e8db9ca
5eab664f9c90b4b7aa469aa822586265455236c2ab2538be7f31eaf973b59706
GET /gtag/js?id=DC-9540830&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 31 Jan 2023 20:09:12 GMT
expires: Tue, 31 Jan 2023 20:09:12 GMT
cache-control: private, max-age=900
last-modified: Tue, 31 Jan 2023 18:21:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44333
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c004ef398fc2138876eac9e202e6e7c9
9b695108fe043113ee8dc3369be58234f1a73323
ab71d4c6d64f3c7a0114070414615b26843c22de34b0f04c9ad932ca112031c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-951424056&l=dataLayer&cx=c
142.250.74.40200 OK 51 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-951424056&l=dataLayer&cx=c
IP 142.250.74.40:0
File type ASCII text, with very long lines (1759)
Hash 0f71b1819c4a2eda88d6dc996f4191a0
4bfb13df780325bf3d4da38403c91fc8db710a67
abd997bcca6b25f64cce66e4f7bea18fb9f68c5a9ec33f20b478cad6b18c3d0e
GET /gtag/js?id=AW-951424056&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 31 Jan 2023 20:09:12 GMT
expires: Tue, 31 Jan 2023 20:09:12 GMT
cache-control: private, max-age=900
last-modified: Tue, 31 Jan 2023 18:21:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50856
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-1030811807
142.250.74.40200 OK 65 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-1030811807
IP 142.250.74.40:0
File type ASCII text, with very long lines (2918)
Hash 5327f2d1c9a56136e8f3a8784cb327a2
31aacb8fbe98a3e24f94da9af195a673b9f4b250
852450f7997de0268409f4669f069ea6d4d1e10d6e95d7ddc377cf55c9830d7b
GET /gtag/js?id=AW-1030811807 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 31 Jan 2023 20:09:12 GMT
expires: Tue, 31 Jan 2023 20:09:12 GMT
cache-control: private, max-age=900
last-modified: Tue, 31 Jan 2023 18:21:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64913
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
uxfabric.intuitcdn.net/gdpr-widget/2.4.10/gdpr-widget-fr-fr.js
54.230.111.98200 OK 66 kB URL HTTP/2 uxfabric.intuitcdn.net/gdpr-widget/2.4.10/gdpr-widget-fr-fr.js
IP 54.230.111.98:0
File type Unicode text, UTF-8 text, with very long lines (65453), with no line terminators
Hash 88321c79590224cd0b54abc81673fae0
7ff1a21307c7a2822ed70e47ef0f12012b3cf070
55c764ea98eb40f4b1f45831815486a6b97a45c2348905978358f46a11a48208
GET /gdpr-widget/2.4.10/gdpr-widget-fr-fr.js HTTP/1.1
Host: uxfabric.intuitcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 65924
date: Thu, 19 Jan 2023 04:37:35 GMT
last-modified: Tue, 26 Oct 2021 14:44:17 GMT
etag: "88321c79590224cd0b54abc81673fae0"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-meta-version: 2.4.10
x-amz-meta-module: @sbgm/gdpr-widget
x-amz-meta-type: unknown
x-amz-meta-slug: gdpr-widget/2.4.10
x-amz-meta-id: gdpr-widget
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
cache-control: public, max-age=31536000, immutable
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KvUeQmhfBoxrU2ySWmnPtUF1nnz5tFPICg0UlIQ4O8MG5WO3Mnqfjg==
age: 1092698
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a020dc4392d21164975708fee48e1684
0ea0a6d85ab6c7f6c06c80bf92c075206aa7dc6f
0a6c07226a29124e2f8df1ca0ada8ed002902dce9b34d82bfb6505d72effc592
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2187
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:12 GMT
Etag: "63d87eb9-1d7"
Last-Modified: Tue, 31 Jan 2023 19:32:45 GMT
Server: ECS (amb/6BBB)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a020dc4392d21164975708fee48e1684
0ea0a6d85ab6c7f6c06c80bf92c075206aa7dc6f
0a6c07226a29124e2f8df1ca0ada8ed002902dce9b34d82bfb6505d72effc592
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:12 GMT
Etag: "63d87eb9-1d7"
Server: ECS (amb/6BC5)
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a020dc4392d21164975708fee48e1684
0ea0a6d85ab6c7f6c06c80bf92c075206aa7dc6f
0a6c07226a29124e2f8df1ca0ada8ed002902dce9b34d82bfb6505d72effc592
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=109649
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:12 GMT
Etag: "63d87eb9-1d7"
Expires: Thu, 02 Feb 2023 02:36:41 GMT
Last-Modified: Tue, 31 Jan 2023 02:36:41 GMT
Server: nginx
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ce69a808b38e78057255d1f67ec3ca92
9eef4657d47231ac6ed4e7e1e1cca18c03ab5683
f527d48f14a81e9e42060a9d4167b37c2febd9c46a576e68c4329a22059c2304
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F527D48F14A81E9E42060A9D4167B37C2FEBD9C46A576E68C4329A22059C2304"
Last-Modified: Mon, 30 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9393
Expires: Tue, 31 Jan 2023 22:45:45 GMT
Date: Tue, 31 Jan 2023 20:09:12 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 377aa97f780c5dea61169e5bdd375286
23eeeea5ead99f39bb0630a28d9504d75d8b7ad9
c232418579a451791033c24421432396adf802df4e5c9fb094c7f8c434fde63e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C232418579A451791033C24421432396ADF802DF4E5C9FB094C7F8C434FDE63E"
Last-Modified: Tue, 31 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9465
Expires: Tue, 31 Jan 2023 22:46:57 GMT
Date: Tue, 31 Jan 2023 20:09:12 GMT
Connection: keep-alive
quickbooks-2.leadsmonitor.io/lm.js
178.33.237.231200 OK 1.0 kB URL HTTP/1.1 quickbooks-2.leadsmonitor.io/lm.js
IP 178.33.237.231:0
File type ASCII text, with CRLF line terminators
Hash d5129b01a1a8975ba620a56ffc257b4e
6a11459c0341fe55cb2cd35c607cc76be91abead
0ebcb1bc925e3716712bc4ec3c613d0aac6f280599f6fa036c4f2a8503f01ef7
GET /lm.js HTTP/1.1
Host: quickbooks-2.leadsmonitor.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:09:12 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 25 Nov 2021 11:36:38 GMT
ETag: "bc1-5d19b633fe8ff-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1013
Connection: close
Content-Type: application/javascript
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 640182cd88bc062aa6aa7b685bb08771
2416b3be92b631d41d85b9c17e2a82996f490ebe
38a65f94d5b637f637f2339190671917ae2c665b85e08a3dedd380aaa9a23508
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "38A65F94D5B637F637F2339190671917AE2C665B85E08A3DEDD380AAA9A23508"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 01 Feb 2023 02:09:12 GMT
Date: Tue, 31 Jan 2023 20:09:12 GMT
Connection: keep-alive
quickbooks-1.leadsmonitor.io/track.js
152.228.220.47200 OK 873 B URL HTTP/1.1 quickbooks-1.leadsmonitor.io/track.js
IP 152.228.220.47:0
Hash 90eefcde5bcd8ab4388b7bf507dd0140
00582b4b9a58c9d2b8f89432bbccea3b426570f9
ca4be8e6e2afd537131fd99abd10e9966a9901f753afac06978bc7feadd2009a
GET /track.js HTTP/1.1
Host: quickbooks-1.leadsmonitor.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:09:12 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 09 Dec 2021 13:38:32 GMT
ETag: "b3e-5d2b6b8f63d1d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 873
Connection: close
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 129d42cb5b00871dbd48139cf540ad68
938e48854b04e91663cfca20f2eeb0873a7ac5ad
7b12028a3934e2e97df861751a51380cc9ea11937d43d20ab618c70d3416929d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:12 GMT
Etag: "63d796b2-1d7"
Server: ECS (amb/6BA4)
Content-Length: 471
quickbooks-2.leadsmonitor.io/track.js
178.33.237.231200 OK 884 B URL HTTP/1.1 quickbooks-2.leadsmonitor.io/track.js
IP 178.33.237.231:0
File type ASCII text, with CRLF line terminators
Hash 7c48052381fb887904441d0d2ad64d67
36bac4a1276b929b93cf5526636dbebab3d5e5ba
8568d31fae271002f6f29b498465e2888a13e657eaf8910721c61bda97d10d5e
GET /track.js HTTP/1.1
Host: quickbooks-2.leadsmonitor.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:09:12 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 25 Nov 2021 11:36:57 GMT
ETag: "b8b-5d19b64562adf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 884
Connection: close
Content-Type: application/javascript
quickbooks.intuit.com/qbmds-components/scripts/third-party/decibel/13878/337541/di-1.0.0.js
184.86.49.159200 OK 56 kB URL HTTP/2 quickbooks.intuit.com/qbmds-components/scripts/third-party/decibel/13878/337541/di-1.0.0.js
IP 184.86.49.159:0
File type ASCII text, with very long lines (32009)
Hash b87a207b9b340458c182db132920adee
2d8ce87961e78149b6aa13267ef54b632d84ad3a
0d13a39163b6be92f42d470faa0a56a24f9c525ae3a89ee76907003444e715c8
GET /qbmds-components/scripts/third-party/decibel/13878/337541/di-1.0.0.js HTTP/1.1
Host: quickbooks.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 11 Aug 2021 19:29:49 GMT
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
etag: W/"76557cf99de5cfa3b35d91f3c225ca80"
vary: Accept-Encoding
x-amz-cf-pop: DFW56-P8
x-amz-cf-id: tdqhvtA33rpkq2UO4MV2CTxPA_5sIzRI983FM_EHWa_tTzdH1pTAYg==
content-length: 56516
cache-control: max-age=687
date: Tue, 31 Jan 2023 20:09:12 GMT
set-cookie: akid=gip184.86.49.159_gsip23.73.5.142_clip91.90.42.154_rclip91.90.42.154; path=/; domain=.intuit.com
AKES_GEO=NO~; path=/; domain=.intuit.com; secure
x-rl: Trail
x-frame-options: SAMEORIGIN
x-org: WP_GUT_QBMDS_COMPONENTS
content-security-policy: frame-ancestors 'self' *.intuit.com
x-content-type-options: nosniff
X-Firefox-Spdy: h2
afp.intuit.com/r37n5l71uapuli5z.js?6ld84c5zoe476r7f=v60nf4oj&2hhir8frumh2i7km=EEFC0EB43129486EE9181B4214BB4BDE
91.235.133.106200 OK 13 kB URL HTTP/1.1 afp.intuit.com/r37n5l71uapuli5z.js?6ld84c5zoe476r7f=v60nf4oj&2hhir8frumh2i7km=EEFC0EB43129486EE9181B4214BB4BDE
IP 91.235.133.106:0
File type ASCII text, with very long lines (15506)
Hash 4f6605c62591c0d6a4a86d8a40d13aff
d893b3017d81b027ed906a9fff40d87641efc3e7
ce3181e9271a5ca7b5917d63f5e0852fb199447c3431bb57ae4a1c6454aca6e9
GET /r37n5l71uapuli5z.js?6ld84c5zoe476r7f=v60nf4oj&2hhir8frumh2i7km=EEFC0EB43129486EE9181B4214BB4BDE HTTP/1.1
Host: afp.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:09:12 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP=IVAa PSAa
Set-Cookie: thx_guid=ac0626f934da70bf1f9b9e8d5512c763; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure; SameSite=None;
tmx_guid=AAz3pnG_vhfU_WsMtRkS65jEC9BBAKz0y_HgFl9XjcBYr8sumT_K28Vx2yi58pBS6aOJpkLlO9fNQIMkuVlxTFV0BnH8Wg; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure; SameSite=None;
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
accounts.intuit.com/IUS-Plugins/v2/scripts/fr_fr/ius-core.js
104.110.25.45200 OK 254 kB URL HTTP/2 accounts.intuit.com/IUS-Plugins/v2/scripts/fr_fr/ius-core.js
IP 104.110.25.45:0
File type ASCII text, with very long lines (65470)
Size 254 kB (254023 bytes)
Hash f8d3b0fed740cd0ef65354fe9bd64e36
6b3d86ba84956efb75b8a94c1ca55a957b025fd3
9db6ee5b1180d3ef2abda1b489caf44cc62546382bea7d5be15b38587d9b35ab
GET /IUS-Plugins/v2/scripts/fr_fr/ius-core.js HTTP/1.1
Host: accounts.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Jan 2023 22:10:15 GMT
etag: W/"604194726b00aec24b13963ececaa295"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-server-side-encryption: AES256
x-amz-meta-version: 1.392.6-apr.3800.b.4
x-amz-meta-module: identity-authn-core-ui
x-amz-meta-type: plugin
x-amz-meta-slug: identity-authn-core-ui/1.392.6-apr.3800.b.4
x-amz-meta-id: identity-authn-core-ui
server: AmazonS3
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-cf-pop: ORD53-C3
x-amz-cf-id: HgOztWWCk5Oy22gXWydMOmhHYwgT-G2YHRzLFRd8Bq_xsPwt5KVUQw==
timing-allow-origin: *, *
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-methods: GET
x-origin-src: uxf
content-encoding: br
content-length: 254023
expires: Tue, 31 Jan 2023 20:09:12 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Tue, 31 Jan 2023 20:09:12 GMT
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=52, origin; dur=12
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9503c526755fe1320c8413a74d6d9b89
28dfdc7f4423ace079b484eaab207fc05b0da0a9
ccdccadb47bd195782085043e9a5454cf631c3927b3da8ff3d6ea034b2a4ec6e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5677
Cache-Control: max-age=143431
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:12 GMT
Etag: "63d8ec82-1d7"
Expires: Thu, 02 Feb 2023 11:59:43 GMT
Last-Modified: Tue, 31 Jan 2023 10:25:06 GMT
Server: ECS (amb/6BC5)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ba0a5a019f68de808d546b25f5f1afd9
33c3d1972b2d517029bab1e749ee1374300491d9
edfd8175f0da704eb77840543eb2913a223a94107e3c4adb2bf30b8bda9fe991
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5501
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:12 GMT
Last-Modified: Tue, 31 Jan 2023 18:37:31 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=969430F0543F253D0A4C98C6%40AdobeOrg&d_nsid=5&ts=1675195770843
34.255.210.6302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=969430F0543F253D0A4C98C6%40AdobeOrg&d_nsid=5&ts=1675195770843
IP 34.255.210.6:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=969430F0543F253D0A4C98C6%40AdobeOrg&d_nsid=5&ts=1675195770843 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://intuit.connect.com.do
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://intuit.connect.com.do
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0687cfe76.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=969430F0543F253D0A4C98C6%40AdobeOrg&d_nsid=5&ts=1675195770843
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=02128012751734229432296454843705078639; Max-Age=15552000; Expires=Sun, 30 Jul 2023 20:09:12 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: ko3rFfjOQwA=
Content-Length: 0
Connection: keep-alive
cdn.websdk.intuit.com/js/cdc_lib_min_1.10.12.js
54.230.111.31200 OK 27 kB URL HTTP/2 cdn.websdk.intuit.com/js/cdc_lib_min_1.10.12.js
IP 54.230.111.31:0
File type ASCII text, with very long lines (65456)
Hash d0a2eed9c1241f190932551809e886ed
522adededb032b80628ac50491e142b28495f2cb
fe6f34a11415c88144ee80b6219db184fc9a030b6ca0cadeb30e2dda7e480921
GET /js/cdc_lib_min_1.10.12.js HTTP/1.1
Host: cdn.websdk.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 30 Jan 2023 22:05:52 GMT
last-modified: Wed, 22 Jan 2020 22:51:33 GMT
etag: W/"055b08a6722d6a5c74bce4faaf7362c6"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 79luA5BKiOUA5KLxMjRkslV93MJXNw73IOA3sQ-TvOLz2su5kxpu2w==
age: 79401
X-Firefox-Spdy: h2
accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
104.110.25.45200 OK 254 kB URL HTTP/2 accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
IP 104.110.25.45:0
File type ASCII text, with very long lines (65470)
Size 254 kB (254023 bytes)
Hash f8d3b0fed740cd0ef65354fe9bd64e36
6b3d86ba84956efb75b8a94c1ca55a957b025fd3
9db6ee5b1180d3ef2abda1b489caf44cc62546382bea7d5be15b38587d9b35ab
GET /IUS-Plugins/v2/scripts/en_us/ius-core.js HTTP/1.1
Host: accounts.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Jan 2023 21:00:30 GMT
etag: W/"604194726b00aec24b13963ececaa295"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-server-side-encryption: AES256
x-amz-meta-version: 1.392.6-apr.3800.b.4
x-amz-meta-module: identity-authn-core-ui
x-amz-meta-type: plugin
x-amz-meta-slug: identity-authn-core-ui/1.392.6-apr.3800.b.4
x-amz-meta-id: identity-authn-core-ui
server: AmazonS3
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD79-C1
x-amz-cf-id: pMNOhxiHXhjmFBN4JxIXTGHHQSQFcRssptO1BfBAeZtfTlQa1GqkHQ==
timing-allow-origin: *, *
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-methods: GET
x-origin-src: uxf
vary: Accept-Encoding
content-encoding: br
expires: Tue, 31 Jan 2023 20:09:12 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Tue, 31 Jan 2023 20:09:12 GMT
content-length: 254023
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-origin: *
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/intuit/sbseg-fr/prod/utag.65.js?utv=ut4.47.202203101830
2.18.173.203200 OK 3.1 kB URL HTTP/2 tags.tiqcdn.com/utag/intuit/sbseg-fr/prod/utag.65.js?utv=ut4.47.202203101830
IP 2.18.173.203:0
File type ASCII text, with very long lines (1152)
Hash 63528bafa6af627de0abce56d8afb00d
518027b602b04d4044c7ebcb0fb4f196c1a4c70d
eef3aa10b5d7118425c9d71ed0b48784061b00b85d60d3a5c71f9b2630a892b5
GET /utag/intuit/sbseg-fr/prod/utag.65.js?utv=ut4.47.202203101830 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "418472244f0f2c52122e4fa2c1eb9901:1646937013.137165"
last-modified: Thu, 10 Mar 2022 18:30:13 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Wed, 15 Feb 2023 20:09:12 GMT
date: Tue, 31 Jan 2023 20:09:12 GMT
content-length: 3114
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/intuit/sbseg-fr/prod/utag.17.js?utv=ut4.47.202106081804
2.18.173.203200 OK 4.3 kB URL HTTP/2 tags.tiqcdn.com/utag/intuit/sbseg-fr/prod/utag.17.js?utv=ut4.47.202106081804
IP 2.18.173.203:0
Hash 67bb63e76195b3d406c1017d6c54b07a
bf05ee55fec46a17dd0c562fef10e69f6e65ca61
37b3ddbd2daf60f3b002b13d6f2208a93b2396a41f1f299b978b745a4b21df73
GET /utag/intuit/sbseg-fr/prod/utag.17.js?utv=ut4.47.202106081804 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "555ddce2558a926bad4b6631200a2470:1623175456.056651"
last-modified: Tue, 08 Jun 2021 18:04:16 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Wed, 15 Feb 2023 20:09:12 GMT
date: Tue, 31 Jan 2023 20:09:12 GMT
content-length: 3888
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/intuit/sbseg-fr/prod/utag.47.js?utv=ut4.47.202205091441
2.18.173.203200 OK 1.6 kB URL HTTP/2 tags.tiqcdn.com/utag/intuit/sbseg-fr/prod/utag.47.js?utv=ut4.47.202205091441
IP 2.18.173.203:0
File type ASCII text, with very long lines (995)
Hash 0277afd12496913ec739024b48a2cd6d
c8734c1fb1e9c02cb024375eecb7a35cffaac253
1d5663c652b2e905d7b1d395311ccae6285bd2e6da295116d13827d9eb14f9f4
GET /utag/intuit/sbseg-fr/prod/utag.47.js?utv=ut4.47.202205091441 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "73381be202599679e00814df305147ed:1652107332.35827"
last-modified: Mon, 09 May 2022 14:42:12 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Wed, 15 Feb 2023 20:09:12 GMT
date: Tue, 31 Jan 2023 20:09:12 GMT
content-length: 1632
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/intuit/sbseg-fr/prod/utag.62.js?utv=ut4.47.202202071702
2.18.173.203200 OK 3.4 kB URL HTTP/2 tags.tiqcdn.com/utag/intuit/sbseg-fr/prod/utag.62.js?utv=ut4.47.202202071702
IP 2.18.173.203:0
File type ASCII text, with very long lines (3334)
Hash 4af7b1b7195f65335c5002068f02494a
d4638839bac51081100dd4a9d74daef9cc836925
3da76d973f20723ba800a1244768b53810dee9693223f49251103d89cbd34cad
