tracking.mysticvalleysupply.com/campaigns/hw330r8dvlbcc/track-url/aq4976znay5b5/a4f10613ba09d5118b38469b0935971d99a5c7da
178.33.101.212301 Moved Permanently 169 B URL HTTP/1.1 tracking.mysticvalleysupply.com/campaigns/hw330r8dvlbcc/track-url/aq4976znay5b5/a4f10613ba09d5118b38469b0935971d99a5c7da
IP 178.33.101.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 0f952b73d3f5586637ea9a5a789d48f4
b29aff4ffa1d4decd77db5160f920e1c6417e5e9
69d11528ee32902d0c47ed215877f0610399536f755db03ed02a77ecedd74751
Analyzer Verdict Alert fortinet Phishing
GET /campaigns/hw330r8dvlbcc/track-url/aq4976znay5b5/a4f10613ba09d5118b38469b0935971d99a5c7da HTTP/1.1
Host: tracking.mysticvalleysupply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.1
Date: Sat, 10 Dec 2022 06:07:49 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://tracking.mysticvalleysupply.com/campaigns/hw330r8dvlbcc/track-url/aq4976znay5b5/a4f10613ba09d5118b38469b0935971d99a5c7da
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8741
Expires: Sat, 10 Dec 2022 08:33:30 GMT
Date: Sat, 10 Dec 2022 06:07:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2806
Expires: Sat, 10 Dec 2022 06:54:35 GMT
Date: Sat, 10 Dec 2022 06:07:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 10 Dec 2022 05:33:19 GMT
content-type: application/json
age: 2070
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2245
Expires: Sat, 10 Dec 2022 06:45:14 GMT
Date: Sat, 10 Dec 2022 06:07:49 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gBwivvUYTOMpvChxlfT1ERrki90zk6v88iAdJ5h8b7+bx+Vt+T5Gt188191mwg0TXzY0Vuu4MKo=
x-amz-request-id: A5JS1CGRRGB3R40T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 10 Dec 2022 05:50:33 GMT
age: 1036
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 06:07:49 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bc09357930b6f33cee8b00af2c7bd596
752bd3ee5fde86627972867d4d9e0ffc17c213a0
ee16c74285d42e498dede55851fd9835ff798fe627076b386a35b71ca4cfe447
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE16C74285D42E498DEDE55851FD9835FF798FE627076B386A35B71CA4CFE447"
Last-Modified: Sat, 10 Dec 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21542
Expires: Sat, 10 Dec 2022 12:06:51 GMT
Date: Sat, 10 Dec 2022 06:07:49 GMT
Connection: keep-alive
tracking.mysticvalleysupply.com/campaigns/hw330r8dvlbcc/track-url/aq4976znay5b5/a4f10613ba09d5118b38469b0935971d99a5c7da
178.33.101.212301 Moved Permanently 169 B URL HTTP/1.1 tracking.mysticvalleysupply.com/campaigns/hw330r8dvlbcc/track-url/aq4976znay5b5/a4f10613ba09d5118b38469b0935971d99a5c7da
IP 178.33.101.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 0f952b73d3f5586637ea9a5a789d48f4
b29aff4ffa1d4decd77db5160f920e1c6417e5e9
69d11528ee32902d0c47ed215877f0610399536f755db03ed02a77ecedd74751
Analyzer Verdict Alert fortinet Phishing
GET /campaigns/hw330r8dvlbcc/track-url/aq4976znay5b5/a4f10613ba09d5118b38469b0935971d99a5c7da HTTP/1.1
Host: tracking.mysticvalleysupply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.1
Date: Sat, 10 Dec 2022 06:07:49 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://www.mysticvalleysupply.com/campaigns/hw330r8dvlbcc/track-url/aq4976znay5b5/a4f10613ba09d5118b38469b0935971d99a5c7da
www.mysticvalleysupply.com/campaigns/hw330r8dvlbcc/track-url/aq4976znay5b5/a4f10613ba09d5118b38469b0935971d99a5c7da
178.33.101.212301 Moved Permanently 0 B URL HTTP/1.1 www.mysticvalleysupply.com/campaigns/hw330r8dvlbcc/track-url/aq4976znay5b5/a4f10613ba09d5118b38469b0935971d99a5c7da
IP 178.33.101.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /campaigns/hw330r8dvlbcc/track-url/aq4976znay5b5/a4f10613ba09d5118b38469b0935971d99a5c7da HTTP/1.1
Host: www.mysticvalleysupply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.1
Date: Sat, 10 Dec 2022 06:07:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.29
Set-Cookie: mwsid=hin80jl8oqjtce58gb5s1gha87; path=/; HttpOnly
X-XSS-Protection: 1; mode=block
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 10 Dec 2022 06:07:50 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://engage.freshmarketadvantage.com/aff_c?offer_id=334&aff_id=11&aff_sub=MV1TCS35&aff_sub2=rtrent@gravitydiagnostics.com&aff_sub3=77&aff_sub4=2022-12-07 22:00:48&aff_sub5=&email=rtrent@gravitydiagnostics.com
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 10 Dec 2022 05:07:55 GMT
age: 3595
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5724
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 06:07:50 GMT
Last-Modified: Sat, 10 Dec 2022 04:32:26 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 67zHHw8fojggU4mlpGdhzA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dmeo8OY1s0ZQOVUaLrnInRuw0+o=
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 88426b4c95843ba744a033f1abba762a
1a6b9f06e318b6adabe21347b68711d13adda670
fba4702abab24790758dd1c8c37970619bbd0874b279f79a6d8f5286a8cea89f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=146113
Date: Sat, 10 Dec 2022 06:07:50 GMT
Etag: "6393b9f7-1d7"
Expires: Sun, 11 Dec 2022 22:43:03 GMT
Last-Modified: Fri, 09 Dec 2022 22:43:03 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Sb1Z_jF0bWtATkYx2UJR403alNr0x6FcG-2GjH7I5Ao86LMyZU_p5w==
engage.freshmarketadvantage.com/aff_c?offer_id=334&aff_id=11&aff_sub=MV1TCS35&aff_sub2=rtrent@gravitydiagnostics.com&aff_sub3=77&aff_sub4=2022-12-07%2022:00:48&aff_sub5=&email=rtrent@gravitydiagnostics.com
99.80.78.167302 Found 440 B URL HTTP/1.1 engage.freshmarketadvantage.com/aff_c?offer_id=334&aff_id=11&aff_sub=MV1TCS35&aff_sub2=rtrent@gravitydiagnostics.com&aff_sub3=77&aff_sub4=2022-12-07%2022:00:48&aff_sub5=&email=rtrent@gravitydiagnostics.com
IP 99.80.78.167:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (306)
Hash 88a2a52e2d546e632baded5645fbb50e
0b5796097b016c407d2709206239455255cb58a2
9903557391ea5b0cbe52aa5f6de85ed78350d98adb123ad43a5bf1d4cf0d182d
GET /aff_c?offer_id=334&aff_id=11&aff_sub=MV1TCS35&aff_sub2=rtrent@gravitydiagnostics.com&aff_sub3=77&aff_sub4=2022-12-07%2022:00:48&aff_sub5=&email=rtrent@gravitydiagnostics.com HTTP/1.1
Host: engage.freshmarketadvantage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 10 Dec 2022 06:07:50 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 440
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://offer.quickeasyfund.com?aid=503475&acid=24&subid=11:MV1TCS35&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname={fname}&lname={lname}&xi_resid={resid}&xi_oclkid={kid}
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_334=ENC03f70a03a536e65eb3eb4535daa5cbf3718001de4c4837a5eea7b75fcacfca9abcb4e9d2bad4becefdf9dd921d1ee96baf491515e402f1a67fc472e2b47426b6a33578c8e4ca29934896545fe7846cc07206ec65e111874d273be2d07c20df61b71f51b221f36975360522240d79732eaaf8b45be2d7c686f87d7c8740ae99e1cfc6e430c6e7f8914d1d07bea0efbe5b7ffacef2b5c5e03ba4663bacc13d6f6d290bb598eeb9cb2b5e0177575fe4925452e11656ffc2e41a9af86f42a05e940c481da20995; expires=Tue, 10 Jan 2023 06:07:50 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Mon, 03 Nov 2025 16:47:50 GMT; path=/; SameSite=None; Secure
Tracking_id: 102f5a9dc15c04b470702d9f8ab951
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 42af8f79a39ceea41310d7ac736f3bec
Access-Control-Allow-Headers: Tune-SDK-Version
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash cf97bc50c336a1ace4c31bb2ace10646
d18dede0c5163e55348f7594d4338e3880ab7c3e
04cc07e524e172c147301e9f395e2d52e281b66f8f95746a63e372f8906fd4fc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=157981
Date: Sat, 10 Dec 2022 06:07:51 GMT
Etag: "6393e854-1d7"
Expires: Mon, 12 Dec 2022 02:00:52 GMT