GET /utag/intuit/sbseg-fr/prod/utag.62.js?utv=ut4.47.202202071702 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7e82c98af52aa011e6a09999bfabd35b:1644253335.297915"
last-modified: Mon, 07 Feb 2022 17:02:15 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Wed, 15 Feb 2023 20:09:12 GMT
date: Tue, 31 Jan 2023 20:09:12 GMT
content-length: 3350
X-Firefox-Spdy: h2
uxfabric.intuitcdn.net/analytics/202209072322/track-event-lib.min.js
54.230.111.98200 OK 70 kB URL HTTP/2 uxfabric.intuitcdn.net/analytics/202209072322/track-event-lib.min.js
IP 54.230.111.98:0
File type ASCII text, with very long lines (65459)
Hash dbd7bb3c9964930f53f9ff4256fd4a58
a5996db0fa1a318514ba6021c0a5af07c0a389d1
f8db826bc31b89bacdd5767971f4e4f938d9dc205f1cee2ac8009a8fa264bacb
GET /analytics/202209072322/track-event-lib.min.js HTTP/1.1
Host: uxfabric.intuitcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 02:23:56 GMT
last-modified: Wed, 07 Sep 2022 23:29:23 GMT
etag: W/"bc8aa798bd0ae8abef51b6ba5e4f36a4"
x-amz-storage-class: INTELLIGENT_TIERING
server: AmazonS3
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YNcIyAAKYRCp_wfQSWPmIfvvYIRdNbnm0HQyFMWVTcEs1I7yFR0VYw==
age: 1187117
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a327176edf538c07784f9b0da660c22d
4a56cfcac291dfe1cc177bd3eff976f106731834
aae92a95f747be0bca6982ed7e3e58af8ac74ff69c799b55046ab38474e149dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tags.tiqcdn.com/utag/intuit/sbseg-fr/prod/utag.73.js?utv=ut4.47.202211171940
2.18.173.203200 OK 7.1 kB URL HTTP/2 tags.tiqcdn.com/utag/intuit/sbseg-fr/prod/utag.73.js?utv=ut4.47.202211171940
IP 2.18.173.203:0
File type ASCII text, with very long lines (2654)
Hash 83c4e033c4dfd2f48336b92708d61155
eabd8a4e452bf0abe8dcd7ac6c73ecfa234ca4a6
f461121199a4ae0be2f4dac693d1f34f3dd54e501f6ac421ee6234f48d2befcb
GET /utag/intuit/sbseg-fr/prod/utag.73.js?utv=ut4.47.202211171940 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "ec248455dcc43c64526deadfa0eba428:1668714039.000962"
last-modified: Thu, 17 Nov 2022 19:40:39 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Wed, 15 Feb 2023 20:09:12 GMT
date: Tue, 31 Jan 2023 20:09:12 GMT
content-length: 7106
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/intuit/sbseg-fr/prod/utag.72.js?utv=ut4.47.202207121434
2.18.173.203200 OK 2.6 kB URL HTTP/2 tags.tiqcdn.com/utag/intuit/sbseg-fr/prod/utag.72.js?utv=ut4.47.202207121434
IP 2.18.173.203:0
File type ASCII text, with very long lines (2961)
Hash 6ab496af6cde85f28c543d5bc29fe2f4
3ae8384d7784628e2b89582757dcfe3052de136d
52e86b43d7a11f772cdd88de25fd991373f20675ac4d7186f47ec99309213b48
GET /utag/intuit/sbseg-fr/prod/utag.72.js?utv=ut4.47.202207121434 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "6586dc3bbe03456dbbe3f13e204ec69f:1657636493.96063"
last-modified: Tue, 12 Jul 2022 14:34:53 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Wed, 15 Feb 2023 20:09:12 GMT
date: Tue, 31 Jan 2023 20:09:12 GMT
content-length: 2583
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e0bc98d03057dabba1334b62bea0975b
b358a8123908fe4b1c94a1273cac45c4e23b212e
10ef320ba825ca0e17d039b66fd2f321f4d2c687a8734d226fa25e9b45e109d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
intuit.connect.com.do/?TRANSACTION_ID=Nx5D-2BL7321DQ
172.67.213.146200 OK 498 kB URL HTTP/2 intuit.connect.com.do/?TRANSACTION_ID=Nx5D-2BL7321DQ
IP 172.67.213.146:0
File type PHP script text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (65148)
Size 498 kB (497678 bytes)
Hash df48a22e3f40abc395709d0497a6ecc5
14493964b5b54ec803865e3564643cd80e345669
e97a7b65a88acdb8d7f906270f473d2d47d36d766ae535b3564a947eb4479771
Analyzer Verdict Alert fortinet Phishing
GET /?TRANSACTION_ID=Nx5D-2BL7321DQ HTTP/1.1
Host: intuit.connect.com.do
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:09:11 GMT
content-type: text/html
last-modified: Mon, 30 Jan 2023 19:00:09 GMT
x-powered-by: PleskLin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1veGPzAhV%2B2qqT6ATr4FcNvWvCSRMPQ377kxH2LmdG6WfyrDj7dO86nBTstA4eLiIxeoOFeIJWh%2BSkhU9LI%2F%2FgLGKoCvGgTNsQwAsaZwggeOk%2FGKyP%2F5zB18tsrhbYz8HX9K0euIlns%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792515653c4a0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
quickbooks.intuit.com/uk2/fr/fr3//assets/logos/intuit-logo-white.svg
184.86.49.159200 OK 418 B URL HTTP/2 quickbooks.intuit.com/uk2/fr/fr3//assets/logos/intuit-logo-white.svg
IP 184.86.49.159:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 1ddc07cf9947b5d336cdf315d424dc99
d4df165e8fa5ef85476a52929185a15360a9db73
7669850863585fa6388211843ead0b351ff9570718978efcd749ff87a1fad2b8
GET /uk2/fr/fr3//assets/logos/intuit-logo-white.svg HTTP/1.1
Host: quickbooks.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: "fdb9139fe5ffec43b478cdd0e6fab6c7"
last-modified: Wed, 25 Jan 2023 04:08:12 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-amz-cf-id: gy0Zbgxkw-kecawx8CwNHZiCOTES1pU3L26CJK7K9rdiLJaJbs7miQ==
x-amz-cf-pop: LHR50-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: null
content-length: 418
cache-control: max-age=2592000
expires: Thu, 02 Mar 2023 20:09:13 GMT
date: Tue, 31 Jan 2023 20:09:13 GMT
set-cookie: akid=gip184.86.49.159_gsip23.73.5.142_clip91.90.42.154_rclip91.90.42.154; path=/; domain=.intuit.com
AKES_GEO=NO~; path=/; domain=.intuit.com; secure
x-rl: Trail, Trail
x-frame-options: SAMEORIGIN
x-org: CA2, CA2
content-security-policy: frame-ancestors 'self' *.intuit.com, frame-ancestors 'self' *.intuit.com
x-content-type-options: nosniff, nosniff
X-Firefox-Spdy: h2
accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
104.110.25.45304 Not Modified 0 B URL HTTP/2 accounts.intuit.com/IUS-Plugins/v2/scripts/en_us/ius-core.js
IP 104.110.25.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /IUS-Plugins/v2/scripts/en_us/ius-core.js HTTP/1.1
Host: accounts.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 20 Jan 2023 21:00:30 GMT
If-None-Match: W/"604194726b00aec24b13963ececaa295"
TE: trailers
HTTP/2 304 Not Modified
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Jan 2023 21:00:30 GMT
etag: W/"604194726b00aec24b13963ececaa295"
expires: Tue, 31 Jan 2023 20:09:13 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Tue, 31 Jan 2023 20:09:13 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-origin: *
X-Firefox-Spdy: h2
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-widget-header-footer-43c6d016.js
104.88.1.143200 OK 3.2 kB URL HTTP/2 plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-widget-header-footer-43c6d016.js
IP 104.88.1.143:0
File type ASCII text, with very long lines (9663)
Hash c54305460f6a5b90f7ac034a15eb0879
a22e503107b33d80abfa5452671da77c7fa02536
e1176bbb594631d7582428d16d04cc85b33c90d1f74441de684c2049fb53756a
GET /identity-authn-core-ui/scripts/ius-widget-header-footer-43c6d016.js HTTP/1.1
Host: plugin.intuitcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
last-modified: Tue, 06 Dec 2022 21:00:41 GMT
etag: W/"a64d04ac835031a42361af038fc40a8a"
x-amz-meta-version: 1.392.6-apr.3696.b.3
x-amz-meta-module: identity-authn-core-ui
x-amz-meta-type: plugin
x-amz-meta-slug: identity-authn-core-ui/1.392.6-apr.3696.b.3
x-amz-meta-id: identity-authn-core-ui
server: AmazonS3
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: IAD79-C1
x-amz-cf-id: 70n3fr9Qxi6wBlzePOV72xdXJ7hrL3l4qSRbbjE3Iaz9Nc7ynGnOkg==
content-length: 3190
date: Tue, 31 Jan 2023 20:09:13 GMT
timing-allow-origin: *, *
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=31556926, immutable
x-origin-src: uxf
X-Firefox-Spdy: h2
uxfabric.intuitcdn.net/gdpr-util/2.3.0/gdprUtilBundle.js
54.230.111.98200 OK 54 kB URL HTTP/2 uxfabric.intuitcdn.net/gdpr-util/2.3.0/gdprUtilBundle.js
IP 54.230.111.98:0
Hash 97573bc3130300c84fd020d62e21e0e5
67581d5b305a6f739b0fe47605cda66eaf46b6af
1d539fa9056fb7ab4e1bb212a321bcea4c838749990dd13cdb9ca9ff7ea290f1
GET /gdpr-util/2.3.0/gdprUtilBundle.js HTTP/1.1
Host: uxfabric.intuitcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 11 Jan 2023 05:00:41 GMT
last-modified: Tue, 30 Mar 2021 17:07:01 GMT
etag: W/"23805e4668a5d8cebc7781499eec8f5d"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-meta-version: 2.3.0
x-amz-meta-module: @sbgm/gdpr-util
x-amz-meta-type: unknown
x-amz-meta-slug: gdpr-util/2.3.0
x-amz-meta-id: gdpr-util
server: AmazonS3
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WB_ouklk-vWMToSx-hlaTebW5JBGVMl3x7tEPZzfESZSz7nKxrw_Yw==
age: 1782511
X-Firefox-Spdy: h2
plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-base-reset-f55baac3.js
104.88.1.143200 OK 5.0 kB URL HTTP/2 plugin.intuitcdn.net/identity-authn-core-ui/scripts/ius-base-reset-f55baac3.js
IP 104.88.1.143:0
File type ASCII text, with very long lines (24426)
Hash 25cae8662d142be851e6c010578a19fb
ca2509e603a5b7730980dad7d30c0f253c30c3ce
519e5a614b9a0d51cc9b00c8c3a1b7e9caf25c8a502e09e09ebb54bbdaab916a
GET /identity-authn-core-ui/scripts/ius-base-reset-f55baac3.js HTTP/1.1
Host: plugin.intuitcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
last-modified: Mon, 25 Apr 2022 19:48:43 GMT
etag: W/"fe776926b89afbace8c50eb202fd1e36"
x-amz-meta-version: 1.385.4-apr.2725.b.1
x-amz-meta-module: identity-authn-core-ui
x-amz-meta-type: plugin
x-amz-meta-slug: identity-authn-core-ui/1.385.4-apr.2725.b.1
x-amz-meta-id: identity-authn-core-ui
server: AmazonS3
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: ORD52-C2
x-amz-cf-id: Xg3mT__XcvJF-i0kCUJ_Q2Hd0K0lTFVgnr5O0gadBin2OA45cRcewg==
content-length: 4972
date: Tue, 31 Jan 2023 20:09:13 GMT
timing-allow-origin: *, *
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=31556926, immutable
x-origin-src: uxf
X-Firefox-Spdy: h2
plugin.intuitcdn.net/identity-authn-core-ui/images/check@44-86efb017..png
104.88.1.143200 OK 2.2 kB URL HTTP/2 plugin.intuitcdn.net/identity-authn-core-ui/images/check@44-86efb017..png
IP 104.88.1.143:0
Hash ae241523643513f02e39881bbb183fcd
817be3da576a21ce1bfb6c2fc4d5127b0c41a468
0bdc94b0b72d22d0ce07c46918672693e600a0855a9d2f225b8243b22e474e73
GET /identity-authn-core-ui/images/check@44-86efb017..png HTTP/1.1
Host: plugin.intuitcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1786
last-modified: Fri, 27 Aug 2021 20:35:15 GMT
etag: "fc6644e964b1c886ea7b6ad2d88c08eb"
x-amz-meta-version: 1.195.4-apr.1586.b.27
x-amz-meta-module: identity-authn-core-ui
x-amz-meta-type: plugin
x-amz-meta-slug: identity-authn-core-ui/1.195.4-apr.1586.b.27
x-amz-meta-id: identity-authn-core-ui
accept-ranges: bytes
server: AmazonS3
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD79-C1
x-amz-cf-id: aZRCr38ysMbIOIDb-Sbw-EpwZ_cB3IdiNHQcARMgxABGYJM_8y37kA==
date: Tue, 31 Jan 2023 20:09:13 GMT
timing-allow-origin: *, *
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=31556926, immutable
x-origin-src: uxf
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14970
Expires: Wed, 01 Feb 2023 00:18:43 GMT
Date: Tue, 31 Jan 2023 20:09:13 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14970
Expires: Wed, 01 Feb 2023 00:18:43 GMT
Date: Tue, 31 Jan 2023 20:09:13 GMT
Connection: keep-alive
quickbooks-2.leadsmonitor.io/pixel.gif?id=1NWPZE619NUWQIHF&ref=https%3A%2F%2Fquickbooks.intuit.com%2F&type=suibuy
178.33.237.231200 OK 49 B URL HTTP/1.1 quickbooks-2.leadsmonitor.io/pixel.gif?id=1NWPZE619NUWQIHF&ref=https%3A%2F%2Fquickbooks.intuit.com%2F&type=suibuy
IP 178.33.237.231:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ed280a0ea3cc38f3cbbc747acfbef47d
6bdcb32ee75e957a5085c010f4dfd0c716bfdadc
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
GET /pixel.gif?id=1NWPZE619NUWQIHF&ref=https%3A%2F%2Fquickbooks.intuit.com%2F&type=suibuy HTTP/1.1
Host: quickbooks-2.leadsmonitor.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:09:13 GMT
Server: Apache/2.4.41 (Ubuntu)
Pragma: no-cache
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, proxy-revalidate
Expires: Tue, 04 Sep 2012 05:32:29 GMT
Content-Length: 49
Connection: close
Content-Type: image/gif
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14970
Expires: Wed, 01 Feb 2023 00:18:43 GMT
Date: Tue, 31 Jan 2023 20:09:13 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14970
Expires: Wed, 01 Feb 2023 00:18:43 GMT
Date: Tue, 31 Jan 2023 20:09:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hDjKAMYoVwHdCqS8t08PrWyfQQLiWaosXbi3FOJY8BeV0yAFCGziGw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:58:16 GMT
age: 65457
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d957012d3e2b8c3bc0eefe11d66e8554
1959fdd94846fa3791c4890578dd15336b909dcc
a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13853
x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zzF4hIAMFwWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T5CaUojMEG8x8vki59UdIhI8IbbBRY_7w3xgiW3RCZlHTyeHPLIy2Q==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:47:13 GMT
age: 80520
etag: "1959fdd94846fa3791c4890578dd15336b909dcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
IP 34.120.237.76:0
Hash a91d11ce096f39c4a0feec2d168ca15e
a06245316da48587ea2f03f7acf822d69d7e0543
80b2cfd60f757f8d338cc746a385316fa0623e94099a3fc2635955afe5b2876c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11129
x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffDBZGRPoAMFedg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:40:17 GMT
age: 59336
etag: "8e315ac5856967286eaa8769e081d827fb4ca39e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6f9ffb8f9e99229b45ca5fdb84ce7d5
04577ad69ee9749b14382254eb5bbf0e1edcd7fa
6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8558
x-amzn-requestid: 2841cd36-22e6-4ecb-b56a-bfadce3197c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffB_BFA8IAMFyvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e393-3fd03bd14de762b0738a3b0a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZP2Mar8l3QoPH733_vv3hUuQjWvaN4_TgfYwme2-6WIxGi55BoSchg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 04:26:31 GMT
age: 56562
etag: "04577ad69ee9749b14382254eb5bbf0e1edcd7fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
assets.intuitcdn.net/fonts/avenir-400.woff2
104.88.1.143200 OK 33 kB URL HTTP/2 assets.intuitcdn.net/fonts/avenir-400.woff2
IP 104.88.1.143:0
File type Web Open Font Format (Version 2), TrueType, length 33176, version 1.0\012- data
Hash ca8c2af7f604634390ef3e68b80fa189
d919324422f3ad6753337a1d8fb829299ea37640
b406c35a6d317b896aef159ce69f94480e3e690a9e5f2bfab4fb8311b767a9b0
GET /fonts/avenir-400.woff2 HTTP/1.1
Host: assets.intuitcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://intuit.connect.com.do
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
etag: "ca8c2af7f604634390ef3e68b80fa189:1667239935.290512"
last-modified: Wed, 07 Aug 2019 21:23:45 GMT
server: AkamaiNetStorage
content-length: 33176
cache-control: max-age=15552000
expires: Sun, 30 Jul 2023 20:09:13 GMT
date: Tue, 31 Jan 2023 20:09:13 GMT
timing-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
assets.intuitcdn.net/fonts/avenir-600.woff2
104.88.1.143200 OK 33 kB URL HTTP/2 assets.intuitcdn.net/fonts/avenir-600.woff2
IP 104.88.1.143:0
File type Web Open Font Format (Version 2), TrueType, length 33100, version 1.0\012- data
Hash 7c0278113ae5f34e8198a2cea65c3bac
b9465aa8e3368a6b6fd596e3ca416f39b7b83983
6b59034d520321abc96ed69ffbe45f00feade7c66ac3bcf99e3ba51059f2a2a2
GET /fonts/avenir-600.woff2 HTTP/1.1
Host: assets.intuitcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://intuit.connect.com.do
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
etag: "7c0278113ae5f34e8198a2cea65c3bac:1667239939.278919"
last-modified: Wed, 07 Aug 2019 21:23:45 GMT
server: AkamaiNetStorage
content-length: 33100
cache-control: max-age=15552000
expires: Sun, 30 Jul 2023 20:09:13 GMT
date: Tue, 31 Jan 2023 20:09:13 GMT
timing-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
assets.intuitcdn.net/fonts/avenir-400-it.woff2
104.88.1.143200 OK 34 kB URL HTTP/2 assets.intuitcdn.net/fonts/avenir-400-it.woff2
IP 104.88.1.143:0
File type Web Open Font Format (Version 2), TrueType, length 34104, version 1.0\012- data
Hash e4692df45a6cd4572574c4b67d6b4188
d2b2dd8f6311cf4c7a07647c5e41aa79a847b1cb
ace15cc409a228e7ee1ec21a8555479ac27a1c77dffb63ff4008bad70de8c3ef
GET /fonts/avenir-400-it.woff2 HTTP/1.1
Host: assets.intuitcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://intuit.connect.com.do
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
etag: "e4692df45a6cd4572574c4b67d6b4188:1667239934.782988"
last-modified: Wed, 07 Aug 2019 21:23:45 GMT
server: AkamaiNetStorage
content-length: 34104
cache-control: max-age=15552000
expires: Sun, 30 Jul 2023 20:09:13 GMT
date: Tue, 31 Jan 2023 20:09:13 GMT
timing-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
assets.intuitcdn.net/fonts/avenir-500.woff2
104.88.1.143200 OK 33 kB URL HTTP/2 assets.intuitcdn.net/fonts/avenir-500.woff2
IP 104.88.1.143:0
File type Web Open Font Format (Version 2), TrueType, length 33240, version 1.0\012- data
Hash 433d4bcf95a373b63ba59713a2167d42
a279778361a11f971a913d345587715684ef39aa
a496f0a5fc51aac0cac43be7e4c6a81425194480f138a7a97e895071fd628260
GET /fonts/avenir-500.woff2 HTTP/1.1
Host: assets.intuitcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://intuit.connect.com.do
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
etag: "433d4bcf95a373b63ba59713a2167d42:1667239936.423162"
last-modified: Wed, 07 Aug 2019 21:23:45 GMT
server: AkamaiNetStorage
content-length: 33240
cache-control: max-age=15552000
expires: Sun, 30 Jul 2023 20:09:13 GMT
date: Tue, 31 Jan 2023 20:09:13 GMT
timing-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
accounts.intuit.com/ividFrame.html?ivid_b=fe02b408-35e8-439a-880e-028d43e1593f&query_string_ivid=8fd7b3fc-7914-5f3c-9cf4-eb6d8dd1efeb
104.110.25.45200 OK 3.6 kB URL HTTP/2 accounts.intuit.com/ividFrame.html?ivid_b=fe02b408-35e8-439a-880e-028d43e1593f&query_string_ivid=8fd7b3fc-7914-5f3c-9cf4-eb6d8dd1efeb
IP 104.110.25.45:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4241)
Hash 4659707005baee6a7efae91b1a217ee6
ecce756d901880102c0b306554fe30901bfc552b
b2b4de5284001b4f1ddba65a22d7196e76bf3b9a897b802138ac9d595269ce19
GET /ividFrame.html?ivid_b=fe02b408-35e8-439a-880e-028d43e1593f&query_string_ivid=8fd7b3fc-7914-5f3c-9cf4-eb6d8dd1efeb HTTP/1.1
Host: accounts.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
server: nginx
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow, noarchive, nosnippet, noimageindex, notranslate
content-language: en-US
x-akamai-transformed: 9 3668 0 pmb=mRUM,2
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 31 Jan 2023 20:09:13 GMT
content-length: 3589
set-cookie: ivid=8fd7b3fc-7914-5f3c-9cf4-eb6d8dd1efeb; path=/; domain=intuit.com; max-age=157680000; secure
ivid_b=08346319-4b1c-409d-94e2-05ed505a9220; path=/; domain=intuit.com; max-age=157680000; secure
AKA_A2=A; expires=Tue, 31-Jan-2023 21:09:13 GMT; path=/; domain=intuit.com; secure; HttpOnly
server-timing: cdn-cache; desc=MISS, edge; dur=160, origin; dur=10
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=intuit/sbseg-fr/202301261439&cb=1675195771815
2.18.173.203200 OK 2 B URL HTTP/2 tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=intuit/sbseg-fr/202301261439&cb=1675195771815
IP 2.18.173.203:0
File type ASCII text, with no line terminators
Hash 7bc0ee636b3b83484fc3b9348863bd22
ebbffb7d7ea5362a22bfa1bab0bfdeb1617cd610
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
GET /utag/tiqapp/utag.v.js?a=intuit/sbseg-fr/202301261439&cb=1675195771815 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
content-length: 2
unused62: 8096267
cache-control: max-age=600
expires: Tue, 31 Jan 2023 20:19:13 GMT
date: Tue, 31 Jan 2023 20:09:13 GMT
X-Firefox-Spdy: h2
accounts.intuit.com/scripts/oii-ivid-perisistence.js?v=1.17
104.110.25.45200 OK 4.6 kB URL HTTP/2 accounts.intuit.com/scripts/oii-ivid-perisistence.js?v=1.17
IP 104.110.25.45:0
File type ASCII text, with very long lines (565)
Hash 20145fb25bb4cb1b5ae046944f106735
6994ce556d1a8a815c4cad6ebf769840cd2de0fa
ec23fc7b8aee076a024fe9c71ef263aa2f9583bf9c57074230540fbca69fa5e7
GET /scripts/oii-ivid-perisistence.js?v=1.17 HTTP/1.1
Host: accounts.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.intuit.com/ividFrame.html?ivid_b=fe02b408-35e8-439a-880e-028d43e1593f&query_string_ivid=8fd7b3fc-7914-5f3c-9cf4-eb6d8dd1efeb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=UTF-8
server: nginx
last-modified: Fri, 27 Jan 2023 15:33:46 GMT
content-encoding: br
content-length: 4622
cache-control: max-age=90720
expires: Wed, 01 Feb 2023 21:21:13 GMT
date: Tue, 31 Jan 2023 20:09:13 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-origin: *
x-akamai-http2-push: 1
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 880 B IP 142.250.74.131:0
Hash a5761e4a02aa9f2b821f50e1acf5cf8f
e1e5c56ec7b6c82b31b22773102097513b7d7c20
4a792a4836fa389108b1f2a576471fa1398528bece65ebfcf272412a8d6743ba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__fr.js
142.250.74.35200 OK 166 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__fr.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (727)
Size 166 kB (166370 bytes)
Hash 9caf6d7051f77cc890ab0b225ec0bb23
d351e293122a1dfd613ffd3fb1f5853dcace908b
62fc62f58458ded92a494bd4a420bee3bbd2c26611c6204c1d074d39ab39c490
GET /recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__fr.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166370
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 12:43:39 GMT
expires: Thu, 25 Jan 2024 12:43:39 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
content-type: text/javascript
age: 545134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
142.250.74.35200 OK 24 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
IP 142.250.74.35:0
File type ASCII text, with very long lines (52913), with no line terminators
Hash f4bb161deae4e93f1a82e52f82ea2af9
74cd72b02999ea35cde6dd6c1d58ca9aec94da07
3330fe65fd8dbe742211f1609fbfe70b3b94434ad5639223942d921f085ea589
GET /recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24262
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 02:07:43 GMT
expires: Sat, 27 Jan 2024 02:07:43 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
content-type: text/css
age: 410490
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 789b41f1f8027d4275a66ac9cb2f124d
c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79
e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.go-mpulse.net/boomerang/JMR2J-JRQ54-8U3H8-YDWCP-M9P79
23.38.200.138200 OK 51 kB URL HTTP/2 s.go-mpulse.net/boomerang/JMR2J-JRQ54-8U3H8-YDWCP-M9P79
IP 23.38.200.138:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 45b1efed3d9e30c611f250c366d75706
d1c06b447106753e03faa593b3f2e54cffe6ae96
792e07cd80f040cd24df17812ca03c43330b8218ffd8c055c3c2f3ca3b248d9a
GET /boomerang/JMR2J-JRQ54-8U3H8-YDWCP-M9P79 HTTP/1.1
Host: s.go-mpulse.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.intuit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
content-encoding: br
last-modified: Sun, 15 Jan 2023 14:42:59 GMT
timing-allow-origin: *
vary: Accept-Encoding
x-n: S
content-length: 50393
date: Tue, 31 Jan 2023 20:09:13 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 880 B IP 93.184.220.29:0
Hash 3e93cf94284cf3b7995230c13fb08b6d
51384c154fa0f192f357d24456d65976b2bf7fa9
cd1828e78d5e9f7242634bf4857b130704a6931d70c6dfc14d739eeac7c73ee3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5588
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:13 GMT
Last-Modified: Tue, 31 Jan 2023 18:36:05 GMT
Server: ECS (amb/6BC5)
X-Cache: HIT
Content-Length: 471
amplify.outbrain.com/cp/obtp.js
2.18.173.74200 OK 5.9 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 2.18.173.74:0
File type ASCII text, with very long lines (17737), with no line terminators
Hash 69ccf6d91702cd65dedfbad36e94c61b
adce8bd55dcc466c709dc96e230cbdd72fb27645
9a5b793c3b453c30229658bebe68719aa0df37a71ef371a6c6117e123b091e64
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "9f0b052ec22f789c3cc95c26dd0da7f4:1674389451.57807"
Last-Modified: Sun, 22 Jan 2023 12:08:14 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Tue, 31 Jan 2023 20:29:14 GMT
Date: Tue, 31 Jan 2023 20:09:14 GMT
Content-Length: 5884
Connection: keep-alive
snap.licdn.com/li.lms-analytics/insight.min.js
95.101.11.48200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 95.101.11.48:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=29739
date: Tue, 31 Jan 2023 20:09:14 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
privacy-policy.truste.com/privacy-seal/seal?rid=7fc012b5-d53b-42d8-b980-c4f9091a97e1
54.230.111.101200 OK 15 kB URL HTTP/1.1 privacy-policy.truste.com/privacy-seal/seal?rid=7fc012b5-d53b-42d8-b980-c4f9091a97e1
IP 54.230.111.101:0
Hash 93a03a2a138adc4f811f811343fc885f
7d5af693be57542e4d3762e134fe8a7f54e71913
eb6e76977e95d3ec4890970e29fc320db443ae6a5a7e0d8d25462a403ecdce17
GET /privacy-seal/seal?rid=7fc012b5-d53b-42d8-b980-c4f9091a97e1 HTTP/1.1
Host: privacy-policy.truste.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Content-Length: 14237
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Server: TXS
X-Frame-Options: SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
x-content-type-options: nosniff, nosniff, nosniff
X-Xss-Protection: 1; mode=block, 1; mode=block
Content-Security-Policy: object-src 'none'; frame-ancestors https://*.trustarc.com https://*.truste.com ; upgrade-insecure-requests; block-all-mixed-content;, default-src 'self' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; font-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; style-src 'self' 'unsafe-inline' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; img-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net https://trustarc.com; frame-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; connect-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; upgrade-insecure-requests; block-all-mixed-content;
Referrer-Policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
Expect-CT: enforce, max-age=60, enforce, max-age=60
Permissions-Policy: autoplay=(self), document-domain=(self), encrypted-media=(self), autoplay=(self), document-domain=(self), encrypted-media=(self)
Cross-Origin-Resource-Policy: cross-origin, cross-origin
Cross-Origin-Opener-Policy: cross-origin, cross-origin
Cross-Origin-Embedder-Policy: unsafe-none, unsafe-none
Date: Tue, 31 Jan 2023 07:41:49 GMT
Cache-Control: no-cache, must-revalidate, no-cache, no-store
ETag: W/"14237-1594834154000"
X-Cache: Hit from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: z_7OUuA1ZE1TKTcWlJKjM1-A8d_umTa9T9t-ZX6LtdqBnA9a0uUGOQ==
Age: 44845
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 87a8d59932580e7312e6e6b7d38e6f57
774024430e1cedb761d8f4004bf12a4ee0d7543c
a0b7be216e3593944eb621e9bd78076b0449fa01a432c188d57067150620306c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 881 B IP 142.250.74.131:0
Hash 5c53f7229b49d9565110dde9c2c8c6a2
97155982cacb6c60b89aa7eaebba8cf3dc232b0b
5967f0f69945b5723685fd8cd046cc11e01b20ed12e53a21f717a4169be6ddd3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 46e2bec06a11406d5cdcec9c0e76911d
edc777878dca7029c70577edae741264a22ab010
21f7443ebf888a28fb0f0010d1c83ca833b42c06f7d2c755f83a4b418de96854
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 881 B IP 142.250.74.131:0
Hash 29fb53dc189caf731f025b645a37f9ec
a6b9a2115ca676e23520f2211afcafbb9e488194
0c2a20eec093eafba70df75c224493be9a599c59efd6e9e90f81082a406029a3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__fr.js
142.250.74.35200 OK 165 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__fr.js
IP 142.250.74.35:0
File type HTML document, ASCII text, with very long lines (654)
Size 165 kB (165137 bytes)
Hash 2403bf1f947e312881cdb1c2f8f7a2be
7f0af5bad4a25c7b98bfd367bcec5f4745db4ddd
d54557f8eb66f6b496f2b131bb69d9bd46dce0cf6336f6a79c9456f070d93273
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__fr.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://intuit.connect.com.do
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 165137
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 01:11:35 GMT
expires: Wed, 31 Jan 2024 01:11:35 GMT
cache-control: public, max-age=31536000
age: 68259
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bat.bing.com/bat.js
13.107.21.200200 OK 12 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 1cfe916b0f886b6cbe74d5920861f625
aa38577b437192568192ea3b6dccaf38c0e660a7
1c961668b9bffde7899cfe5073cd9ee2ef6d9b7e9c32306e78e8f7ad344da47b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11552
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ranges: bytes
etag: "076bc30652fd91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 96A36BF15EF2472A99EF94BF60CB2847 Ref B: OSL30EDGE0208 Ref C: 2023-01-31T20:09:14Z
date: Tue, 31 Jan 2023 20:09:13 GMT
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion/951424056/?random=1671838418615&cv=11&fst=1671838418615&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=400&u_h=564&label=i0NrCN7zw9oBELio1sUD&hn=www.googleadservices.com&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fcashtime%2FDocuments%2FQBPAGE%2Findex.html&tiba=Intuit%20QuickBooks%20Online%C2%AE%20Accounting%20Software%20Online.%20Get%20Started!&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.125%7CMicrosoft%2520Edge%3B108.0.1462.54&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4
142.250.74.162200 OK 1.6 kB URL HTTP/2 www.googleadservices.com/pagead/conversion/951424056/?random=1671838418615&cv=11&fst=1671838418615&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=400&u_h=564&label=i0NrCN7zw9oBELio1sUD&hn=www.googleadservices.com&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fcashtime%2FDocuments%2FQBPAGE%2Findex.html&tiba=Intuit%20QuickBooks%20Online%C2%AE%20Accounting%20Software%20Online.%20Get%20Started!&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.125%7CMicrosoft%2520Edge%3B108.0.1462.54&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash faefdb4c070008b645f387ee6827c240
a0d1cc727fcea38fbc69546f098f4864f0cd9fb4
2080be835d755075f2f532b1cdf79b2ed3b92e1272a27feaabf73dfb40ab238c
GET /pagead/conversion/951424056/?random=1671838418615&cv=11&fst=1671838418615&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=400&u_h=564&label=i0NrCN7zw9oBELio1sUD&hn=www.googleadservices.com&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fcashtime%2FDocuments%2FQBPAGE%2Findex.html&tiba=Intuit%20QuickBooks%20Online%C2%AE%20Accounting%20Software%20Online.%20Get%20Started!&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.125%7CMicrosoft%2520Edge%3B108.0.1462.54&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4 HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 20:09:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1161
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a72c84c41c5e0adf55862720ffab859c
671408b7eb5f09e4a2dac07a7ee2150ea7be1972
0aada318970f4e1d24d6411787b9f43b8ce0c1d64d76b61b5ac0589a1323f066
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5099
Cache-Control: max-age=116908
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:14 GMT
Etag: "63d8872b-1d7"
Expires: Thu, 02 Feb 2023 04:37:42 GMT
Last-Modified: Tue, 31 Jan 2023 03:12:43 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a72c84c41c5e0adf55862720ffab859c
671408b7eb5f09e4a2dac07a7ee2150ea7be1972
0aada318970f4e1d24d6411787b9f43b8ce0c1d64d76b61b5ac0589a1323f066
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5669
Cache-Control: max-age=117478
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:14 GMT
Etag: "63d8872b-1d7"
Expires: Thu, 02 Feb 2023 04:47:12 GMT
Last-Modified: Tue, 31 Jan 2023 03:12:43 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
signup.quickbooks.intuit.com/static/images/favicon/quickbooks-152x152.png
184.86.49.159400 Bad Request 346 B URL HTTP/2 signup.quickbooks.intuit.com/static/images/favicon/quickbooks-152x152.png
IP 184.86.49.159:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 86554ab494f54df5e7f557133deb829e
bf2e18b49361233e04263df78857a2984bcb7bfb
d29fc678ef3efeaf507842172c539c7155f878a65aa48fdf6a4536f3e7e34a9d
GET /static/images/favicon/quickbooks-152x152.png HTTP/1.1
Host: signup.quickbooks.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
server: AkamaiGHost
mime-version: 1.0
content-type: text/html
content-length: 346
expires: Tue, 31 Jan 2023 20:09:14 GMT
date: Tue, 31 Jan 2023 20:09:14 GMT
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
access-control-allow-origin: https://quickbooks.intuit.com
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__fr.js
142.250.74.35200 OK 167 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__fr.js
IP 142.250.74.35:0
Size 167 kB (166779 bytes)
Hash 73c66618ec3cf9f05eda45a4af573f4e
66635f3ec8c073d765307f9904878acf9d1ccb88
fc1d7e405f25abbfc6eb9c9a1879e081a19eb2e4ddb8af45ea6f0b76693fe973
GET /recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__fr.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://intuit.connect.com.do
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166370
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 12:43:39 GMT
expires: Thu, 25 Jan 2024 12:43:39 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
content-type: text/javascript
age: 545135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030811807/?random=1671838417997&cv=11&fst=1671838417997&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=400&u_h=564&hn=www.googleadservices.com&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fcashtime%2FDocuments%2FQBPAGE%2Findex.html&tiba=Intuit%20QuickBooks%20Online%C2%AE%20Accounting%20Software%20Online.%20Get%20Started!&did=dYmQxMT&gdid=dYmQxMT&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.125%7CMicrosoft%2520Edge%3B108.0.1462.54&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&data=event%3DConversion&rfmt=3&fmt=4
172.217.21.162200 OK 937 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1030811807/?random=1671838417997&cv=11&fst=1671838417997&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=400&u_h=564&hn=www.googleadservices.com&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fcashtime%2FDocuments%2FQBPAGE%2Findex.html&tiba=Intuit%20QuickBooks%20Online%C2%AE%20Accounting%20Software%20Online.%20Get%20Started!&did=dYmQxMT&gdid=dYmQxMT&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.125%7CMicrosoft%2520Edge%3B108.0.1462.54&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&data=event%3DConversion&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2047), with no line terminators
Hash e2868c7c3f0744136e2eb7a75df31438
da11afacfd2a416d0bfbb40d3d38533d9648431d
8c68733eb25becac22e0bc8bd916668a0b6472401e99a661d5d5d33b3c329c8f
GET /pagead/viewthroughconversion/1030811807/?random=1671838417997&cv=11&fst=1671838417997&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=400&u_h=564&hn=www.googleadservices.com&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fcashtime%2FDocuments%2FQBPAGE%2Findex.html&tiba=Intuit%20QuickBooks%20Online%C2%AE%20Accounting%20Software%20Online.%20Get%20Started!&did=dYmQxMT&gdid=dYmQxMT&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.125%7CMicrosoft%2520Edge%3B108.0.1462.54&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&data=event%3DConversion&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 20:09:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 937
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 31-Jan-2023 20:24:14 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/951424056/?random=1671838418581&cv=11&fst=1671838418581&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=400&u_h=564&hn=www.googleadservices.com&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fcashtime%2FDocuments%2FQBPAGE%2Findex.html&tiba=Intuit%20QuickBooks%20Online%C2%AE%20Accounting%20Software%20Online.%20Get%20Started!&did=dYmQxMT&gdid=dYmQxMT&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.125%7CMicrosoft%2520Edge%3B108.0.1462.54&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&data=event%3DConversion&rfmt=3&fmt=4
172.217.21.162200 OK 1.3 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/951424056/?random=1671838418581&cv=11&fst=1671838418581&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=400&u_h=564&hn=www.googleadservices.com&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fcashtime%2FDocuments%2FQBPAGE%2Findex.html&tiba=Intuit%20QuickBooks%20Online%C2%AE%20Accounting%20Software%20Online.%20Get%20Started!&did=dYmQxMT&gdid=dYmQxMT&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.125%7CMicrosoft%2520Edge%3B108.0.1462.54&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&data=event%3DConversion&rfmt=3&fmt=4