Last-Modified: Sat, 10 Dec 2022 02:00:52 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eamWpn5d0OMrgek6l6BD5T2D02UOOG_RPVy2t5Mq71Yjhghr_SxUaw==
offer.quickeasyfund.com/?aid=503475&acid=24&subid=11:MV1TCS35&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname={fname}&lname={lname}&xi_resid={resid}&xi_oclkid={kid}
52.25.125.214200 OK 408 B URL HTTP/2 offer.quickeasyfund.com/?aid=503475&acid=24&subid=11:MV1TCS35&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname={fname}&lname={lname}&xi_resid={resid}&xi_oclkid={kid}
IP 52.25.125.214:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (680), with CRLF line terminators
Hash c5b9be3e7d0655aba584a8bad35237d9
58fa452a53ff87bf0f99c93b3cadd156862c4a89
63217a01a8c673fb05da6c4709807ec28c790ed4c87469a2bba385d6fbd6eba5
GET /?aid=503475&acid=24&subid=11:MV1TCS35&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname={fname}&lname={lname}&xi_resid={resid}&xi_oclkid={kid} HTTP/1.1
Host: offer.quickeasyfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 10 Dec 2022 06:07:51 GMT
content-type: text/html; charset=UTF-8
content-length: 408
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.25
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token, accept-encoding, accept-language, host, referer, user-agent
x-powered-by: PHP/7.4.25
refresh: 1; url=https://www.quickeasyfund.com/?rtrcid=503475~e81fe3f1~1401025&rtrtid=11:MV1TCS35&rtrsid=1&xi_rtrtsrc=1&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2554&x_psac=2554&xi_cfg={"srtr":1,"ertr":1,"psrtr":1,"bcktr":1,"pv":[11,13]}&xi_tft={"rtrcid":"503475~e81fe3f1~1401025","xi_tier":"1"}&odata={"aid":"503475","acid":"24","subid":"11:MV1TCS35","x_offerid":"334","x_clickid":"102f5a9dc15c04b470702d9f8ab951","email":"rtrent@gravitydiagnostics.com","fname":"{fname}","lname":"{lname}","xi_resid":"{resid}","xi_oclkid":"{kid}","x_psac":"2554"}
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3152
Expires: Sat, 10 Dec 2022 07:00:24 GMT
Date: Sat, 10 Dec 2022 06:07:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3152
Expires: Sat, 10 Dec 2022 07:00:24 GMT
Date: Sat, 10 Dec 2022 06:07:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3152
Expires: Sat, 10 Dec 2022 07:00:24 GMT
Date: Sat, 10 Dec 2022 06:07:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3152
Expires: Sat, 10 Dec 2022 07:00:24 GMT
Date: Sat, 10 Dec 2022 06:07:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0df452512aae4c4c1f4a2cd263b16dfd
68bac75574641febc463bd0819392dae2da15811
e0a9301c5be849e116f1d98b819c2eb91f73e74d836f3e099f2cd266e8f0bb36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12743
x-amzn-requestid: 6ed8a5f4-45cd-45bd-9820-df450f612c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4E_-IAMFf3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-31d928fc430577b463a68bd0;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: YTqJN92gTy04q3obEXe4P1gmG2h9b2IQjjSkkUXyqnfFOL67uobN4Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:58:18 GMT
age: 29374
etag: "68bac75574641febc463bd0819392dae2da15811"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e8e86712ca485e90f958dc16ec8dbff
78de6033ca9bca46953483801f19591c2ff47bbe
2984d8b533e095654d5e1c5fa826dc93cbd16ac8bdb5d974fd2d283a86f44874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9084
x-amzn-requestid: 80dfc074-73f4-4b47-95fb-57169d32cf6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNbHhYoAMF2Kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa55-6f54d0bf6d9246cd48d44352;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8aHbgs9DELCrVY_4QHSKpScXzzCW7bdBlNh_YEUGaas-bJTd9nsSVg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:07 GMT
age: 29685
etag: "78de6033ca9bca46953483801f19591c2ff47bbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcdc2c9891132c82cd09ef237930877
3e112ad867e159d1bfdf9bfd2e2a04fea8248494
8d543255c1272d77981913e4b0e0e5efede8f4ffaa91572a3eee9e44ac035946
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8473
x-amzn-requestid: 40260408-5f10-42ed-832e-a8bc5d02e95c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5e9hGqwIAMFl2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393ab89-078ecefb64853b047acc2de7;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:41:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IlrFT2ydf78BXS67A0IN1KSc_OghPx7hpoY9wmwUxtX8Ivwth70F1w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:13:10 GMT
age: 28482
etag: "3e112ad867e159d1bfdf9bfd2e2a04fea8248494"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc287dc2-d769-4627-972b-c4304963fead.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc287dc2-d769-4627-972b-c4304963fead.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a164807db41edd8da259af2cec18b328
99f89631065869ff2f25762feb2f39af108b5ed8
400c635040d3d141ec35237e64380b7cd1ba02016a90e36e8376afc41a14cb0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc287dc2-d769-4627-972b-c4304963fead.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3357
x-amzn-requestid: 860c993a-e391-474a-b306-064c0faabc67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eLwFaSoAMFwfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4b-30dcd029382c1d825f2a0791;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -MI_dPaTXZPndQzYo2R9p-UiDQNyRh76-XU2fhwjXyKiTVRLjNc3fQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:04:04 GMT
age: 29028
etag: "99f89631065869ff2f25762feb2f39af108b5ed8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa7dc969-e455-4530-98cb-51f59a291532.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa7dc969-e455-4530-98cb-51f59a291532.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4b1e76689036da0767b475294169149
7c27783f10e44b5c575616feafc6cae87beb916f
52170edde4c4494252ff0c830f21e20a62b2dfc30df2fab5feef5db9d26cf0bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa7dc969-e455-4530-98cb-51f59a291532.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6947
x-amzn-requestid: 365129c8-2e68-4a0d-8a1e-935d01cd2f0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNUH6ooAMF5BQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa55-4182ddcb68b36bf624d758e3;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dFZzPhvzdz_SnEOa6sSy8DY0R-qnACOezHXN84OSOtPzqlyQKnZ8dw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:28:48 GMT
age: 27544
etag: "7c27783f10e44b5c575616feafc6cae87beb916f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:15 GMT
age: 82477
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
offer.quickeasyfund.com/favicon.ico
52.25.125.214404 Not Found 196 B URL HTTP/2 offer.quickeasyfund.com/favicon.ico
IP 52.25.125.214:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /favicon.ico HTTP/1.1
Host: offer.quickeasyfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://offer.quickeasyfund.com/?aid=503475&acid=24&subid=11:MV1TCS35&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname={fname}&lname={lname}&xi_resid={resid}&xi_oclkid={kid}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sat, 10 Dec 2022 06:07:52 GMT
content-type: text/html; charset=iso-8859-1
content-length: 196
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.25
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token, accept-encoding, accept-language, host, referer, user-agent
X-Firefox-Spdy: h2
www.quickeasyfund.com/common/assets/js/funnel/pvexl42step/final/lib/css/google_fonts.css?version=1670487785
44.228.143.47200 OK 1.2 kB URL HTTP/2 www.quickeasyfund.com/common/assets/js/funnel/pvexl42step/final/lib/css/google_fonts.css?version=1670487785
IP 44.228.143.47:0
Hash 8108c6011ba65ac5f0610b05074e9950