IP 172.217.21.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d6c34afec69163614a01e01db3d5be8d
999de69ec3d1670bd2137b16639ba8ed9b783c49
0ea3ec6a96494a84344d41ec8435d9340363e8d8fc83f10b413de4d1e1ea2652
GET /pagead/viewthroughconversion/951424056/?random=1671838418581&cv=11&fst=1671838418581&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=400&u_h=564&hn=www.googleadservices.com&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fcashtime%2FDocuments%2FQBPAGE%2Findex.html&tiba=Intuit%20QuickBooks%20Online%C2%AE%20Accounting%20Software%20Online.%20Get%20Started!&did=dYmQxMT&gdid=dYmQxMT&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.125%7CMicrosoft%2520Edge%3B108.0.1462.54&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&data=event%3DConversion&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 20:09:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 933
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 31-Jan-2023 20:24:14 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/intuit/sbseg-fr/prod/utag.js
2.18.173.203200 OK 92 kB URL HTTP/2 tags.tiqcdn.com/utag/intuit/sbseg-fr/prod/utag.js
IP 2.18.173.203:0
Hash ac2ff7c8efd3ca2bf83810b165d998f5
26e30fae13b2456bda7e8ac92d6c18e19e2aee02
767f72c2dd9dd39217e06fca56c1afa08716bdcaf5a46b461384600d7be448f0
GET /utag/intuit/sbseg-fr/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7e801ed974acad64200e91c6cae11d2f:1674744009.295246"
last-modified: Thu, 26 Jan 2023 14:40:09 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Tue, 31 Jan 2023 20:14:12 GMT
date: Tue, 31 Jan 2023 20:09:12 GMT
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1030811807/?random=1671838417880&cv=11&fst=1671838417880&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=400&u_h=564&hn=www.googleadservices.com&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fcashtime%2FDocuments%2FQBPAGE%2Findex.html&tiba=Intuit%20QuickBooks%20Online%C2%AE%20Accounting%20Software%20Online.%20Get%20Started!&did=dYmQxMT&gdid=dYmQxMT&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.125%7CMicrosoft%2520Edge%3B108.0.1462.54&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
172.217.21.162200 OK 1.3 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1030811807/?random=1671838417880&cv=11&fst=1671838417880&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=400&u_h=564&hn=www.googleadservices.com&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fcashtime%2FDocuments%2FQBPAGE%2Findex.html&tiba=Intuit%20QuickBooks%20Online%C2%AE%20Accounting%20Software%20Online.%20Get%20Started!&did=dYmQxMT&gdid=dYmQxMT&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.125%7CMicrosoft%2520Edge%3B108.0.1462.54&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 172.217.21.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e3f8fc68098fed678a63d6a8994d4243
a5e153a7a5eb65baafbd7e806b972b168511d780
c8800cf760de09a6a9f4db3da74a87f79dd9dc29971d95cb788b111502a19a9d
GET /pagead/viewthroughconversion/1030811807/?random=1671838417880&cv=11&fst=1671838417880&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=400&u_h=564&hn=www.googleadservices.com&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fcashtime%2FDocuments%2FQBPAGE%2Findex.html&tiba=Intuit%20QuickBooks%20Online%C2%AE%20Accounting%20Software%20Online.%20Get%20Started!&did=dYmQxMT&gdid=dYmQxMT&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.125%7CMicrosoft%2520Edge%3B108.0.1462.54&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 20:09:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 940
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 31-Jan-2023 20:24:14 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Tue, 31 Jan 2023 20:09:14 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-bma1680-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 426071
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.205.11200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: +qg1Utw6CdjFP5aPA4er2fRFOYdgX+sCsVmX3/Z3/NAp3s3wy/6EKyS1/6RRsu0u8hV+aS2aVEpp451HSUHssw==
content-length: 27843
x-fb-trip-id: 1679558926
date: Tue, 31 Jan 2023 20:09:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 444511
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2263a1e1250ae338c282d1688740d8c1
4d7f8a14fe6382ae92bfa31048d6cf7802ebd989
587dfb385435f78a53392aa45b9e268c61c62ba97b3c081ba3f4795122305e40
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trinity.platform.intuit.com/trinity/v1/intuit-clickstream
54.70.70.80200 OK 0 B URL HTTP/2 trinity.platform.intuit.com/trinity/v1/intuit-clickstream
IP 54.70.70.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /trinity/v1/intuit-clickstream HTTP/1.1
Host: trinity.platform.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/plain; charset=utf-8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1286
Origin: https://intuit.connect.com.do
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:09:14 GMT
content-type: text/plain
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: ADRUM_BTa=R:30|g:5c4c658b-37b2-43bf-8fa8-4aa4cd9c0446|n:intuit-ss-prod_7a1601f5-8dd7-4643-a3b6-efec7482015f;Path=/;Expires=Tue, 31-Jan-2023 20:09:44 GMT
SameSite=None;Path=/;Expires=Tue, 31-Jan-2023 20:09:44 GMT;Secure
ADRUM_BT1=R:30|i:636206|e:22|d:0;Path=/;Expires=Tue, 31-Jan-2023 20:09:44 GMT
cache-control: private, no-cache, no-transform
access-control-allow-origin: *
access-control-allow-headers: Authorization,X-Forwarded-For,Accept-Language,Content-Type,intuit_tid,intuit_appid,intuit_offeringid,intuit_originatingip,intuit_test,intuit_locale,intuit_country,intuit_iddomain
access-control-allow-methods: GET,POST,OPTIONS
access-control-request-method: GET,POST,OPTIONS
strict-transport-security: max-age=10886400; includeSubDomains; preload
intuit_appid: Intuit.ldcp.mds.trinity
intuit_offeringid: Intuit.ldcp.mds.trinity
x-application-id: trinity-api-20210406002715-development
server: Jetty
intuit_tid: 45cb28e1-087c-4c86-82df-c628329c6092
intuit_received_at: 1675195754185
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a72c84c41c5e0adf55862720ffab859c
671408b7eb5f09e4a2dac07a7ee2150ea7be1972
0aada318970f4e1d24d6411787b9f43b8ce0c1d64d76b61b5ac0589a1323f066
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5669
Cache-Control: max-age=117478
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:14 GMT
Etag: "63d8872b-1d7"
Expires: Thu, 02 Feb 2023 04:47:12 GMT
Last-Modified: Tue, 31 Jan 2023 03:12:43 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f7a929a50989d318522e3345ae02e24f
c2bf1776b1b5b4485cf311a41afef551bcb3ccd8
46b8da5299b78ec930d4fe1d417675933c836086cb376a6b813e596ea7e21d51
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4501
Cache-Control: max-age=164916
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:14 GMT
Etag: "63d94509-1d7"
Expires: Thu, 02 Feb 2023 17:57:50 GMT
Last-Modified: Tue, 31 Jan 2023 16:42:49 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
sci.intuit.com/b/ss/intuitsbgqa,intuitca-sbg-global-qa/1/JS-2.22.0/s08786463275849?AQB=1&ndh=1&pf=1&t=31%2F0%2F2023%2020%3A9%3A32%202%200&ce=UTF-8&ns=intuitinc&pageName=fms%7Cmktg%7Cintuit.connect.com.do%7Cindex&g=https%3A%2F%2Fintuit.connect.com.do%2F%3FTRANSACTION_ID%3DNx5D-2BL7321DQ&cc=USD&ch=fms%7Cmktg&server=intuit.connect.com.do&c1=D%3Dv1&v1=fms%7Cmktg%7Cintuit.connect.com.do&c2=D%3DpageName&h2=D%3DpageName&c16=Lookers&c26=D%3Dv26&v26=%28no%20cookie%29&c27=D%3Dg&v27=D%3Dg&c30=page%7Cwa.track%20%28page%20load%29&c33=intuitsbgqa%2Cintuitca-sbg-global-qa&c36=2.22.0%3Awa2%7C2022%7C12%7C21%7Csbseg-fr-prod&c49=D%3DpageName&v54=8fd7b3fc-7914-5f3c-9cf4-eb6d8dd1efeb&c60=D%3Dv60&v60=fr&c64=D%3Dv64&v64=fms&c67=D%3Dv67&v67=2023-01-31%2012%3A09%3A32&c73=D%3Dv73&v73=3070&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
13.37.25.97302 Found 409 B URL HTTP/2 sci.intuit.com/b/ss/intuitsbgqa,intuitca-sbg-global-qa/1/JS-2.22.0/s08786463275849?AQB=1&ndh=1&pf=1&t=31%2F0%2F2023%2020%3A9%3A32%202%200&ce=UTF-8&ns=intuitinc&pageName=fms%7Cmktg%7Cintuit.connect.com.do%7Cindex&g=https%3A%2F%2Fintuit.connect.com.do%2F%3FTRANSACTION_ID%3DNx5D-2BL7321DQ&cc=USD&ch=fms%7Cmktg&server=intuit.connect.com.do&c1=D%3Dv1&v1=fms%7Cmktg%7Cintuit.connect.com.do&c2=D%3DpageName&h2=D%3DpageName&c16=Lookers&c26=D%3Dv26&v26=%28no%20cookie%29&c27=D%3Dg&v27=D%3Dg&c30=page%7Cwa.track%20%28page%20load%29&c33=intuitsbgqa%2Cintuitca-sbg-global-qa&c36=2.22.0%3Awa2%7C2022%7C12%7C21%7Csbseg-fr-prod&c49=D%3DpageName&v54=8fd7b3fc-7914-5f3c-9cf4-eb6d8dd1efeb&c60=D%3Dv60&v60=fr&c64=D%3Dv64&v64=fms&c67=D%3Dv67&v67=2023-01-31%2012%3A09%3A32&c73=D%3Dv73&v73=3070&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
IP 13.37.25.97:0
Hash 86accc8f7747051c4e7edb6cf0bf5ce8
21727cac0752b1a32874b3bf700a87e48c20ce0e
5c7622967899fb54a35c647685b43c57598f8d153849a53dc83f3e1cebbccf6a
GET /b/ss/intuitsbgqa,intuitca-sbg-global-qa/1/JS-2.22.0/s08786463275849?AQB=1&ndh=1&pf=1&t=31%2F0%2F2023%2020%3A9%3A32%202%200&ce=UTF-8&ns=intuitinc&pageName=fms%7Cmktg%7Cintuit.connect.com.do%7Cindex&g=https%3A%2F%2Fintuit.connect.com.do%2F%3FTRANSACTION_ID%3DNx5D-2BL7321DQ&cc=USD&ch=fms%7Cmktg&server=intuit.connect.com.do&c1=D%3Dv1&v1=fms%7Cmktg%7Cintuit.connect.com.do&c2=D%3DpageName&h2=D%3DpageName&c16=Lookers&c26=D%3Dv26&v26=%28no%20cookie%29&c27=D%3Dg&v27=D%3Dg&c30=page%7Cwa.track%20%28page%20load%29&c33=intuitsbgqa%2Cintuitca-sbg-global-qa&c36=2.22.0%3Awa2%7C2022%7C12%7C21%7Csbseg-fr-prod&c49=D%3DpageName&v54=8fd7b3fc-7914-5f3c-9cf4-eb6d8dd1efeb&c60=D%3Dv60&v60=fr&c64=D%3Dv64&v64=fms&c67=D%3Dv67&v67=2023-01-31%2012%3A09%3A32&c73=D%3Dv73&v73=3070&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: sci.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
access-control-allow-origin: *
vary: Origin
date: Tue, 31 Jan 2023 20:09:14 GMT
content-type: text/plain;charset=utf-8
expires: Mon, 30 Jan 2023 20:09:14 GMT
last-modified: Wed, 01 Feb 2023 20:09:14 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31ECBAB5042675E4-60000A47A4660C7B[CE]; Path=/; Domain=intuit.com; Max-Age=63072000; Expires=Thu, 30 Jan 2025 20:09:09 GMT; SameSite=None; Secure
location: https://sci.intuit.com/b/ss/intuitsbgqa,intuitca-sbg-global-qa/1/JS-2.22.0/s08786463275849?AQB=1&pccr=true&vidn=31ECBAB5042675E4-60000A47A4660C7B&ndh=1&pf=1&t=31%2F0%2F2023%2020%3A9%3A32%202%200&ce=UTF-8&ns=intuitinc&pageName=fms%7Cmktg%7Cintuit.connect.com.do%7Cindex&g=https%3A%2F%2Fintuit.connect.com.do%2F%3FTRANSACTION_ID%3DNx5D-2BL7321DQ&cc=USD&ch=fms%7Cmktg&server=intuit.connect.com.do&c1=D%3Dv1&v1=fms%7Cmktg%7Cintuit.connect.com.do&c2=D%3DpageName&h2=D%3DpageName&c16=Lookers&c26=D%3Dv26&v26=%28no%20cookie%29&c27=D%3Dg&v27=D%3Dg&c30=page%7Cwa.track%20%28page%20load%29&c33=intuitsbgqa%2Cintuitca-sbg-global-qa&c36=2.22.0%3Awa2%7C2022%7C12%7C21%7Csbseg-fr-prod&c49=D%3DpageName&v54=8fd7b3fc-7914-5f3c-9cf4-eb6d8dd1efeb&c60=D%3Dv60&v60=fr&c64=D%3Dv64&v64=fms&c67=D%3Dv67&v67=2023-01-31%2012%3A09%3A32&c73=D%3Dv73&v73=3070&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
signup.quickbooks.intuit.com/static/images/favicon/quickbooks-16x16.png
184.86.49.159400 Bad Request 344 B URL HTTP/2 signup.quickbooks.intuit.com/static/images/favicon/quickbooks-16x16.png
IP 184.86.49.159:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c1c84b60ae751f1b40862032c27d7e31
cf7a924b1aa755eac20fba5b0780fbd0d9c7620b
ddedac1a682dc2d50a3978f573645be64cb6f1afc2f162cd97a2032ca92763e7
GET /static/images/favicon/quickbooks-16x16.png HTTP/1.1
Host: signup.quickbooks.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
server: AkamaiGHost
mime-version: 1.0
content-type: text/html
content-length: 344
expires: Tue, 31 Jan 2023 20:09:14 GMT
date: Tue, 31 Jan 2023 20:09:14 GMT
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
access-control-allow-origin: https://quickbooks.intuit.com
X-Firefox-Spdy: h2
signup.quickbooks.intuit.com/v1/beacon
184.86.49.159200 OK 2 B URL HTTP/2 signup.quickbooks.intuit.com/v1/beacon
IP 184.86.49.159:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /v1/beacon HTTP/1.1
Host: signup.quickbooks.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1687
Origin: https://intuit.connect.com.do
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
content-length: 2
intuit_tid: 1-63d97569-7606de5d362e8fc67c5f5cef
x-spanid: e404023a-6c5d-43a9-bd3a-f9587fb27d84
x-amzn-trace-id: Root=1-63d97569-7606de5d362e8fc67c5f5cef
x-content-type-options: nosniff
etag: W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
x-envoy-upstream-service-time: 741
strict-transport-security: max-age=31536000
server: envoy
date: Tue, 31 Jan 2023 20:09:14 GMT
set-cookie: ADRUM_BT=R:30|i:260483|g:cc10b0fe-7e3a-47b1-b607-f947c0d32c448661957|e:93|n:intuit-sbg-prod_87bcfab1-ad5a-4af1-95e0-7eed4f8a1800; Path=/; Expires=Tue, 31 Jan 2023 20:09:44 GMT; Secure
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
sci.intuit.com/b/ss/intuitsbgqa,intuitca-sbg-global-qa/1/JS-2.22.0/s08786463275849?AQB=1&pccr=true&vidn=31ECBAB5042675E4-60000A47A4660C7B&ndh=1&pf=1&t=31%2F0%2F2023%2020%3A9%3A32%202%200&ce=UTF-8&ns=intuitinc&pageName=fms%7Cmktg%7Cintuit.connect.com.do%7Cindex&g=https%3A%2F%2Fintuit.connect.com.do%2F%3FTRANSACTION_ID%3DNx5D-2BL7321DQ&cc=USD&ch=fms%7Cmktg&server=intuit.connect.com.do&c1=D%3Dv1&v1=fms%7Cmktg%7Cintuit.connect.com.do&c2=D%3DpageName&h2=D%3DpageName&c16=Lookers&c26=D%3Dv26&v26=%28no%20cookie%29&c27=D%3Dg&v27=D%3Dg&c30=page%7Cwa.track%20%28page%20load%29&c33=intuitsbgqa%2Cintuitca-sbg-global-qa&c36=2.22.0%3Awa2%7C2022%7C12%7C21%7Csbseg-fr-prod&c49=D%3DpageName&v54=8fd7b3fc-7914-5f3c-9cf4-eb6d8dd1efeb&c60=D%3Dv60&v60=fr&c64=D%3Dv64&v64=fms&c67=D%3Dv67&v67=2023-01-31%2012%3A09%3A32&c73=D%3Dv73&v73=3070&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
13.37.25.97200 OK 43 B URL HTTP/2 sci.intuit.com/b/ss/intuitsbgqa,intuitca-sbg-global-qa/1/JS-2.22.0/s08786463275849?AQB=1&pccr=true&vidn=31ECBAB5042675E4-60000A47A4660C7B&ndh=1&pf=1&t=31%2F0%2F2023%2020%3A9%3A32%202%200&ce=UTF-8&ns=intuitinc&pageName=fms%7Cmktg%7Cintuit.connect.com.do%7Cindex&g=https%3A%2F%2Fintuit.connect.com.do%2F%3FTRANSACTION_ID%3DNx5D-2BL7321DQ&cc=USD&ch=fms%7Cmktg&server=intuit.connect.com.do&c1=D%3Dv1&v1=fms%7Cmktg%7Cintuit.connect.com.do&c2=D%3DpageName&h2=D%3DpageName&c16=Lookers&c26=D%3Dv26&v26=%28no%20cookie%29&c27=D%3Dg&v27=D%3Dg&c30=page%7Cwa.track%20%28page%20load%29&c33=intuitsbgqa%2Cintuitca-sbg-global-qa&c36=2.22.0%3Awa2%7C2022%7C12%7C21%7Csbseg-fr-prod&c49=D%3DpageName&v54=8fd7b3fc-7914-5f3c-9cf4-eb6d8dd1efeb&c60=D%3Dv60&v60=fr&c64=D%3Dv64&v64=fms&c67=D%3Dv67&v67=2023-01-31%2012%3A09%3A32&c73=D%3Dv73&v73=3070&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
IP 13.37.25.97:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/intuitsbgqa,intuitca-sbg-global-qa/1/JS-2.22.0/s08786463275849?AQB=1&pccr=true&vidn=31ECBAB5042675E4-60000A47A4660C7B&ndh=1&pf=1&t=31%2F0%2F2023%2020%3A9%3A32%202%200&ce=UTF-8&ns=intuitinc&pageName=fms%7Cmktg%7Cintuit.connect.com.do%7Cindex&g=https%3A%2F%2Fintuit.connect.com.do%2F%3FTRANSACTION_ID%3DNx5D-2BL7321DQ&cc=USD&ch=fms%7Cmktg&server=intuit.connect.com.do&c1=D%3Dv1&v1=fms%7Cmktg%7Cintuit.connect.com.do&c2=D%3DpageName&h2=D%3DpageName&c16=Lookers&c26=D%3Dv26&v26=%28no%20cookie%29&c27=D%3Dg&v27=D%3Dg&c30=page%7Cwa.track%20%28page%20load%29&c33=intuitsbgqa%2Cintuitca-sbg-global-qa&c36=2.22.0%3Awa2%7C2022%7C12%7C21%7Csbseg-fr-prod&c49=D%3DpageName&v54=8fd7b3fc-7914-5f3c-9cf4-eb6d8dd1efeb&c60=D%3Dv60&v60=fr&c64=D%3Dv64&v64=fms&c67=D%3Dv67&v67=2023-01-31%2012%3A09%3A32&c73=D%3Dv73&v73=3070&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: sci.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://intuit.connect.com.do/
Connection: keep-alive
Cookie: s_vi=[CS]v1|31ECBAB5042675E4-60000A47A4660C7B[CE]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Tue, 31 Jan 2023 20:09:14 GMT
expires: Mon, 30 Jan 2023 20:09:14 GMT
last-modified: Wed, 01 Feb 2023 20:09:14 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31ECBAB5042675E4-60000A47A4660C7B[CE]; Path=/; Domain=intuit.com; Max-Age=63072000; Expires=Thu, 30 Jan 2025 20:09:09 GMT; SameSite=None; Secure
etag: 3597455490372108288-4619721204916734672
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
signup.quickbooks.intuit.com/v1/beacon
184.86.49.159200 OK 2 B URL HTTP/2 signup.quickbooks.intuit.com/v1/beacon
IP 184.86.49.159:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /v1/beacon HTTP/1.1
Host: signup.quickbooks.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1687
Origin: https://intuit.connect.com.do
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=utf-8
content-length: 2
intuit_tid: 1-63d97569-5e1025ab31abb1c6320f88bb
x-spanid: 95e2407f-e7d2-4c6f-b3c3-33752d700ab9
x-amzn-trace-id: Root=1-63d97569-5e1025ab31abb1c6320f88bb
x-content-type-options: nosniff
etag: W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
x-envoy-upstream-service-time: 748
strict-transport-security: max-age=31536000
server: envoy
date: Tue, 31 Jan 2023 20:09:14 GMT
set-cookie: ADRUM_BT=R:30|i:260483|g:cc10b0fe-7e3a-47b1-b607-f947c0d32c448661958|e:93|n:intuit-sbg-prod_87bcfab1-ad5a-4af1-95e0-7eed4f8a1800; Path=/; Expires=Tue, 31 Jan 2023 20:09:44 GMT; Secure
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b4c9a8ce96aa57d27a6bd55df00f08ac
180302ed4863fb5b22b45ab0cc7c770a12a8c63d
3707163ad693f536f95ed3331f045060ad51b12e95d55690d341a4a93e7f1d12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b4c9a8ce96aa57d27a6bd55df00f08ac
180302ed4863fb5b22b45ab0cc7c770a12a8c63d
3707163ad693f536f95ed3331f045060ad51b12e95d55690d341a4a93e7f1d12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/signals/config/589281714858870?v=2.9.90&r=stable
157.240.205.11200 OK 74 kB URL HTTP/2 connect.facebook.net/signals/config/589281714858870?v=2.9.90&r=stable
IP 157.240.205.11:0
Hash c28069412287713beccaecda801f78bf
92a32eefa746b9fa6e4cc98d0b279e45fb79e6c8
20e2d96183e22be4688efb119c0874782b97a3f77543697bc985109be16b11ca
GET /signals/config/589281714858870?v=2.9.90&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: f9FqNeC16zaVIgNN2Reswr0hrEWVBa69wabmWPDC0Qs94RU60T6AKr708E1tChAjWPszrCqKeFcqBvcfH8WMeQ==
x-fb-trip-id: 1679558926
date: Tue, 31 Jan 2023 20:09:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/intuit/sync-analytics/prod/utag.sync.js
2.18.173.203200 OK 68 kB URL HTTP/2 tags.tiqcdn.com/utag/intuit/sync-analytics/prod/utag.sync.js
IP 2.18.173.203:0
Hash f8bfe9660d92ef7f462d45f1c8ebe564
dae01cf9b7f67ab2c44213bebae56cb350e146a5
e8de44f391344dbfeedfe13ff0615604b5d0194c7a956c3bb84dd60faf9b1210
GET /utag/intuit/sync-analytics/prod/utag.sync.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "f7f01bb3a369985f237a7eea22ad42c5:1666028329.419191"
last-modified: Mon, 17 Oct 2022 17:38:49 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Tue, 31 Jan 2023 20:14:12 GMT
date: Tue, 31 Jan 2023 20:09:12 GMT
X-Firefox-Spdy: h2
connect.facebook.net/signals/config/443742059154494?v=2.9.90&r=stable
157.240.205.11200 OK 75 kB URL HTTP/2 connect.facebook.net/signals/config/443742059154494?v=2.9.90&r=stable
IP 157.240.205.11:0
Hash 916b04239dc7e04be72d638d3ac8c654
21358646b878072803d8f2c46340cf92d34b1e48
7d7f954b18462e6203c148302f795946a5e5bc4ccfb2e80523b9d41863109e06
GET /signals/config/443742059154494?v=2.9.90&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: fS1s7olQv7xwnB0rNozkz3gk5jguGe7YO6aEBQy6vvfcqPH53ce/DJ7Ml7XsdtpcpFQdV6PQ27LyIoJLiDCtjw==
x-fb-trip-id: 1679558926
date: Tue, 31 Jan 2023 20:09:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1030811807/?random=1671838417880&cv=11&fst=1671836400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=400&u_h=564&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fcashtime%2FDocuments%2FQBPAGE%2Findex.html&tiba=Intuit%20QuickBooks%20Online%C2%AE%20Accounting%20Software%20Online.%20Get%20Started!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2341132384&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1030811807/?random=1671838417880&cv=11&fst=1671836400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=400&u_h=564&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fcashtime%2FDocuments%2FQBPAGE%2Findex.html&tiba=Intuit%20QuickBooks%20Online%C2%AE%20Accounting%20Software%20Online.%20Get%20Started!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2341132384&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1030811807/?random=1671838417880&cv=11&fst=1671836400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=400&u_h=564&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fcashtime%2FDocuments%2FQBPAGE%2Findex.html&tiba=Intuit%20QuickBooks%20Online%C2%AE%20Accounting%20Software%20Online.%20Get%20Started!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2341132384&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 20:09:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1030811807/?random=1671838417997&cv=11&fst=1671836400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=400&u_h=564&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fcashtime%2FDocuments%2FQBPAGE%2Findex.html&tiba=Intuit%20QuickBooks%20Online%C2%AE%20Accounting%20Software%20Online.%20Get%20Started!&data=event%3DConversion&fmt=3&is_vtc=1&random=3643938227&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1030811807/?random=1671838417997&cv=11&fst=1671836400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=400&u_h=564&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fcashtime%2FDocuments%2FQBPAGE%2Findex.html&tiba=Intuit%20QuickBooks%20Online%C2%AE%20Accounting%20Software%20Online.%20Get%20Started!&data=event%3DConversion&fmt=3&is_vtc=1&random=3643938227&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1030811807/?random=1671838417997&cv=11&fst=1671836400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=400&u_h=564&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fcashtime%2FDocuments%2FQBPAGE%2Findex.html&tiba=Intuit%20QuickBooks%20Online%C2%AE%20Accounting%20Software%20Online.%20Get%20Started!&data=event%3DConversion&fmt=3&is_vtc=1&random=3643938227&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 20:09:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/951424056/?random=170521400&cv=11&fst=1671838418615&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=400&u_h=564&label=i0NrCN7zw9oBELio1sUD&hn=www.googleadservices.com&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fcashtime%2FDocuments%2FQBPAGE%2Findex.html&tiba=Intuit%20QuickBooks%20Online%C2%AE%20Accounting%20Software%20Online.%20Get%20Started!&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.125%7CMicrosoft%2520Edge%3B108.0.1462.54&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=anXZY4e9B4GoYtPWktgE&random=915212556&ipr=y&prhg=0
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-conversion/951424056/?random=170521400&cv=11&fst=1671838418615&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=400&u_h=564&label=i0NrCN7zw9oBELio1sUD&hn=www.googleadservices.com&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fcashtime%2FDocuments%2FQBPAGE%2Findex.html&tiba=Intuit%20QuickBooks%20Online%C2%AE%20Accounting%20Software%20Online.%20Get%20Started!&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.125%7CMicrosoft%2520Edge%3B108.0.1462.54&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=anXZY4e9B4GoYtPWktgE&random=915212556&ipr=y&prhg=0
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/951424056/?random=170521400&cv=11&fst=1671838418615&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=400&u_h=564&label=i0NrCN7zw9oBELio1sUD&hn=www.googleadservices.com&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fcashtime%2FDocuments%2FQBPAGE%2Findex.html&tiba=Intuit%20QuickBooks%20Online%C2%AE%20Accounting%20Software%20Online.%20Get%20Started!&did=dYmQxMT&gdid=dYmQxMT>m_ee=1&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.125%7CMicrosoft%2520Edge%3B108.0.1462.54&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=anXZY4e9B4GoYtPWktgE&random=915212556&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://intuit.connect.com.do/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 20:09:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:09:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1675195772307&url=https%3A%2F%2Fintuit.connect.com.do%2F%3FTRANSACTION_ID%3DNx5D-2BL7321DQ
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1675195772307&url=https%3A%2F%2Fintuit.connect.com.do%2F%3FTRANSACTION_ID%3DNx5D-2BL7321DQ
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=&time=1675195772307&url=https%3A%2F%2Fintuit.connect.com.do%2F%3FTRANSACTION_ID%3DNx5D-2BL7321DQ HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&7c344d91-3832-401b-8a7a-a2b39265083e"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 31-Jan-2024 20:09:14 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2452:u=1:x=1:i=1675195754:t=1675282154:v=2:sig=AQGd_afMyHjyKMMSBYLKdMZayETOZX_Y"; Expires=Wed, 01 Feb 2023 20:09:14 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXzlOfhvrptLdVtmyrChQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 63CE84AA48534E7DBB68B13185412193 Ref B: OSL30EDGE0409 Ref C: 2023-01-31T20:09:14Z
date: Tue, 31 Jan 2023 20:09:14 GMT
content-length: 0
X-Firefox-Spdy: h2
tr.outbrain.com/log?apiObjVersion=undefined&obtpVersion=2.0.5&msg=%7B%22error%22%3A%22LOAD%22%2C%20%22apiObjVersion%22%3A%20undefined%2C%20%22marketerID%22%3A%20undefined%2C%20%22referrer%22%3A%20%2C%20%22extra%22%3A%20%7B%22name%22%3A%22TypeError%22%2C%22line%22%3A%221%22%2C%22script%22%3A%22https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%22%2C%22stack%22%3A%22368%2Ft.runQ%40https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%3A1%3A2159%0A81%40https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%3A1%3A3433%0An%40https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%3A1%3A17689%0A%40https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%3A1%3A17729%0A%40https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%3A1%3A17735%0A%22%2C%22message%22%3A%22can%27t%20access%20property%20%22length%22%2C%20apiObj.queue%20is%20undefined%22%7D%7D
70.42.32.31200 OK 53 B URL HTTP/1.1 tr.outbrain.com/log?apiObjVersion=undefined&obtpVersion=2.0.5&msg=%7B%22error%22%3A%22LOAD%22%2C%20%22apiObjVersion%22%3A%20undefined%2C%20%22marketerID%22%3A%20undefined%2C%20%22referrer%22%3A%20%2C%20%22extra%22%3A%20%7B%22name%22%3A%22TypeError%22%2C%22line%22%3A%221%22%2C%22script%22%3A%22https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%22%2C%22stack%22%3A%22368%2Ft.runQ%40https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%3A1%3A2159%0A81%40https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%3A1%3A3433%0An%40https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%3A1%3A17689%0A%40https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%3A1%3A17729%0A%40https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%3A1%3A17735%0A%22%2C%22message%22%3A%22can%27t%20access%20property%20%22length%22%2C%20apiObj.queue%20is%20undefined%22%7D%7D
IP 70.42.32.31:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 414bd2a5161db03fdd910327b42c6daa
65d4cf50496813c5f1a34eddd5c50dc67d44ff47
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
GET /log?apiObjVersion=undefined&obtpVersion=2.0.5&msg=%7B%22error%22%3A%22LOAD%22%2C%20%22apiObjVersion%22%3A%20undefined%2C%20%22marketerID%22%3A%20undefined%2C%20%22referrer%22%3A%20%2C%20%22extra%22%3A%20%7B%22name%22%3A%22TypeError%22%2C%22line%22%3A%221%22%2C%22script%22%3A%22https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%22%2C%22stack%22%3A%22368%2Ft.runQ%40https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%3A1%3A2159%0A81%40https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%3A1%3A3433%0An%40https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%3A1%3A17689%0A%40https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%3A1%3A17729%0A%40https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%3A1%3A17735%0A%22%2C%22message%22%3A%22can%27t%20access%20property%20%22length%22%2C%20apiObj.queue%20is%20undefined%22%7D%7D HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:09:14 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: d01b22a55d33315c37cd64e6562e683c
sci.intuit.com/id?d_visid_ver=4.4.0&d_fieldgroup=MC&mcorgid=969430F0543F253D0A4C98C6%40AdobeOrg&ts=1675195773103
13.37.25.97200 OK 89 B URL HTTP/2 sci.intuit.com/id?d_visid_ver=4.4.0&d_fieldgroup=MC&mcorgid=969430F0543F253D0A4C98C6%40AdobeOrg&ts=1675195773103
IP 13.37.25.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99519e53ce5fc2730765062689f798b6
7c7c61f23c02168434337994772024d58d565aee
fa6437adf7ebabdf1f7817d030ebf48d18406e92c947f53d1545e551b8964bd3
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&mcorgid=969430F0543F253D0A4C98C6%40AdobeOrg&ts=1675195773103 HTTP/1.1
Host: sci.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://intuit.connect.com.do
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Cookie: s_vi=[CS]v1|31ECBAB5042675E4-60000A47A4660C7B[CE]
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://intuit.connect.com.do
access-control-allow-credentials: true
date: Tue, 31 Jan 2023 20:09:14 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: AMCV_969430F0543F253D0A4C98C6%40AdobeOrg=0%7CMCMID%7C31851492968748358980219663219654269157; Path=/; Domain=intuit.com; Max-Age=63072000; Expires=Thu, 30 Jan 2025 20:09:09 GMT; SameSite=None; Secure
s_ecid=MCMID%7C31851492968748358980219663219654269157; Path=/; Domain=intuit.com; Max-Age=63072000; Expires=Thu, 30 Jan 2025 20:09:09 GMT; SameSite=None; Secure
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 89
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
c.go-mpulse.net/api/config.json?key=JMR2J-JRQ54-8U3H8-YDWCP-M9P79&d=accounts.intuit.com&t=5583986&v=1.720.0&sl=0&si=bc37671c-a3ef-46ff-9ab6-64be8e79ba61-rpd9bw&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=501160
23.38.200.138200 OK 51 B URL HTTP/1.1 c.go-mpulse.net/api/config.json?key=JMR2J-JRQ54-8U3H8-YDWCP-M9P79&d=accounts.intuit.com&t=5583986&v=1.720.0&sl=0&si=bc37671c-a3ef-46ff-9ab6-64be8e79ba61-rpd9bw&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=501160
IP 23.38.200.138:0
File type JSON data\012- , ASCII text
Hash 911e906e0252bd850453f4dbcd46ba4e
5952f8c6c24b2567b6574235c3e30c75869cd978
9ac7fec78cb90166f0a9aa0cf428ef8a65a46c49182070e9308dff9f658cbb84
GET /api/config.json?key=JMR2J-JRQ54-8U3H8-YDWCP-M9P79&d=accounts.intuit.com&t=5583986&v=1.720.0&sl=0&si=bc37671c-a3ef-46ff-9ab6-64be8e79ba61-rpd9bw&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=501160 HTTP/1.1
Host: c.go-mpulse.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.intuit.com
Connection: keep-alive
Referer: https://accounts.intuit.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Timing-Allow-Origin: *
Content-Length: 51
Date: Tue, 31 Jan 2023 20:09:15 GMT
Connection: keep-alive
Content-Type: application/json
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=969430F0543F253D0A4C98C6%40AdobeOrg&d_nsid=5&d_mid=31851492968748358980219663219654269157&d_cid_ic=AVID%0131ECBAB5042675E4-60000A47A4660C7B&ts=1675195773152
34.255.210.6200 OK 695 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=969430F0543F253D0A4C98C6%40AdobeOrg&d_nsid=5&d_mid=31851492968748358980219663219654269157&d_cid_ic=AVID%0131ECBAB5042675E4-60000A47A4660C7B&ts=1675195773152
IP 34.255.210.6:0
File type JSON data\012- , ASCII text, with very long lines (1516), with no line terminators
Hash 65c9ea4835022bc4f3c5dbe166a06dc7
cb3ee5a72fb1d50bd64eaafec4f2bcd720bc052f
21e479a53cd3904dcdfe580fdaee280d8d6a4e0b1da909c9ddab52bcd016b75d
GET /id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=969430F0543F253D0A4C98C6%40AdobeOrg&d_nsid=5&d_mid=31851492968748358980219663219654269157&d_cid_ic=AVID%0131ECBAB5042675E4-60000A47A4660C7B&ts=1675195773152 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://intuit.connect.com.do
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://intuit.connect.com.do
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-08dd6474c.edge-irl1.demdex.com 5 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=32061998375094116950234538078995264560; Max-Age=15552000; Expires=Sun, 30 Jul 2023 20:09:14 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: gMGl075RTeU=
Content-Length: 695
Connection: keep-alive
afp.intuit.com/zF6AE1qrev2LYMo4?2ce1b80f4197b65c=m1kZJVdbzYzuHXo3sVAV2NVNj2G8meX4o-FDdPDm4BK1UwXIqYRg4lItSOWVjKhABgo5U0ArciphPzGd9uuCgwG1W7DvvUCixr9bP4GxBvioQ4N5fwd9WrP3118gkeJDolaiNjEcugvVW2gs_nl65o-E28SKYmvkytkKROfubfYkdA
91.235.133.106200 OK 81 B URL HTTP/1.1 afp.intuit.com/zF6AE1qrev2LYMo4?2ce1b80f4197b65c=m1kZJVdbzYzuHXo3sVAV2NVNj2G8meX4o-FDdPDm4BK1UwXIqYRg4lItSOWVjKhABgo5U0ArciphPzGd9uuCgwG1W7DvvUCixr9bP4GxBvioQ4N5fwd9WrP3118gkeJDolaiNjEcugvVW2gs_nl65o-E28SKYmvkytkKROfubfYkdA
IP 91.235.133.106:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /zF6AE1qrev2LYMo4?2ce1b80f4197b65c=m1kZJVdbzYzuHXo3sVAV2NVNj2G8meX4o-FDdPDm4BK1UwXIqYRg4lItSOWVjKhABgo5U0ArciphPzGd9uuCgwG1W7DvvUCixr9bP4GxBvioQ4N5fwd9WrP3118gkeJDolaiNjEcugvVW2gs_nl65o-E28SKYmvkytkKROfubfYkdA HTTP/1.1
Host: afp.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Cookie: thx_guid=ac0626f934da70bf1f9b9e8d5512c763; tmx_guid=AAz3pnG_vhfU_WsMtRkS65jEC9BBAKz0y_HgFl9XjcBYr8sumT_K28Vx2yi58pBS6aOJpkLlO9fNQIMkuVlxTFV0BnH8Wg; s_vi=[CS]v1|31ECBAB5042675E4-60000A47A4660C7B[CE]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:09:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
afp.intuit.com/LjzZMubdWZe0DFgE?8e8687ebe43c95b5=pcmrWnUhDp596IdOvKl2ROpY7en8OgenV03qgIPSdXO0iGyk-gO72Se3es_raZGiYdNmKbrSK2Q3dZi_urRkj1m4AppEIqwJg_IexPGZAG8VKR2Qm1-1NXIwP9bKxAUa32J1_mL1TrUoxOCm4f0zbKhIo_WXQer-AiyUdVaX1qL27w
91.235.133.106200 OK 81 B URL HTTP/1.1 afp.intuit.com/LjzZMubdWZe0DFgE?8e8687ebe43c95b5=pcmrWnUhDp596IdOvKl2ROpY7en8OgenV03qgIPSdXO0iGyk-gO72Se3es_raZGiYdNmKbrSK2Q3dZi_urRkj1m4AppEIqwJg_IexPGZAG8VKR2Qm1-1NXIwP9bKxAUa32J1_mL1TrUoxOCm4f0zbKhIo_WXQer-AiyUdVaX1qL27w
IP 91.235.133.106:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /LjzZMubdWZe0DFgE?8e8687ebe43c95b5=pcmrWnUhDp596IdOvKl2ROpY7en8OgenV03qgIPSdXO0iGyk-gO72Se3es_raZGiYdNmKbrSK2Q3dZi_urRkj1m4AppEIqwJg_IexPGZAG8VKR2Qm1-1NXIwP9bKxAUa32J1_mL1TrUoxOCm4f0zbKhIo_WXQer-AiyUdVaX1qL27w HTTP/1.1
Host: afp.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Cookie: thx_guid=ac0626f934da70bf1f9b9e8d5512c763; tmx_guid=AAz3pnG_vhfU_WsMtRkS65jEC9BBAKz0y_HgFl9XjcBYr8sumT_K28Vx2yi58pBS6aOJpkLlO9fNQIMkuVlxTFV0BnH8Wg; s_vi=[CS]v1|31ECBAB5042675E4-60000A47A4660C7B[CE]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:09:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
afp.intuit.com/1TPK0EMA5JxcEp3N?11d0b0bc0de427b3=gOjCCbQQmcJAk4KLaHJi4YdJgLNamwrzS704hh9UcoWTtkLBPefOw5n-RgWkOTwkPi7gxaUS7Bsz5xLXmnftx71lLaIkGYGbIFg8xu-hO8l0FvuWMGac1uurw3IRAMwYL1eVtJzsM9_dj7XjtLB3npxi8Mw9d1tx3cY0mnIAQTMmP7k1bsBnS_uAnzD_LXfnBNqz9O1bFCttzD9MYvnWwHo&jb=353224246a736d753f4c6b667570246a73673d44696c757a266a7160753f46697265646d78266873603d4461726d646f782d3238313235
91.235.133.106200 OK 85 kB URL HTTP/1.1 afp.intuit.com/1TPK0EMA5JxcEp3N?11d0b0bc0de427b3=gOjCCbQQmcJAk4KLaHJi4YdJgLNamwrzS704hh9UcoWTtkLBPefOw5n-RgWkOTwkPi7gxaUS7Bsz5xLXmnftx71lLaIkGYGbIFg8xu-hO8l0FvuWMGac1uurw3IRAMwYL1eVtJzsM9_dj7XjtLB3npxi8Mw9d1tx3cY0mnIAQTMmP7k1bsBnS_uAnzD_LXfnBNqz9O1bFCttzD9MYvnWwHo&jb=353224246a736d753f4c6b667570246a73673d44696c757a266a7160753f46697265646d78266873603d4461726d646f782d3238313235
IP 91.235.133.106:0
File type ASCII text, with very long lines (4561)
Hash 7052fe03d16d2ca09ec1c78fc72d889c
b469d41086429341683038648bbf8421d92ffe56
f0e93c1328659c36547247a6bde524b666817849052f6e5e92b88c0537166a09
GET /1TPK0EMA5JxcEp3N?11d0b0bc0de427b3=gOjCCbQQmcJAk4KLaHJi4YdJgLNamwrzS704hh9UcoWTtkLBPefOw5n-RgWkOTwkPi7gxaUS7Bsz5xLXmnftx71lLaIkGYGbIFg8xu-hO8l0FvuWMGac1uurw3IRAMwYL1eVtJzsM9_dj7XjtLB3npxi8Mw9d1tx3cY0mnIAQTMmP7k1bsBnS_uAnzD_LXfnBNqz9O1bFCttzD9MYvnWwHo&jb=353224246a736d753f4c6b667570246a73673d44696c757a266a7160753f46697265646d78266873603d4461726d646f782d3238313235 HTTP/1.1