5f39fe89039d79a2926d9256081cd91497203964
b0c689c20a67111ad0b928d9be91f0aa8e2847e4719b00e9c1b18dd484859436
GET /common/assets/js/funnel/pvexl42step/final/lib/css/google_fonts.css?version=1670487785 HTTP/1.1
Host: www.quickeasyfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/?rtrcid=503475~e81fe3f1~1401025&rtrtid=11:MV1TCS35&rtrsid=1&xi_rtrtsrc=1&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2554&x_psac=2554&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e81fe3f1~1401025%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2224%22,%22subid%22:%2211:MV1TCS35%22,%22x_offerid%22:%22334%22,%22x_clickid%22:%22102f5a9dc15c04b470702d9f8ab951%22,%22email%22:%22rtrent@gravitydiagnostics.com%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222554%22}
Cookie: SCSSESSIONID=q54hb03sucvgq8omcegid20k49
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 06:07:54 GMT
content-type: text/css
content-length: 1167
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Fri, 09 Dec 2022 08:24:03 GMT
etag: "161a-5ef60e054380b-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.quickeasyfund.com/common/template/funnel/pvexl42step/dynamicStep/FF20/css/style.css?version=1670487785
44.228.143.47200 OK 6.3 kB URL HTTP/2 www.quickeasyfund.com/common/template/funnel/pvexl42step/dynamicStep/FF20/css/style.css?version=1670487785
IP 44.228.143.47:0
Hash ddc4e1f216f0bdcab9dee4d363da93ba
7ca076b60bf1ba59a4f138584d33b806c347af45
b6becb8a55ba08f77b512693e70b4724f6eaf46fb031ae37e9912442ae77c2f7
GET /common/template/funnel/pvexl42step/dynamicStep/FF20/css/style.css?version=1670487785 HTTP/1.1
Host: www.quickeasyfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/?rtrcid=503475~e81fe3f1~1401025&rtrtid=11:MV1TCS35&rtrsid=1&xi_rtrtsrc=1&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2554&x_psac=2554&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e81fe3f1~1401025%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2224%22,%22subid%22:%2211:MV1TCS35%22,%22x_offerid%22:%22334%22,%22x_clickid%22:%22102f5a9dc15c04b470702d9f8ab951%22,%22email%22:%22rtrent@gravitydiagnostics.com%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222554%22}
Cookie: SCSSESSIONID=q54hb03sucvgq8omcegid20k49
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 06:07:54 GMT
content-type: text/css
content-length: 6308
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Fri, 09 Dec 2022 08:24:03 GMT
etag: "5efd-5ef60e05e2af1-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.quickeasyfund.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_cookie_141.js?version=1670487785
44.228.143.47200 OK 696 B URL HTTP/2 www.quickeasyfund.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_cookie_141.js?version=1670487785
IP 44.228.143.47:0
File type ASCII text, with very long lines (1266)
Hash 61d49a466143545253d40c6c6a91226d
4f7f06c8b9794690bf1d513126156b46185a6c30
7319fe517f9aac436543b8bc617df02f653023519622d8a0c064368946961f5a
GET /common/assets/js/funnel/pvexl42step/final/lib/js/jquery_cookie_141.js?version=1670487785 HTTP/1.1
Host: www.quickeasyfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/?rtrcid=503475~e81fe3f1~1401025&rtrtid=11:MV1TCS35&rtrsid=1&xi_rtrtsrc=1&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2554&x_psac=2554&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e81fe3f1~1401025%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2224%22,%22subid%22:%2211:MV1TCS35%22,%22x_offerid%22:%22334%22,%22x_clickid%22:%22102f5a9dc15c04b470702d9f8ab951%22,%22email%22:%22rtrent@gravitydiagnostics.com%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222554%22}
Cookie: SCSSESSIONID=q54hb03sucvgq8omcegid20k49
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 06:07:54 GMT
content-type: application/javascript
content-length: 696
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Fri, 09 Dec 2022 08:24:03 GMT
etag: "514-5ef60e054a56b-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
offer.quickeasyfund.com/pxl.php?rxid=503475~e81fe3f1~1401025&tdat=11:MV1TCS35&evt=J1
52.25.125.214200 OK 43 B URL HTTP/2 offer.quickeasyfund.com/pxl.php?rxid=503475~e81fe3f1~1401025&tdat=11:MV1TCS35&evt=J1
IP 52.25.125.214:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /pxl.php?rxid=503475~e81fe3f1~1401025&tdat=11:MV1TCS35&evt=J1 HTTP/1.1
Host: offer.quickeasyfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 06:07:54 GMT
content-type: image/gif
content-length: 43
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.25
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token, accept-encoding, accept-language, host, referer, user-agent
x-powered-by: PHP/7.4.25
vary: User-Agent
X-Firefox-Spdy: h2
www.quickeasyfund.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_validate_119.js?version=1670487785
44.228.143.47200 OK 9.7 kB URL HTTP/2 www.quickeasyfund.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_validate_119.js?version=1670487785
IP 44.228.143.47:0
File type Unicode text, UTF-8 text, with very long lines (24292)
Hash 2d29a91f4da2add72ef6d7a71d2a29a6
67a3dfcd09c184128f76d7b3a33507f0ae3d86ee
9fe41ee1c8bbe47173dd9fd6cd6951029df7fb6f90c89513570b1ed95305d3ab
GET /common/assets/js/funnel/pvexl42step/final/lib/js/jquery_validate_119.js?version=1670487785 HTTP/1.1
Host: www.quickeasyfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/?rtrcid=503475~e81fe3f1~1401025&rtrtid=11:MV1TCS35&rtrsid=1&xi_rtrtsrc=1&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2554&x_psac=2554&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e81fe3f1~1401025%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2224%22,%22subid%22:%2211:MV1TCS35%22,%22x_offerid%22:%22334%22,%22x_clickid%22:%22102f5a9dc15c04b470702d9f8ab951%22,%22email%22:%22rtrent@gravitydiagnostics.com%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222554%22}
Cookie: SCSSESSIONID=q54hb03sucvgq8omcegid20k49
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 06:07:54 GMT
content-type: application/javascript
content-length: 9726
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Thu, 08 Dec 2022 08:23:05 GMT
etag: "5f6e-5ef4cbf090ad7-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 9022d13eddfcfff86356c58ab4cf066d
6524a203545e6af0227312e4c35c20f12e6dcc5b
2a953853df3ea625e37cb81ed68356809995f0f083b5468b76113edb9eca5655
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=106886
Date: Sat, 10 Dec 2022 06:07:54 GMT
Etag: "639320c0-1d7"
Expires: Sun, 11 Dec 2022 11:49:20 GMT
Last-Modified: Fri, 09 Dec 2022 11:49:20 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7qVvo-K_xWzEktAtxPcTlFql6mooZSHYus6VCzsuNPtGJrNLJOVsJg==
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 9022d13eddfcfff86356c58ab4cf066d
6524a203545e6af0227312e4c35c20f12e6dcc5b
2a953853df3ea625e37cb81ed68356809995f0f083b5468b76113edb9eca5655
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=106886
Date: Sat, 10 Dec 2022 06:07:54 GMT
Etag: "639320c0-1d7"
Expires: Sun, 11 Dec 2022 11:49:20 GMT
Last-Modified: Fri, 09 Dec 2022 11:49:20 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BTWbU07WSvVeKeofKo5zzwfrY2d5gnRCA-psZAilkQWpkmTub72tYg==
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 9022d13eddfcfff86356c58ab4cf066d
6524a203545e6af0227312e4c35c20f12e6dcc5b
2a953853df3ea625e37cb81ed68356809995f0f083b5468b76113edb9eca5655
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=106886
Date: Sat, 10 Dec 2022 06:07:54 GMT
Etag: "639320c0-1d7"
Expires: Sun, 11 Dec 2022 11:49:20 GMT
Last-Modified: Fri, 09 Dec 2022 11:49:20 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: z4_Gl0kkbmOWouJUP8nQssvW5eoH4qlme7rjbJtrFyyNe08h7kwVLA==