Host: afp.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Cookie: thx_guid=ac0626f934da70bf1f9b9e8d5512c763; tmx_guid=AAz3pnG_vhfU_WsMtRkS65jEC9BBAKz0y_HgFl9XjcBYr8sumT_K28Vx2yi58pBS6aOJpkLlO9fNQIMkuVlxTFV0BnH8Wg; s_vi=[CS]v1|31ECBAB5042675E4-60000A47A4660C7B[CE]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:09:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 11e8bc785af17497
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
34.120.237.76200 OK 220 B URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
IP 34.120.237.76:0
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash c786391e51f8bf3af24bcd2ca4fe3c29
7285f4534bb53da352c7184866dafcf78541d923
63248870b5f3dea4be65ae512e3c26f3af83123311321009585b23a2ee9f8f0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10898
x-amzn-requestid: e29f8dfc-07d4-4136-afaf-e1e067eea2ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zxGshIAMFw5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-5e87d2a44722af9e4e86c3d4;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: djoQmYTv7Rlq9tKKkJ5U1J3YeVSIs5yzSts_xRN3bdi27Ra8UfM6OQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:44:45 GMT
age: 80668
etag: "798c3538f3147ca77d317676ddd1bf040bd0f93b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
afp.intuit.com/f-lVkKO-x-zJZC3F?e2c9bd8c3acc7ed9=plCIh1P4zz9E7AV-JtcRxt1ywG9OfOyXYl_npEzcPWWYx4Is0ZUzyfft33Q6AjazwfyOFzJBoRx3ZgvW07vwL4yRTmbNTQ3KDWmVAD7rRb2Z-r654sgsjICGomd8dd7YSFt3bJyTUbnNHYECSVGXMg&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
91.235.133.106200 OK 5.9 kB URL HTTP/1.1 afp.intuit.com/f-lVkKO-x-zJZC3F?e2c9bd8c3acc7ed9=plCIh1P4zz9E7AV-JtcRxt1ywG9OfOyXYl_npEzcPWWYx4Is0ZUzyfft33Q6AjazwfyOFzJBoRx3ZgvW07vwL4yRTmbNTQ3KDWmVAD7rRb2Z-r654sgsjICGomd8dd7YSFt3bJyTUbnNHYECSVGXMg&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
IP 91.235.133.106:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (304), with CRLF, LF line terminators
Hash 88932c8286b3822d934ade28af3b284a
9e0f324055230cbcf51984c45b79637a6a83b0a0
c0b9599a9856c50c7e4162dede395e965bc7c1bd627152a126a1fe81f5c2520e
GET /f-lVkKO-x-zJZC3F?e2c9bd8c3acc7ed9=plCIh1P4zz9E7AV-JtcRxt1ywG9OfOyXYl_npEzcPWWYx4Is0ZUzyfft33Q6AjazwfyOFzJBoRx3ZgvW07vwL4yRTmbNTQ3KDWmVAD7rRb2Z-r654sgsjICGomd8dd7YSFt3bJyTUbnNHYECSVGXMg&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx HTTP/1.1
Host: afp.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Cookie: thx_guid=ac0626f934da70bf1f9b9e8d5512c763; tmx_guid=AAz3pnG_vhfU_WsMtRkS65jEC9BBAKz0y_HgFl9XjcBYr8sumT_K28Vx2yi58pBS6aOJpkLlO9fNQIMkuVlxTFV0BnH8Wg; s_vi=[CS]v1|31ECBAB5042675E4-60000A47A4660C7B[CE]; AMCV_969430F0543F253D0A4C98C6%40AdobeOrg=0%7CMCMID%7C31851492968748358980219663219654269157; s_ecid=MCMID%7C31851492968748358980219663219654269157
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:09:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Security-Policy: frame-src 'self'; connect-src 'self'; default-src 'none'; script-src 'self' 'unsafe-inline'; img-src *; style-src 'self' 'unsafe-inline'
X-UA-Compatible: IE=Edge
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5910
Keep-Alive: timeout=2, max=99
turbotax.demdex.net/dest5.html?d_nsid=5
52.49.9.98200 OK 2.8 kB URL HTTP/1.1 turbotax.demdex.net/dest5.html?d_nsid=5
IP 52.49.9.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=5 HTTP/1.1
Host: turbotax.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Tue, 31 Jan 2023 20:09:15 GMT
DCS: dcs-prod-irl1-2-v045-0b398da67.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:22:24 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: kCZ2aREYTiU=
Content-Length: 2791
Connection: keep-alive
afp.intuit.com/5VbtpndwiJQrvEhc?0e0f8c29a08b86fa=hc4_GinGROO2L0WT-Jglt-djQ1wCZYkvPbKowCgTQAdG7SaVTgPHWg_Wgd1CHQD8tuoF9xzbbnSxgdloxiy7nWstfPXxNM800hvmnxuTq4-22QnSbDTaEfZPkHLW9Ny3GKU4vDbGMqfkk4ZQT-A0w8B3ce4_Vbwwzg&jb=3336246e73613f373a373a3b333d6730376b313c37353360303661303734363633376064333736
91.235.133.106204 No Content 0 B URL HTTP/1.1 afp.intuit.com/5VbtpndwiJQrvEhc?0e0f8c29a08b86fa=hc4_GinGROO2L0WT-Jglt-djQ1wCZYkvPbKowCgTQAdG7SaVTgPHWg_Wgd1CHQD8tuoF9xzbbnSxgdloxiy7nWstfPXxNM800hvmnxuTq4-22QnSbDTaEfZPkHLW9Ny3GKU4vDbGMqfkk4ZQT-A0w8B3ce4_Vbwwzg&jb=3336246e73613f373a373a3b333d6730376b313c37353360303661303734363633376064333736
IP 91.235.133.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /5VbtpndwiJQrvEhc?0e0f8c29a08b86fa=hc4_GinGROO2L0WT-Jglt-djQ1wCZYkvPbKowCgTQAdG7SaVTgPHWg_Wgd1CHQD8tuoF9xzbbnSxgdloxiy7nWstfPXxNM800hvmnxuTq4-22QnSbDTaEfZPkHLW9Ny3GKU4vDbGMqfkk4ZQT-A0w8B3ce4_Vbwwzg&jb=3336246e73613f373a373a3b333d6730376b313c37353360303661303734363633376064333736 HTTP/1.1
Host: afp.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Cookie: thx_guid=ac0626f934da70bf1f9b9e8d5512c763; tmx_guid=AAz3pnG_vhfU_WsMtRkS65jEC9BBAKz0y_HgFl9XjcBYr8sumT_K28Vx2yi58pBS6aOJpkLlO9fNQIMkuVlxTFV0BnH8Wg; s_vi=[CS]v1|31ECBAB5042675E4-60000A47A4660C7B[CE]; AMCV_969430F0543F253D0A4C98C6%40AdobeOrg=0%7CMCMID%7C31851492968748358980219663219654269157; s_ecid=MCMID%7C31851492968748358980219663219654269157
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Tue, 31 Jan 2023 20:09:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/javascript
collection.decibelinsight.net/i/13878/337541/c.json
18.198.123.242200 OK 6.0 kB URL HTTP/2 collection.decibelinsight.net/i/13878/337541/c.json
IP 18.198.123.242:0
File type JSON data\012- HTML document, ASCII text, with very long lines (9388), with no line terminators
Hash f554cbdf57aaef2f58977fcfcdc14a40
70af3d059d9e3777232186dbcd65aa47059abcc2
0187e67d1018441bd3ace884b51d16bc68f59744d712acb4d33207d9334d5c56
GET /i/13878/337541/c.json HTTP/1.1
Host: collection.decibelinsight.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://intuit.connect.com.do
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:09:15 GMT
content-type: application/json
cache-control: private, max-age=1800
set-cookie: da_lid=-4A27C1BF9A7FEA1044F7BB99F05D40B3AF|0|0|0; Path=/i/13878/; Domain=.decibelinsight.net; Max-Age=31536000; HttpOnly; SameSite=None; Secure
da_sid=7914F28C8E3FAE8BD1A6AA13B25F0AB81C|3|0|3; Path=/i/13878/; Domain=.decibelinsight.net; Max-Age=1800; HttpOnly; SameSite=None; Secure
etag: W/000111138-1860972AA28
timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
access-control-allow-origin: https://intuit.connect.com.do
access-control-allow-credentials: true
vary: Origin
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
collection.decibelinsight.net/i/13878/337541/c.json
18.198.123.242200 OK 20 kB URL HTTP/2 collection.decibelinsight.net/i/13878/337541/c.json
IP 18.198.123.242:0
File type JSON data\012- HTML document, ASCII text, with very long lines (15506)
Hash e8f3fc0596132a9653f708cb71fea282
15e2781f28b06f6c9b5e2c85b707b2078aa1aa75
944cf3ad477dd5588672c20561c3e9269329553266bbabb68115fa6fd4a7d4ba
GET /i/13878/337541/c.json HTTP/1.1
Host: collection.decibelinsight.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://intuit.connect.com.do
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:09:15 GMT
content-type: application/json
cache-control: private, max-age=1800
set-cookie: da_lid=-4A27C1BF9A7FEA1044F5BB99F05D40B399|0|0|0; Path=/i/13878/; Domain=.decibelinsight.net; Max-Age=31536000; HttpOnly; SameSite=None; Secure
da_sid=7914F28C8E3FAE8BD1A4AA13B25F0AB82A|3|0|3; Path=/i/13878/; Domain=.decibelinsight.net; Max-Age=1800; HttpOnly; SameSite=None; Secure
etag: W/000111136-1860972AA1E
timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
access-control-allow-origin: https://intuit.connect.com.do
access-control-allow-credentials: true
vary: Origin
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
afp.intuit.com/tuxiQk7Ms7-8eYCC?1e7f665b260e7512=Mt9VR9YdoQM3WMnHml06NBE6GMwxxE90P-5Pjzx9nhrfYQCOlUo-SWRf2iN_pYYO6dDo9u_vAW7Xby-YHrsWvXZO7efRNQ15NxiUx_9xKzf-fU0PwbgC3Ru_MfgQ_bszVbLySQ6bWFEM3CavpZR8I-acEtM1Dy2W93kxB253w3qv3cIh5HrZxeGZeNFNa5sFbYTxJgOXHaJ9ypM6O9tRV_DX--E
91.235.133.106200 OK 13 kB URL HTTP/1.1 afp.intuit.com/tuxiQk7Ms7-8eYCC?1e7f665b260e7512=Mt9VR9YdoQM3WMnHml06NBE6GMwxxE90P-5Pjzx9nhrfYQCOlUo-SWRf2iN_pYYO6dDo9u_vAW7Xby-YHrsWvXZO7efRNQ15NxiUx_9xKzf-fU0PwbgC3Ru_MfgQ_bszVbLySQ6bWFEM3CavpZR8I-acEtM1Dy2W93kxB253w3qv3cIh5HrZxeGZeNFNa5sFbYTxJgOXHaJ9ypM6O9tRV_DX--E
IP 91.235.133.106:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash f90298556f1e6e8e54cb89404d174635
bfe7594264f46dd5d910ef89e8faa350e8fdd526
5dd5bd3f53a3f9ead1326efd325ac1a622affc581bdbf9e58736d80bbd6b2a8d
GET /tuxiQk7Ms7-8eYCC?1e7f665b260e7512=Mt9VR9YdoQM3WMnHml06NBE6GMwxxE90P-5Pjzx9nhrfYQCOlUo-SWRf2iN_pYYO6dDo9u_vAW7Xby-YHrsWvXZO7efRNQ15NxiUx_9xKzf-fU0PwbgC3Ru_MfgQ_bszVbLySQ6bWFEM3CavpZR8I-acEtM1Dy2W93kxB253w3qv3cIh5HrZxeGZeNFNa5sFbYTxJgOXHaJ9ypM6O9tRV_DX--E HTTP/1.1
Host: afp.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Cookie: thx_guid=ac0626f934da70bf1f9b9e8d5512c763; tmx_guid=AAz3pnG_vhfU_WsMtRkS65jEC9BBAKz0y_HgFl9XjcBYr8sumT_K28Vx2yi58pBS6aOJpkLlO9fNQIMkuVlxTFV0BnH8Wg; s_vi=[CS]v1|31ECBAB5042675E4-60000A47A4660C7B[CE]; AMCV_969430F0543F253D0A4C98C6%40AdobeOrg=0%7CMCMID%7C31851492968748358980219663219654269157; s_ecid=MCMID%7C31851492968748358980219663219654269157
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:09:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Security-Policy: frame-src 'self'; connect-src 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' ; style-src 'unsafe-inline'
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked
afp.intuit.com/5VbtpndwiJQrvEhc?0e0f8c29a08b86fa=hc4_GinGROO2L0WT-Jglt-djQ1wCZYkvPbKowCgTQAdG7SaVTgPHWg_Wgd1CHQD8tuoF9xzbbnSxgdloxiy7nWstfPXxNM800hvmnxuTq4-22QnSbDTaEfZPkHLW9Ny3GKU4vDbGMqfkk4ZQT-A0w8B3ce4_Vbwwzg&ja=3637302426633f30247a3f38266e3f3132303070313232362661643f3130383078313232322671787b3d3270302e667072353124313038322c313230342e313238302e333030302c33323a382c3131392c393230302e313232342e322c32267363643f3034266e683f68767c707b2733412d324e2530466b6e74776b742c636f6e6e6761742e616f6f2e6667253a4425334e545a414c534343544b4d4e5d49442533464c7835462d30424e3f333a3344512e647a3d24686a3d6237603830346438373363306435373262673830383561346e663f66666664622668716f3f4c696e757a246a73603d4469706d66677a253238313835246a716f753f4e696c7578266a7160753d446970656467782e6c686335313e266c6d76703d32247478643d555441246d617668703d3030393e6038386b303f656061366466633a626338613639333b6436616363323239633d34653130326930633966393463633436306433343634623564343b3024783d786e7567616e57666e61716825374766636c736521726e75676b6e5d776b66646775735f65656c69635f726c617b677227354566616e716521726c77676b665f69666f626d5f6963706f60617427374564616c736523726c7565696c5f737d696b69746965652d354766636c736723706e7567696e5d71686f616b7561746d253d47666164736d21726c7767696c5d7267616c706c637b6572273547666364736d23706c7d67616e5d766e635f726e617b657225354764616c716523706e7d67616c5f646d76696c747227354564636c716521706c7765696e5d7374675d7e696d7565722d354d66636c716521726e7565696e5f6a63746125374564616e7b652e61636435313e303a37332664643f643a306435346735313135313638616c64303530323c386b38636563333537326364613133393b63&jb=313131246c713f4d6d7a6b646c692732463d2e382530302a57696c666f75732532304c5625323231322e322d334a2732305f696636362531422530327834342533422730307274253141333835263229253a304f65616b6d2532443030333030313033273230446970656467782d30463138352630
91.235.133.106204 204 0 B URL HTTP/1.1 afp.intuit.com/5VbtpndwiJQrvEhc?0e0f8c29a08b86fa=hc4_GinGROO2L0WT-Jglt-djQ1wCZYkvPbKowCgTQAdG7SaVTgPHWg_Wgd1CHQD8tuoF9xzbbnSxgdloxiy7nWstfPXxNM800hvmnxuTq4-22QnSbDTaEfZPkHLW9Ny3GKU4vDbGMqfkk4ZQT-A0w8B3ce4_Vbwwzg&ja=3637302426633f30247a3f38266e3f3132303070313232362661643f3130383078313232322671787b3d3270302e667072353124313038322c313230342e313238302e333030302c33323a382c3131392c393230302e313232342e322c32267363643f3034266e683f68767c707b2733412d324e2530466b6e74776b742c636f6e6e6761742e616f6f2e6667253a4425334e545a414c534343544b4d4e5d49442533464c7835462d30424e3f333a3344512e647a3d24686a3d6237603830346438373363306435373262673830383561346e663f66666664622668716f3f4c696e757a246a73603d4469706d66677a253238313835246a716f753f4e696c7578266a7160753d446970656467782e6c686335313e266c6d76703d32247478643d555441246d617668703d3030393e6038386b303f656061366466633a626338613639333b6436616363323239633d34653130326930633966393463633436306433343634623564343b3024783d786e7567616e57666e61716825374766636c736521726e75676b6e5d776b66646775735f65656c69635f726c617b677227354566616e716521726c77676b665f69666f626d5f6963706f60617427374564616c736523726c7565696c5f737d696b69746965652d354766636c736723706e7567696e5d71686f616b7561746d253d47666164736d21726c7767696c5d7267616c706c637b6572273547666364736d23706c7d67616e5d766e635f726e617b657225354764616c716523706e7d67616c5f646d76696c747227354564636c716521706c7765696e5d7374675d7e696d7565722d354d66636c716521726e7565696e5f6a63746125374564616e7b652e61636435313e303a37332664643f643a306435346735313135313638616c64303530323c386b38636563333537326364613133393b63&jb=313131246c713f4d6d7a6b646c692732463d2e382530302a57696c666f75732532304c5625323231322e322d334a2732305f696636362531422530327834342533422730307274253141333835263229253a304f65616b6d2532443030333030313033273230446970656467782d30463138352630
IP 91.235.133.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /5VbtpndwiJQrvEhc?0e0f8c29a08b86fa=hc4_GinGROO2L0WT-Jglt-djQ1wCZYkvPbKowCgTQAdG7SaVTgPHWg_Wgd1CHQD8tuoF9xzbbnSxgdloxiy7nWstfPXxNM800hvmnxuTq4-22QnSbDTaEfZPkHLW9Ny3GKU4vDbGMqfkk4ZQT-A0w8B3ce4_Vbwwzg&ja=3637302426633f30247a3f38266e3f3132303070313232362661643f3130383078313232322671787b3d3270302e667072353124313038322c313230342e313238302e333030302c33323a382c3131392c393230302e313232342e322c32267363643f3034266e683f68767c707b2733412d324e2530466b6e74776b742c636f6e6e6761742e616f6f2e6667253a4425334e545a414c534343544b4d4e5d49442533464c7835462d30424e3f333a3344512e647a3d24686a3d6237603830346438373363306435373262673830383561346e663f66666664622668716f3f4c696e757a246a73603d4469706d66677a253238313835246a716f753f4e696c7578266a7160753d446970656467782e6c686335313e266c6d76703d32247478643d555441246d617668703d3030393e6038386b303f656061366466633a626338613639333b6436616363323239633d34653130326930633966393463633436306433343634623564343b3024783d786e7567616e57666e61716825374766636c736521726e75676b6e5d776b66646775735f65656c69635f726c617b677227354566616e716521726c77676b665f69666f626d5f6963706f60617427374564616c736523726c7565696c5f737d696b69746965652d354766636c736723706e7567696e5d71686f616b7561746d253d47666164736d21726c7767696c5d7267616c706c637b6572273547666364736d23706c7d67616e5d766e635f726e617b657225354764616c716523706e7d67616c5f646d76696c747227354564636c716521706c7765696e5d7374675d7e696d7565722d354d66636c716521726e7565696e5f6a63746125374564616e7b652e61636435313e303a37332664643f643a306435346735313135313638616c64303530323c386b38636563333537326364613133393b63&jb=313131246c713f4d6d7a6b646c692732463d2e382530302a57696c666f75732532304c5625323231322e322d334a2732305f696636362531422530327834342533422730307274253141333835263229253a304f65616b6d2532443030333030313033273230446970656467782d30463138352630 HTTP/1.1
Host: afp.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Cookie: thx_guid=ac0626f934da70bf1f9b9e8d5512c763; tmx_guid=AAz3pnG_vhfU_WsMtRkS65jEC9BBAKz0y_HgFl9XjcBYr8sumT_K28Vx2yi58pBS6aOJpkLlO9fNQIMkuVlxTFV0BnH8Wg; s_vi=[CS]v1|31ECBAB5042675E4-60000A47A4660C7B[CE]; AMCV_969430F0543F253D0A4C98C6%40AdobeOrg=0%7CMCMID%7C31851492968748358980219663219654269157; s_ecid=MCMID%7C31851492968748358980219663219654269157
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Tue, 31 Jan 2023 20:09:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
afp.intuit.com/fp/clear.png
91.235.133.106200 OK 81 B URL HTTP/1.1 afp.intuit.com/fp/clear.png
IP 91.235.133.106:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png HTTP/1.1
Host: afp.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*, v60nf4oj/11e8bc785af17497eefc0eb43129486ee9181b4214bb4bde
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://intuit.connect.com.do
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:09:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 31 Jan 2023 20:09:15 GMT
Expires: Sun, 30 Jan 2028 20:09:15 GMT
Etag: 376195a7a14b45bba85be60188f4c950
Cache-Control: private, must-revalidate, max-age=0
Access-Control-Allow-Origin: https://intuit.connect.com.do
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
afp.intuit.com/p20B-8JVUeN039DH?fc5df7374d4131c7=qPysVUQqy3QgGlZne_m17sj834Z8wOEVyb-zB3kSonJVPlLVgaqjWykAvC8E7k7iW5vmjEk6dlk5Uu9-VpgLsIb-6LxWL0CcJQBv7IE-MeYUn7m2u59p4NBiIj9P9AyszE6L8rrwse9sDDdLDat18u6moLMDTG2ULmAr5Vg
91.235.133.106200 OK 30 kB URL HTTP/1.1 afp.intuit.com/p20B-8JVUeN039DH?fc5df7374d4131c7=qPysVUQqy3QgGlZne_m17sj834Z8wOEVyb-zB3kSonJVPlLVgaqjWykAvC8E7k7iW5vmjEk6dlk5Uu9-VpgLsIb-6LxWL0CcJQBv7IE-MeYUn7m2u59p4NBiIj9P9AyszE6L8rrwse9sDDdLDat18u6moLMDTG2ULmAr5Vg
IP 91.235.133.106:0
File type ASCII text, with very long lines (15506)
Hash 4821beeb17dfee3a1be5f484e7f4b18b
e6cccffe724e012ac5495b0aad2a872607b0c745
2b32620d22b32770bab07f29a7a6b3b9b0fc23e7a7a04cfe0ebcc90e48a2dcbc
GET /p20B-8JVUeN039DH?fc5df7374d4131c7=qPysVUQqy3QgGlZne_m17sj834Z8wOEVyb-zB3kSonJVPlLVgaqjWykAvC8E7k7iW5vmjEk6dlk5Uu9-VpgLsIb-6LxWL0CcJQBv7IE-MeYUn7m2u59p4NBiIj9P9AyszE6L8rrwse9sDDdLDat18u6moLMDTG2ULmAr5Vg HTTP/1.1
Host: afp.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afp.intuit.com/f-lVkKO-x-zJZC3F?e2c9bd8c3acc7ed9=plCIh1P4zz9E7AV-JtcRxt1ywG9OfOyXYl_npEzcPWWYx4Is0ZUzyfft33Q6AjazwfyOFzJBoRx3ZgvW07vwL4yRTmbNTQ3KDWmVAD7rRb2Z-r654sgsjICGomd8dd7YSFt3bJyTUbnNHYECSVGXMg&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Cookie: thx_guid=ac0626f934da70bf1f9b9e8d5512c763; tmx_guid=AAz3pnG_vhfU_WsMtRkS65jEC9BBAKz0y_HgFl9XjcBYr8sumT_K28Vx2yi58pBS6aOJpkLlO9fNQIMkuVlxTFV0BnH8Wg; s_vi=[CS]v1|31ECBAB5042675E4-60000A47A4660C7B[CE]; AMCV_969430F0543F253D0A4C98C6%40AdobeOrg=0%7CMCMID%7C31851492968748358980219663219654269157; s_ecid=MCMID%7C31851492968748358980219663219654269157
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:09:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 11e8bc785af17497
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=96
Transfer-Encoding: chunked
ocsp.securetrust.com/
23.36.79.25200 OK 638 B IP 23.36.79.25:0
ASN #20940 Akamai International B.V.