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 9022d13eddfcfff86356c58ab4cf066d
6524a203545e6af0227312e4c35c20f12e6dcc5b
2a953853df3ea625e37cb81ed68356809995f0f083b5468b76113edb9eca5655
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=106886
Date: Sat, 10 Dec 2022 06:07:54 GMT
Etag: "639320c0-1d7"
Expires: Sun, 11 Dec 2022 11:49:20 GMT
Last-Modified: Fri, 09 Dec 2022 11:49:20 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: usPaqoCSkc28ar8w-T0WNEVBP3wDWwHLlBGWXcjrsDDn_wP2_G5dmQ==
img.emlasts.com/epcvip/ac-icons/icon_success.png
143.204.55.34200 OK 12 kB URL HTTP/2 img.emlasts.com/epcvip/ac-icons/icon_success.png
IP 143.204.55.34:0
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 646beb0fefb01ebf9006e7722c5b4611
17cb12b9b3ae6322c8dcf28f5e3832910e384525
bcba7e55c4cbbebd3ab071c189c875aebd5999ecd1c7ef835da7fed4e81bb692
GET /epcvip/ac-icons/icon_success.png HTTP/1.1
Host: img.emlasts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 11695
last-modified: Thu, 11 Mar 2021 22:01:06 GMT
x-amz-version-id: vue7UWARodNTQ1z3_MZFfQrXOvBUZEpx
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Dec 2022 06:07:54 GMT
etag: "646beb0fefb01ebf9006e7722c5b4611"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: E3l-2ZzXOfhta5rzgZjAAJWN72vp4iqlteBf6F3e_BaZ0p5cs2qh8A==
age: 8689
cache-control: max-age=31536000
X-Firefox-Spdy: h2
img.emlasts.com/epcvip/ac-icons/secure-ssl3.png
143.204.55.34200 OK 7.3 kB URL HTTP/2 img.emlasts.com/epcvip/ac-icons/secure-ssl3.png
IP 143.204.55.34:0
File type PNG image data, 200 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 831f890e664ce35d7f0554e2126078aa
6ed787560e553674d14d58e279c3e299414009f8
855b0a95aeeb8aa9486858e43e750dd74ca266ffd79078426ccd1b60f5e270f2
GET /epcvip/ac-icons/secure-ssl3.png HTTP/1.1
Host: img.emlasts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 7289
last-modified: Thu, 29 Oct 2020 17:38:08 GMT
x-amz-version-id: wR0zkLiUqp1C6RY7mam1Yg4lA3JtwZ0j
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Dec 2022 06:07:54 GMT
etag: "831f890e664ce35d7f0554e2126078aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SEM8Peaj3bcmLYw2W8CAZEe8PkKPC1HbtzmOoq1TPDgtYA38G4vykg==
age: 6264
cache-control: max-age=31536000
X-Firefox-Spdy: h2
img.emlasts.com/epcvip/ac-icons/chevron-right.png
143.204.55.34200 OK 280 B URL HTTP/2 img.emlasts.com/epcvip/ac-icons/chevron-right.png
IP 143.204.55.34:0
File type PNG image data, 13 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 8608fe7805f9b2cc600d488487ae4b8f
77905d057928f48036bbd182f0b3306b76d7486c
bd0f9937b7933017c088172977ba87a577e80f1786c30ee92cc4030690b1fd69
GET /epcvip/ac-icons/chevron-right.png HTTP/1.1
Host: img.emlasts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 280
last-modified: Thu, 11 Mar 2021 23:32:01 GMT
x-amz-version-id: eGPQONq.wABFUcImR8OR.6golFu.9eyT
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Dec 2022 06:07:54 GMT
etag: "8608fe7805f9b2cc600d488487ae4b8f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nU0KvVmyQTjUfUmb3sc7_mvBYqW4AUMKIF5VOeGZUFOd3Y-AMCmhkQ==
age: 6928
cache-control: max-age=31536000
X-Firefox-Spdy: h2
www.quickeasyfund.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_validation_methods_119.js?version=1670487785
44.228.143.47200 OK 7.8 kB URL HTTP/2 www.quickeasyfund.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_validation_methods_119.js?version=1670487785
IP 44.228.143.47:0
File type Unicode text, UTF-8 text, with very long lines (22514)
Hash 6834ecad7088cefc2a704c93a45f06e7
e41df4f655ec226532df22891793f50f9dbebd6d
f07e88fdfdfda9917a7f371a6ef10032bacd13e328e6e71ebca7398c9b28ec86
GET /common/assets/js/funnel/pvexl42step/final/lib/js/jquery_validation_methods_119.js?version=1670487785 HTTP/1.1