Hash 80c6e1899e53973f879eb12c6d2f3964
1b5344d390a43b401fd80fb4d5454783cff6caee
b8ce8a11ac31422969286c126b044186689ce8fb8240d476367ab8200be0a72f
POST / HTTP/1.1
Host: ocsp.securetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 638
Date: Tue, 31 Jan 2023 20:09:15 GMT
Connection: keep-alive
v60nf4oj36374dxbt54hxgfxvlc4mbofvrtsh3y711e8bc785af17497am1.e.aa.online-metrix.net/WaWZzZb3bd2SGk-z?af34fbf38be94e55=NniLcyi91ZymKcckZtuVA2ISBWueS0FExKXdRhkG3LZ4N0nD00G-5cP0Ubp-LX2hclCSDNXDTwWQZbnlzLG9n9Lx40MPvYJdNo4xyiz9z-Kb6XKE-4nhRTmDVrl_VCEXsBRagkdWpOBlKuyDCu1-8SavAzCCo3nA0Xqdb70gQTI
91.235.134.131200 OK 81 B URL HTTP/1.1 v60nf4oj36374dxbt54hxgfxvlc4mbofvrtsh3y711e8bc785af17497am1.e.aa.online-metrix.net/WaWZzZb3bd2SGk-z?af34fbf38be94e55=NniLcyi91ZymKcckZtuVA2ISBWueS0FExKXdRhkG3LZ4N0nD00G-5cP0Ubp-LX2hclCSDNXDTwWQZbnlzLG9n9Lx40MPvYJdNo4xyiz9z-Kb6XKE-4nhRTmDVrl_VCEXsBRagkdWpOBlKuyDCu1-8SavAzCCo3nA0Xqdb70gQTI
IP 91.235.134.131:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /WaWZzZb3bd2SGk-z?af34fbf38be94e55=NniLcyi91ZymKcckZtuVA2ISBWueS0FExKXdRhkG3LZ4N0nD00G-5cP0Ubp-LX2hclCSDNXDTwWQZbnlzLG9n9Lx40MPvYJdNo4xyiz9z-Kb6XKE-4nhRTmDVrl_VCEXsBRagkdWpOBlKuyDCu1-8SavAzCCo3nA0Xqdb70gQTI HTTP/1.1
Host: v60nf4oj36374dxbt54hxgfxvlc4mbofvrtsh3y711e8bc785af17497am1.e.aa.online-metrix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:09:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81
Content-Type: image/png
afp.intuit.com/-8gLlkTrT3uT0sX2?e23a9193a4cd666a=DmuRM0C1NQval4YiCvvyJ_Eu7uS9zzWV4fH7pyRZOCSHBXvQjjt3_OkyIiR8IG0XKpXI-1YX9od5FuMwhqlBGKGBCMyB40XIdWUzUz7DQhPl7nwFQ73N8_Nm-zwuSp8v18AZdN-sqP6M_JpnvnEgFSUK6gLqZN4udQ&jf=3336246e73623f303235616c303e3664346e323c6334313a36343a64346330306262673a376430
91.235.133.106204 No Content 0 B URL HTTP/1.1 afp.intuit.com/-8gLlkTrT3uT0sX2?e23a9193a4cd666a=DmuRM0C1NQval4YiCvvyJ_Eu7uS9zzWV4fH7pyRZOCSHBXvQjjt3_OkyIiR8IG0XKpXI-1YX9od5FuMwhqlBGKGBCMyB40XIdWUzUz7DQhPl7nwFQ73N8_Nm-zwuSp8v18AZdN-sqP6M_JpnvnEgFSUK6gLqZN4udQ&jf=3336246e73623f303235616c303e3664346e323c6334313a36343a64346330306262673a376430
IP 91.235.133.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /-8gLlkTrT3uT0sX2?e23a9193a4cd666a=DmuRM0C1NQval4YiCvvyJ_Eu7uS9zzWV4fH7pyRZOCSHBXvQjjt3_OkyIiR8IG0XKpXI-1YX9od5FuMwhqlBGKGBCMyB40XIdWUzUz7DQhPl7nwFQ73N8_Nm-zwuSp8v18AZdN-sqP6M_JpnvnEgFSUK6gLqZN4udQ&jf=3336246e73623f303235616c303e3664346e323c6334313a36343a64346330306262673a376430 HTTP/1.1
Host: afp.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afp.intuit.com/aDwTjdPyf2pmvc-D?e06d1d6f76b2defc=E5q2FAg9o7DQvtXMqFVvc6Mzhqumu3i-eh2pA9AbZpdSp0T3GD9YPoDmYR2tJz6h1UlLh7uIAh_qrC6Wr87BgkSoawYIpYhhKP9PBITRMrDnRGQ3Jc4GnkzZPCJnnAmXI5dCz0ZbEd8SdtlDrjkZ7mzIbkRlXXPENXCXtgXAvHeDINSB9n7_umBAtLF1C9XAp8Wq9J9uBI8lsyOZl6LB_ypz3A
Cookie: thx_guid=ac0626f934da70bf1f9b9e8d5512c763; tmx_guid=AAz3pnG_vhfU_WsMtRkS65jEC9BBAKz0y_HgFl9XjcBYr8sumT_K28Vx2yi58pBS6aOJpkLlO9fNQIMkuVlxTFV0BnH8Wg; s_vi=[CS]v1|31ECBAB5042675E4-60000A47A4660C7B[CE]; AMCV_969430F0543F253D0A4C98C6%40AdobeOrg=0%7CMCMID%7C31851492968748358980219663219654269157; s_ecid=MCMID%7C31851492968748358980219663219654269157; ivid=8fd7b3fc-7914-5f3c-9cf4-eb6d8dd1efeb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Tue, 31 Jan 2023 20:09:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: text/javascript
afp.intuit.com/HJICacJiyKOvcSAF?fc32dd85dee54bf2=IPR5U77rbm3jpGwjwMo3gChIhWoMthHkMyL4Gx3crKJ0PkKf-ZHpmvvlDF3i-j6IzN8apy0yEz-MMn8myksetAlxY2QmUnBuDozWCDNHpbphiWGkQaQbw6bChialRGTb5RpaFny8Ce-gTb-jFDVW65ApfBl2&fr
91.235.133.106200 OK 159 B URL HTTP/1.1 afp.intuit.com/HJICacJiyKOvcSAF?fc32dd85dee54bf2=IPR5U77rbm3jpGwjwMo3gChIhWoMthHkMyL4Gx3crKJ0PkKf-ZHpmvvlDF3i-j6IzN8apy0yEz-MMn8myksetAlxY2QmUnBuDozWCDNHpbphiWGkQaQbw6bChialRGTb5RpaFny8Ce-gTb-jFDVW65ApfBl2&fr
IP 91.235.133.106:0
File type ASCII text, with no line terminators
Hash 0ec873f2ef5ca4b2487c0f2f731f7466
921e156ad870a4636bd65c42911038d8204fa4eb
e4c430824fc77e999c4f5d705592cb812e8cdbb899ce07a275978a1cef889f64
GET /HJICacJiyKOvcSAF?fc32dd85dee54bf2=IPR5U77rbm3jpGwjwMo3gChIhWoMthHkMyL4Gx3crKJ0PkKf-ZHpmvvlDF3i-j6IzN8apy0yEz-MMn8myksetAlxY2QmUnBuDozWCDNHpbphiWGkQaQbw6bChialRGTb5RpaFny8Ce-gTb-jFDVW65ApfBl2&fr HTTP/1.1
Host: afp.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afp.intuit.com/aDwTjdPyf2pmvc-D?e06d1d6f76b2defc=E5q2FAg9o7DQvtXMqFVvc6Mzhqumu3i-eh2pA9AbZpdSp0T3GD9YPoDmYR2tJz6h1UlLh7uIAh_qrC6Wr87BgkSoawYIpYhhKP9PBITRMrDnRGQ3Jc4GnkzZPCJnnAmXI5dCz0ZbEd8SdtlDrjkZ7mzIbkRlXXPENXCXtgXAvHeDINSB9n7_umBAtLF1C9XAp8Wq9J9uBI8lsyOZl6LB_ypz3A
Cookie: thx_guid=ac0626f934da70bf1f9b9e8d5512c763; tmx_guid=AAz3pnG_vhfU_WsMtRkS65jEC9BBAKz0y_HgFl9XjcBYr8sumT_K28Vx2yi58pBS6aOJpkLlO9fNQIMkuVlxTFV0BnH8Wg; s_vi=[CS]v1|31ECBAB5042675E4-60000A47A4660C7B[CE]; AMCV_969430F0543F253D0A4C98C6%40AdobeOrg=0%7CMCMID%7C31851492968748358980219663219654269157; s_ecid=MCMID%7C31851492968748358980219663219654269157; ivid=8fd7b3fc-7914-5f3c-9cf4-eb6d8dd1efeb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:09:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked
afp.intuit.com/FKGoJAIDz8H6GSmz?8c1280a6d157c070=ugs0EO-4osNt__Ufe_GmI1ah6E6K1rsj9GV6Hu9-8A9xjzT8SzBSXygbLIGwHlKHZtivfDUwj98TbRP0eT5H0OHliH83xz8xHqTqlAI4hhm5-Z9TeY1xRvXDrF142YR7QSzCgO435rTrnkPrUKTQPrSs2Qcn3YfNIHp2uNT-xBOE4iDlFVUr7gh2TOw_QqhvHGLJJFxONLhPaobICItVnL7thQ&jf=343134247369665f706e6635746c705f495e783e55704161574f6e6b4677544a26736b665f646374673d333e373d3339353f373b267169665f747b72653f7765623a676164736326716966576b6d7b3d3338353133323131303632353263383634386167336432323231323e30303061383e343063673366303332333035303334323232303461363466326b613a30323239366a343b333162613b35353b346131303033636164346061343832393663333f343e343139366232303a3537396234383064356336393461306c323f64376631373f3532353735613b603632323564303767363263313b65613e643b6039336d623c623a6231323966636536353433373a3a393524736b645d7b696f3f33303c35383230303332336161636039363137313432343a666062323a31393738363a333c66366661666634633364353736336633376234663237353e393a6439646e306a3234343232323332303b3138613161363539376164626669313a3732353e66386463663736393b36336736663639333763663a303a613b38326d3566366c656a31346466663631673124736966723f32
91.235.133.106204 204 0 B URL HTTP/1.1 afp.intuit.com/FKGoJAIDz8H6GSmz?8c1280a6d157c070=ugs0EO-4osNt__Ufe_GmI1ah6E6K1rsj9GV6Hu9-8A9xjzT8SzBSXygbLIGwHlKHZtivfDUwj98TbRP0eT5H0OHliH83xz8xHqTqlAI4hhm5-Z9TeY1xRvXDrF142YR7QSzCgO435rTrnkPrUKTQPrSs2Qcn3YfNIHp2uNT-xBOE4iDlFVUr7gh2TOw_QqhvHGLJJFxONLhPaobICItVnL7thQ&jf=343134247369665f706e6635746c705f495e783e55704161574f6e6b4677544a26736b665f646374673d333e373d3339353f373b267169665f747b72653f7765623a676164736326716966576b6d7b3d3338353133323131303632353263383634386167336432323231323e30303061383e343063673366303332333035303334323232303461363466326b613a30323239366a343b333162613b35353b346131303033636164346061343832393663333f343e343139366232303a3537396234383064356336393461306c323f64376631373f3532353735613b603632323564303767363263313b65613e643b6039336d623c623a6231323966636536353433373a3a393524736b645d7b696f3f33303c35383230303332336161636039363137313432343a666062323a31393738363a333c66366661666634633364353736336633376234663237353e393a6439646e306a3234343232323332303b3138613161363539376164626669313a3732353e66386463663736393b36336736663639333763663a303a613b38326d3566366c656a31346466663631673124736966723f32
IP 91.235.133.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /FKGoJAIDz8H6GSmz?8c1280a6d157c070=ugs0EO-4osNt__Ufe_GmI1ah6E6K1rsj9GV6Hu9-8A9xjzT8SzBSXygbLIGwHlKHZtivfDUwj98TbRP0eT5H0OHliH83xz8xHqTqlAI4hhm5-Z9TeY1xRvXDrF142YR7QSzCgO435rTrnkPrUKTQPrSs2Qcn3YfNIHp2uNT-xBOE4iDlFVUr7gh2TOw_QqhvHGLJJFxONLhPaobICItVnL7thQ&jf=343134247369665f706e6635746c705f495e783e55704161574f6e6b4677544a26736b665f646374673d333e373d3339353f373b267169665f747b72653f7765623a676164736326716966576b6d7b3d3338353133323131303632353263383634386167336432323231323e30303061383e343063673366303332333035303334323232303461363466326b613a30323239366a343b333162613b35353b346131303033636164346061343832393663333f343e343139366232303a3537396234383064356336393461306c323f64376631373f3532353735613b603632323564303767363263313b65613e643b6039336d623c623a6231323966636536353433373a3a393524736b645d7b696f3f33303c35383230303332336161636039363137313432343a666062323a31393738363a333c66366661666634633364353736336633376234663237353e393a6439646e306a3234343232323332303b3138613161363539376164626669313a3732353e66386463663736393b36336736663639333763663a303a613b38326d3566366c656a31346466663631673124736966723f32 HTTP/1.1
Host: afp.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Cookie: thx_guid=ac0626f934da70bf1f9b9e8d5512c763; tmx_guid=AAz3pnG_vhfU_WsMtRkS65jEC9BBAKz0y_HgFl9XjcBYr8sumT_K28Vx2yi58pBS6aOJpkLlO9fNQIMkuVlxTFV0BnH8Wg; s_vi=[CS]v1|31ECBAB5042675E4-60000A47A4660C7B[CE]; AMCV_969430F0543F253D0A4C98C6%40AdobeOrg=0%7CMCMID%7C31851492968748358980219663219654269157; s_ecid=MCMID%7C31851492968748358980219663219654269157; ivid=8fd7b3fc-7914-5f3c-9cf4-eb6d8dd1efeb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Tue, 31 Jan 2023 20:09:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: image/png;charset=UTF-8
Keep-Alive: timeout=2, max=98
afp.intuit.com/axIKrSnJSPqBjVuk?7cd6f93f8d67fa25=MaDlgzkkEpP9xcN4ahMg_WMF3l1BhtaI-J8P0ctLC9LaB2C8sNysqCazv8rbHB7DjD7B0G_jyjdUJG5uT84SFeo9KUNiz6F8NZZatIPGqP072YTR5zILwazI5XBqmUraUZefYKBieorPJy6bWpLCL4zB2BPD0zkeuaJA5QbYIVZnxZmHMicC4tu-Hi8qllFZJ-3PDWzDHnLMMXsitoKhFA&sera_parametere=V0FYWgQHBgACBVNTAwEJUQIEUA9RUAMAB1EHAFIGXABVBFMKUQYGDwVWBBdERwReX0EQTBFGBHwQViQUAHAcBQFbFl0OBlpdWxUVFARwHABzAUAPJkYFCF0OFUVEEQpzFAYnHVUnEVxcXAUJAgNfVFUHUF0HUQQMAFFfCAFWWwEFU1AMV1cOW1FRAFJRDAkFUwZDVg0NVF0IUFdUD1ZaAAkEBF5TVAMBAkcMQgoEQVJVV1EOUQdRDARYXlQPAghSUAFdXlVbBAhTBFMDDgANAFRUB1xVV1MeVAhbAA8FARFYWFgVU0VHUQhYXwgODB9fWgxDWl8lXkpQBwlJEVZPCgABUB4ADEQFeQgIRE8SWlUMRQFCPQBWVFkDB1JcElxDDAlR&count=0&max=0
91.235.133.106200 OK 61 B URL HTTP/1.1 afp.intuit.com/axIKrSnJSPqBjVuk?7cd6f93f8d67fa25=MaDlgzkkEpP9xcN4ahMg_WMF3l1BhtaI-J8P0ctLC9LaB2C8sNysqCazv8rbHB7DjD7B0G_jyjdUJG5uT84SFeo9KUNiz6F8NZZatIPGqP072YTR5zILwazI5XBqmUraUZefYKBieorPJy6bWpLCL4zB2BPD0zkeuaJA5QbYIVZnxZmHMicC4tu-Hi8qllFZJ-3PDWzDHnLMMXsitoKhFA&sera_parametere=V0FYWgQHBgACBVNTAwEJUQIEUA9RUAMAB1EHAFIGXABVBFMKUQYGDwVWBBdERwReX0EQTBFGBHwQViQUAHAcBQFbFl0OBlpdWxUVFARwHABzAUAPJkYFCF0OFUVEEQpzFAYnHVUnEVxcXAUJAgNfVFUHUF0HUQQMAFFfCAFWWwEFU1AMV1cOW1FRAFJRDAkFUwZDVg0NVF0IUFdUD1ZaAAkEBF5TVAMBAkcMQgoEQVJVV1EOUQdRDARYXlQPAghSUAFdXlVbBAhTBFMDDgANAFRUB1xVV1MeVAhbAA8FARFYWFgVU0VHUQhYXwgODB9fWgxDWl8lXkpQBwlJEVZPCgABUB4ADEQFeQgIRE8SWlUMRQFCPQBWVFkDB1JcElxDDAlR&count=0&max=0
IP 91.235.133.106:0
File type ASCII text, with no line terminators
Hash d6eb4209be7eb7c2ea1a2be7e77ad820
f08459d593e8724ffce9ca0228af6f7f60cf5701
687ae04a18d5036cda4c29e8e0913c6ff55ecb87b66d17b1aa901100c643816c
GET /axIKrSnJSPqBjVuk?7cd6f93f8d67fa25=MaDlgzkkEpP9xcN4ahMg_WMF3l1BhtaI-J8P0ctLC9LaB2C8sNysqCazv8rbHB7DjD7B0G_jyjdUJG5uT84SFeo9KUNiz6F8NZZatIPGqP072YTR5zILwazI5XBqmUraUZefYKBieorPJy6bWpLCL4zB2BPD0zkeuaJA5QbYIVZnxZmHMicC4tu-Hi8qllFZJ-3PDWzDHnLMMXsitoKhFA&sera_parametere=V0FYWgQHBgACBVNTAwEJUQIEUA9RUAMAB1EHAFIGXABVBFMKUQYGDwVWBBdERwReX0EQTBFGBHwQViQUAHAcBQFbFl0OBlpdWxUVFARwHABzAUAPJkYFCF0OFUVEEQpzFAYnHVUnEVxcXAUJAgNfVFUHUF0HUQQMAFFfCAFWWwEFU1AMV1cOW1FRAFJRDAkFUwZDVg0NVF0IUFdUD1ZaAAkEBF5TVAMBAkcMQgoEQVJVV1EOUQdRDARYXlQPAghSUAFdXlVbBAhTBFMDDgANAFRUB1xVV1MeVAhbAA8FARFYWFgVU0VHUQhYXwgODB9fWgxDWl8lXkpQBwlJEVZPCgABUB4ADEQFeQgIRE8SWlUMRQFCPQBWVFkDB1JcElxDDAlR&count=0&max=0 HTTP/1.1
Host: afp.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afp.intuit.com/f-lVkKO-x-zJZC3F?e2c9bd8c3acc7ed9=plCIh1P4zz9E7AV-JtcRxt1ywG9OfOyXYl_npEzcPWWYx4Is0ZUzyfft33Q6AjazwfyOFzJBoRx3ZgvW07vwL4yRTmbNTQ3KDWmVAD7rRb2Z-r654sgsjICGomd8dd7YSFt3bJyTUbnNHYECSVGXMg&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Cookie: thx_guid=ac0626f934da70bf1f9b9e8d5512c763; tmx_guid=AAz3pnG_vhfU_WsMtRkS65jEC9BBAKz0y_HgFl9XjcBYr8sumT_K28Vx2yi58pBS6aOJpkLlO9fNQIMkuVlxTFV0BnH8Wg; s_vi=[CS]v1|31ECBAB5042675E4-60000A47A4660C7B[CE]; AMCV_969430F0543F253D0A4C98C6%40AdobeOrg=0%7CMCMID%7C31851492968748358980219663219654269157; s_ecid=MCMID%7C31851492968748358980219663219654269157; ivid=8fd7b3fc-7914-5f3c-9cf4-eb6d8dd1efeb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:09:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=94
Transfer-Encoding: chunked
afp.intuit.com/5VbtpndwiJQrvEhc?0e0f8c29a08b86fa=hc4_GinGROO2L0WT-Jglt-djQ1wCZYkvPbKowCgTQAdG7SaVTgPHWg_Wgd1CHQD8tuoF9xzbbnSxgdloxiy7nWstfPXxNM800hvmnxuTq4-22QnSbDTaEfZPkHLW9Ny3GKU4vDbGMqfkk4ZQT-A0w8B3ce4_Vbwwzg&jac=1&je=3132332426706f3d6c6f2469756c6a3d646e353c6237343238303737636635656236323b636367646161373e373a3465633d31383661363a3536303a636739643039353b363631313630303b316c6632266d783b3d66663438656435623237383861643662373b666038646a656a6765336e3569616163663339343630
91.235.133.106204 No Content 0 B URL HTTP/1.1 afp.intuit.com/5VbtpndwiJQrvEhc?0e0f8c29a08b86fa=hc4_GinGROO2L0WT-Jglt-djQ1wCZYkvPbKowCgTQAdG7SaVTgPHWg_Wgd1CHQD8tuoF9xzbbnSxgdloxiy7nWstfPXxNM800hvmnxuTq4-22QnSbDTaEfZPkHLW9Ny3GKU4vDbGMqfkk4ZQT-A0w8B3ce4_Vbwwzg&jac=1&je=3132332426706f3d6c6f2469756c6a3d646e353c6237343238303737636635656236323b636367646161373e373a3465633d31383661363a3536303a636739643039353b363631313630303b316c6632266d783b3d66663438656435623237383861643662373b666038646a656a6765336e3569616163663339343630
IP 91.235.133.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /5VbtpndwiJQrvEhc?0e0f8c29a08b86fa=hc4_GinGROO2L0WT-Jglt-djQ1wCZYkvPbKowCgTQAdG7SaVTgPHWg_Wgd1CHQD8tuoF9xzbbnSxgdloxiy7nWstfPXxNM800hvmnxuTq4-22QnSbDTaEfZPkHLW9Ny3GKU4vDbGMqfkk4ZQT-A0w8B3ce4_Vbwwzg&jac=1&je=3132332426706f3d6c6f2469756c6a3d646e353c6237343238303737636635656236323b636367646161373e373a3465633d31383661363a3536303a636739643039353b363631313630303b316c6632266d783b3d66663438656435623237383861643662373b666038646a656a6765336e3569616163663339343630 HTTP/1.1
Host: afp.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Cookie: thx_guid=ac0626f934da70bf1f9b9e8d5512c763; tmx_guid=AAz3pnG_vhfU_WsMtRkS65jEC9BBAKz0y_HgFl9XjcBYr8sumT_K28Vx2yi58pBS6aOJpkLlO9fNQIMkuVlxTFV0BnH8Wg; s_vi=[CS]v1|31ECBAB5042675E4-60000A47A4660C7B[CE]; AMCV_969430F0543F253D0A4C98C6%40AdobeOrg=0%7CMCMID%7C31851492968748358980219663219654269157; s_ecid=MCMID%7C31851492968748358980219663219654269157; ivid=8fd7b3fc-7914-5f3c-9cf4-eb6d8dd1efeb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Tue, 31 Jan 2023 20:09:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: text/javascript
afp.intuit.com/_fZ-5_bnUgag7GXK?a216d19fce16958a=2nArU0glcgXx8ACES2-nfwgHfUDsfe4J-gchFkPvwkdueNGkIuBpHrlTMh8kIvFMj_pCA3g2a37JmCtqfPVwp5qysCGRBvW_NOsgLPwhaUFgbzmidbg5kO7m4cyvSinxhw8TQalQZMARTPR-3-SOuSHHIzRH9Tpi8z-aoH8FYCTXk97K_vIbnItU6CQbIp-d4ulHDGGmknAycnnPFBMvcC1LLQ&jac=1&je=31333a24266860643f3a756c5f3938636857303270735f333a706b5d30386c615f31386e6e5f303a72635d383a786a5f30326d615f333a716c5f323863755f313a73745d302c333030342e393230322c30243024302e302e31323a322c333032342c333038302e3132303024323c2e323424313269615f64616c71673a72735f64656463756c762c72726d65707c
91.235.133.106204 204 0 B URL HTTP/1.1 afp.intuit.com/_fZ-5_bnUgag7GXK?a216d19fce16958a=2nArU0glcgXx8ACES2-nfwgHfUDsfe4J-gchFkPvwkdueNGkIuBpHrlTMh8kIvFMj_pCA3g2a37JmCtqfPVwp5qysCGRBvW_NOsgLPwhaUFgbzmidbg5kO7m4cyvSinxhw8TQalQZMARTPR-3-SOuSHHIzRH9Tpi8z-aoH8FYCTXk97K_vIbnItU6CQbIp-d4ulHDGGmknAycnnPFBMvcC1LLQ&jac=1&je=31333a24266860643f3a756c5f3938636857303270735f333a706b5d30386c615f31386e6e5f303a72635d383a786a5f30326d615f333a716c5f323863755f313a73745d302c333030342e393230322c30243024302e302e31323a322c333032342c333038302e3132303024323c2e323424313269615f64616c71673a72735f64656463756c762c72726d65707c
IP 91.235.133.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_fZ-5_bnUgag7GXK?a216d19fce16958a=2nArU0glcgXx8ACES2-nfwgHfUDsfe4J-gchFkPvwkdueNGkIuBpHrlTMh8kIvFMj_pCA3g2a37JmCtqfPVwp5qysCGRBvW_NOsgLPwhaUFgbzmidbg5kO7m4cyvSinxhw8TQalQZMARTPR-3-SOuSHHIzRH9Tpi8z-aoH8FYCTXk97K_vIbnItU6CQbIp-d4ulHDGGmknAycnnPFBMvcC1LLQ&jac=1&je=31333a24266860643f3a756c5f3938636857303270735f333a706b5d30386c615f31386e6e5f303a72635d383a786a5f30326d615f333a716c5f323863755f313a73745d302c333030342e393230322c30243024302e302e31323a322c333032342c333038302e3132303024323c2e323424313269615f64616c71673a72735f64656463756c762c72726d65707c HTTP/1.1
Host: afp.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Cookie: thx_guid=ac0626f934da70bf1f9b9e8d5512c763; tmx_guid=AAz3pnG_vhfU_WsMtRkS65jEC9BBAKz0y_HgFl9XjcBYr8sumT_K28Vx2yi58pBS6aOJpkLlO9fNQIMkuVlxTFV0BnH8Wg; s_vi=[CS]v1|31ECBAB5042675E4-60000A47A4660C7B[CE]; AMCV_969430F0543F253D0A4C98C6%40AdobeOrg=0%7CMCMID%7C31851492968748358980219663219654269157; s_ecid=MCMID%7C31851492968748358980219663219654269157; ivid=8fd7b3fc-7914-5f3c-9cf4-eb6d8dd1efeb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Tue, 31 Jan 2023 20:09:15 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
afp.intuit.com/5VbtpndwiJQrvEhc?0e0f8c29a08b86fa=hc4_GinGROO2L0WT-Jglt-djQ1wCZYkvPbKowCgTQAdG7SaVTgPHWg_Wgd1CHQD8tuoF9xzbbnSxgdloxiy7nWstfPXxNM800hvmnxuTq4-22QnSbDTaEfZPkHLW9Ny3GKU4vDbGMqfkk4ZQT-A0w8B3ce4_Vbwwzg&jac=1&je=3235242477696f3d7565607a746b5d696e7c657a6e636c5d6d646c71
91.235.133.106204 No Content 0 B URL HTTP/1.1 afp.intuit.com/5VbtpndwiJQrvEhc?0e0f8c29a08b86fa=hc4_GinGROO2L0WT-Jglt-djQ1wCZYkvPbKowCgTQAdG7SaVTgPHWg_Wgd1CHQD8tuoF9xzbbnSxgdloxiy7nWstfPXxNM800hvmnxuTq4-22QnSbDTaEfZPkHLW9Ny3GKU4vDbGMqfkk4ZQT-A0w8B3ce4_Vbwwzg&jac=1&je=3235242477696f3d7565607a746b5d696e7c657a6e636c5d6d646c71
IP 91.235.133.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /5VbtpndwiJQrvEhc?0e0f8c29a08b86fa=hc4_GinGROO2L0WT-Jglt-djQ1wCZYkvPbKowCgTQAdG7SaVTgPHWg_Wgd1CHQD8tuoF9xzbbnSxgdloxiy7nWstfPXxNM800hvmnxuTq4-22QnSbDTaEfZPkHLW9Ny3GKU4vDbGMqfkk4ZQT-A0w8B3ce4_Vbwwzg&jac=1&je=3235242477696f3d7565607a746b5d696e7c657a6e636c5d6d646c71 HTTP/1.1
Host: afp.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Cookie: thx_guid=ac0626f934da70bf1f9b9e8d5512c763; tmx_guid=AAz3pnG_vhfU_WsMtRkS65jEC9BBAKz0y_HgFl9XjcBYr8sumT_K28Vx2yi58pBS6aOJpkLlO9fNQIMkuVlxTFV0BnH8Wg; s_vi=[CS]v1|31ECBAB5042675E4-60000A47A4660C7B[CE]; AMCV_969430F0543F253D0A4C98C6%40AdobeOrg=0%7CMCMID%7C31851492968748358980219663219654269157; s_ecid=MCMID%7C31851492968748358980219663219654269157; ivid=8fd7b3fc-7914-5f3c-9cf4-eb6d8dd1efeb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Tue, 31 Jan 2023 20:09:19 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/javascript
afp.intuit.com/_fZ-5_bnUgag7GXK?a216d19fce16958a=2nArU0glcgXx8ACES2-nfwgHfUDsfe4J-gchFkPvwkdueNGkIuBpHrlTMh8kIvFMj_pCA3g2a37JmCtqfPVwp5qysCGRBvW_NOsgLPwhaUFgbzmidbg5kO7m4cyvSinxhw8TQalQZMARTPR-3-SOuSHHIzRH9Tpi8z-aoH8FYCTXk97K_vIbnItU6CQbIp-d4ulHDGGmknAycnnPFBMvcC1LLQ&jac=1&je=31393424267065655d75726c617c673d253f422d323030273232273141273742253230746572273230253149332d3544253a432d323031273232273141273742253230776e6467666b6e676c30382732322d334925374264616c71672530432532324d5254494d4e2732302d324b3625354c253f4427324125323030253032253341273542253032776e666d66616c656438306b68676369626f7a3225303225334127374266636c7165273a432d30326360656b6b606f7a25323027324134253544273544253544
91.235.133.106204 204 0 B URL HTTP/1.1 afp.intuit.com/_fZ-5_bnUgag7GXK?a216d19fce16958a=2nArU0glcgXx8ACES2-nfwgHfUDsfe4J-gchFkPvwkdueNGkIuBpHrlTMh8kIvFMj_pCA3g2a37JmCtqfPVwp5qysCGRBvW_NOsgLPwhaUFgbzmidbg5kO7m4cyvSinxhw8TQalQZMARTPR-3-SOuSHHIzRH9Tpi8z-aoH8FYCTXk97K_vIbnItU6CQbIp-d4ulHDGGmknAycnnPFBMvcC1LLQ&jac=1&je=31393424267065655d75726c617c673d253f422d323030273232273141273742253230746572273230253149332d3544253a432d323031273232273141273742253230776e6467666b6e676c30382732322d334925374264616c71672530432532324d5254494d4e2732302d324b3625354c253f4427324125323030253032253341273542253032776e666d66616c656438306b68676369626f7a3225303225334127374266636c7165273a432d30326360656b6b606f7a25323027324134253544273544253544
IP 91.235.133.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_fZ-5_bnUgag7GXK?a216d19fce16958a=2nArU0glcgXx8ACES2-nfwgHfUDsfe4J-gchFkPvwkdueNGkIuBpHrlTMh8kIvFMj_pCA3g2a37JmCtqfPVwp5qysCGRBvW_NOsgLPwhaUFgbzmidbg5kO7m4cyvSinxhw8TQalQZMARTPR-3-SOuSHHIzRH9Tpi8z-aoH8FYCTXk97K_vIbnItU6CQbIp-d4ulHDGGmknAycnnPFBMvcC1LLQ&jac=1&je=31393424267065655d75726c617c673d253f422d323030273232273141273742253230746572273230253149332d3544253a432d323031273232273141273742253230776e6467666b6e676c30382732322d334925374264616c71672530432532324d5254494d4e2732302d324b3625354c253f4427324125323030253032253341273542253032776e666d66616c656438306b68676369626f7a3225303225334127374266636c7165273a432d30326360656b6b606f7a25323027324134253544273544253544 HTTP/1.1
Host: afp.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Cookie: thx_guid=ac0626f934da70bf1f9b9e8d5512c763; tmx_guid=AAz3pnG_vhfU_WsMtRkS65jEC9BBAKz0y_HgFl9XjcBYr8sumT_K28Vx2yi58pBS6aOJpkLlO9fNQIMkuVlxTFV0BnH8Wg; s_vi=[CS]v1|31ECBAB5042675E4-60000A47A4660C7B[CE]; AMCV_969430F0543F253D0A4C98C6%40AdobeOrg=0%7CMCMID%7C31851492968748358980219663219654269157; s_ecid=MCMID%7C31851492968748358980219663219654269157; ivid=8fd7b3fc-7914-5f3c-9cf4-eb6d8dd1efeb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Tue, 31 Jan 2023 20:09:19 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
afp.intuit.com/PoLta0GwddJ8VydF?64fed011d700721f=R0s21wpdZjTA0oIELh0oawtmUQH-r_k0dl4uyALiu6h-f-XBCph6OfjNlKZfjnBi6j8eywSF56oITjsl8aaR6q9VGVnDqDssFS9HK9rirgHfwijXPJLVwk-D3_MtldIQgVXfLAbknrH72XrdFfNMzhhie9toeZzQJQ
91.235.133.106204 No Content 0 B URL HTTP/1.1 afp.intuit.com/PoLta0GwddJ8VydF?64fed011d700721f=R0s21wpdZjTA0oIELh0oawtmUQH-r_k0dl4uyALiu6h-f-XBCph6OfjNlKZfjnBi6j8eywSF56oITjsl8aaR6q9VGVnDqDssFS9HK9rirgHfwijXPJLVwk-D3_MtldIQgVXfLAbknrH72XrdFfNMzhhie9toeZzQJQ
IP 91.235.133.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /PoLta0GwddJ8VydF?64fed011d700721f=R0s21wpdZjTA0oIELh0oawtmUQH-r_k0dl4uyALiu6h-f-XBCph6OfjNlKZfjnBi6j8eywSF56oITjsl8aaR6q9VGVnDqDssFS9HK9rirgHfwijXPJLVwk-D3_MtldIQgVXfLAbknrH72XrdFfNMzhhie9toeZzQJQ HTTP/1.1
Host: afp.intuit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 7
Origin: https://afp.intuit.com
Connection: keep-alive
Referer: https://afp.intuit.com/tuxiQk7Ms7-8eYCC?1e7f665b260e7512=Mt9VR9YdoQM3WMnHml06NBE6GMwxxE90P-5Pjzx9nhrfYQCOlUo-SWRf2iN_pYYO6dDo9u_vAW7Xby-YHrsWvXZO7efRNQ15NxiUx_9xKzf-fU0PwbgC3Ru_MfgQ_bszVbLySQ6bWFEM3CavpZR8I-acEtM1Dy2W93kxB253w3qv3cIh5HrZxeGZeNFNa5sFbYTxJgOXHaJ9ypM6O9tRV_DX--E
Cookie: thx_guid=ac0626f934da70bf1f9b9e8d5512c763; tmx_guid=AAz3pnG_vhfU_WsMtRkS65jEC9BBAKz0y_HgFl9XjcBYr8sumT_K28Vx2yi58pBS6aOJpkLlO9fNQIMkuVlxTFV0BnH8Wg; s_vi=[CS]v1|31ECBAB5042675E4-60000A47A4660C7B[CE]; AMCV_969430F0543F253D0A4C98C6%40AdobeOrg=0%7CMCMID%7C31851492968748358980219663219654269157; s_ecid=MCMID%7C31851492968748358980219663219654269157; ivid=8fd7b3fc-7914-5f3c-9cf4-eb6d8dd1efeb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Tue, 31 Jan 2023 20:09:19 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Access-Control-Allow-Origin: https://afp.intuit.com
Content-Type: text/javascript
plugin.intuitcdn.net/identity-authn-core-ui/scripts/2697-cab434da.js
104.88.1.143200 OK 0 B URL HTTP/2 plugin.intuitcdn.net/identity-authn-core-ui/scripts/2697-cab434da.js
IP 104.88.1.143:0
GET /identity-authn-core-ui/scripts/2697-cab434da.js HTTP/1.1
Host: plugin.intuitcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 29689
last-modified: Wed, 27 Apr 2022 17:07:17 GMT
etag: "3539b89b3222e1f3adca81a65fe5ec91"
x-amz-meta-version: 1.388.1-apr.2734.b.7
x-amz-meta-module: identity-authn-core-ui
x-amz-meta-type: plugin
x-amz-meta-slug: identity-authn-core-ui/1.388.1-apr.2734.b.7
x-amz-meta-id: identity-authn-core-ui
accept-ranges: bytes
server: AmazonS3
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
x-amz-cf-pop: ORD53-C2
x-amz-cf-id: 0pOYR284cRL5UedZmHa4JgO7hC2nvCNmKYbnbMHzdaaaw9b4WWi2mg==
date: Tue, 31 Jan 2023 20:09:13 GMT
timing-allow-origin: *, *
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=31556926, immutable
x-origin-src: uxf
X-Firefox-Spdy: h2
uxfabric.intuitcdn.net/analytics/202209072322/track-event-lib-performance.min.js
54.230.111.98200 OK 0 B URL HTTP/2 uxfabric.intuitcdn.net/analytics/202209072322/track-event-lib-performance.min.js
IP 54.230.111.98:0
GET /analytics/202209072322/track-event-lib-performance.min.js HTTP/1.1
Host: uxfabric.intuitcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 16:22:10 GMT
last-modified: Wed, 07 Sep 2022 23:29:23 GMT
etag: W/"41f96574f309b84d43e60da09113f1d9"
server: AmazonS3
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _8uO9ie8db9wKVizMeU_QJj5E1kEeqO6ZWu2I8HfEh3lViB55aLnlg==
age: 1136823
X-Firefox-Spdy: h2
collection.decibelinsight.net/i/13878/337541/c.json
18.198.123.242200 OK 0 B URL HTTP/2 collection.decibelinsight.net/i/13878/337541/c.json
IP 18.198.123.242:0
GET /i/13878/337541/c.json HTTP/1.1
Host: collection.decibelinsight.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://intuit.connect.com.do
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:09:15 GMT
content-type: application/json
cache-control: private, max-age=1800
set-cookie: da_lid=-4A27C1BF9A7FEA1044EABB99F05D40B390|0|0|0; Path=/i/13878/; Domain=.decibelinsight.net; Max-Age=31536000; HttpOnly; SameSite=None; Secure
da_sid=7914F28C8E3FAE8BD1BBAA13B25F0AB823|3|0|3; Path=/i/13878/; Domain=.decibelinsight.net; Max-Age=1800; HttpOnly; SameSite=None; Secure
etag: W/000111135-1860972AA17
timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
access-control-allow-origin: https://intuit.connect.com.do
access-control-allow-credentials: true
vary: Origin
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
collection.decibelinsight.net/i/13878/337541/c.json
18.198.123.242200 OK 0 B URL HTTP/2 collection.decibelinsight.net/i/13878/337541/c.json
IP 18.198.123.242:0
GET /i/13878/337541/c.json HTTP/1.1
Host: collection.decibelinsight.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://intuit.connect.com.do
Connection: keep-alive
Referer: https://intuit.connect.com.do/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:09:15 GMT
content-type: application/json
cache-control: private, max-age=1800
set-cookie: da_lid=-4A27C1BF9A7FEA1044F4BB99F05D40B3A6|0|0|0; Path=/i/13878/; Domain=.decibelinsight.net; Max-Age=31536000; HttpOnly; SameSite=None; Secure
da_sid=7914F28C8E3FAE8BD1A5AA13B25F0AB815|3|0|3; Path=/i/13878/; Domain=.decibelinsight.net; Max-Age=1800; HttpOnly; SameSite=None; Secure
etag: W/000111137-1860972AA21
timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
access-control-allow-origin: https://intuit.connect.com.do
access-control-allow-credentials: true
vary: Origin
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2