Host: www.quickeasyfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/?rtrcid=503475~e81fe3f1~1401025&rtrtid=11:MV1TCS35&rtrsid=1&xi_rtrtsrc=1&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2554&x_psac=2554&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e81fe3f1~1401025%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2224%22,%22subid%22:%2211:MV1TCS35%22,%22x_offerid%22:%22334%22,%22x_clickid%22:%22102f5a9dc15c04b470702d9f8ab951%22,%22email%22:%22rtrent@gravitydiagnostics.com%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222554%22}
Cookie: SCSSESSIONID=q54hb03sucvgq8omcegid20k49
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 06:07:54 GMT
content-type: application/javascript
content-length: 7805
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Fri, 09 Dec 2022 08:24:03 GMT
etag: "5883-5ef60e054a56b-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.quickeasyfund.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_mask_114.js?version=1670487785
44.228.143.47200 OK 3.7 kB URL HTTP/2 www.quickeasyfund.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_mask_114.js?version=1670487785
IP 44.228.143.47:0
File type ASCII text, with very long lines (1024)
Hash 6e4835c7754f969f87db2aec362f93d7
5e99b01c948bca2ce3f1b464420ca24008869516
e37e47c1692b9f3d3f4fecb8530b88330559c88aa29e4697d85dccd774e4e6c8
GET /common/assets/js/funnel/pvexl42step/final/lib/js/jquery_mask_114.js?version=1670487785 HTTP/1.1
Host: www.quickeasyfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/?rtrcid=503475~e81fe3f1~1401025&rtrtid=11:MV1TCS35&rtrsid=1&xi_rtrtsrc=1&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2554&x_psac=2554&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e81fe3f1~1401025%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2224%22,%22subid%22:%2211:MV1TCS35%22,%22x_offerid%22:%22334%22,%22x_clickid%22:%22102f5a9dc15c04b470702d9f8ab951%22,%22email%22:%22rtrent@gravitydiagnostics.com%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222554%22}
Cookie: SCSSESSIONID=q54hb03sucvgq8omcegid20k49
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 06:07:54 GMT
content-type: application/javascript
content-length: 3741
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Fri, 09 Dec 2022 08:24:03 GMT
etag: "218e-5ef60e054a56b-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
img.emlasts.com/epcvip/ac-icons/worker-07.jpg
143.204.55.34200 OK 27 kB URL HTTP/2 img.emlasts.com/epcvip/ac-icons/worker-07.jpg
IP 143.204.55.34:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x400, components 3\012- data
Hash c43fbbb54845c8a46eaaa9a547653b39
d4a6699278f98dc83a445e511950fbe665d169a8
1f1f396e24884a8c24ba29fb60b167cd51c64b22cab0922c4b43e629fdf29b9f
GET /epcvip/ac-icons/worker-07.jpg HTTP/1.1
Host: img.emlasts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 26786
last-modified: Thu, 01 Apr 2021 22:04:51 GMT
x-amz-version-id: 7w7isLoDcH69.UW.mZA695oQSQH5X2uL
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Dec 2022 06:07:54 GMT
etag: "c43fbbb54845c8a46eaaa9a547653b39"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: y3rfC52yUPFMcwVOqMkWufHeLW9DtK7ZZ3LTntSVUxznc7xHRmiPSA==
age: 2646
cache-control: max-age=31536000
X-Firefox-Spdy: h2
www.quickeasyfund.com/?rtrcid=503475~e81fe3f1~1401025&rtrtid=11:MV1TCS35&rtrsid=1&xi_rtrtsrc=1&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2554&x_psac=2554&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e81fe3f1~1401025%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2224%22,%22subid%22:%2211:MV1TCS35%22,%22x_offerid%22:%22334%22,%22x_clickid%22:%22102f5a9dc15c04b470702d9f8ab951%22,%22email%22:%22rtrent@gravitydiagnostics.com%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222554%22}
44.228.143.47200 OK 38 kB URL HTTP/2 www.quickeasyfund.com/?rtrcid=503475~e81fe3f1~1401025&rtrtid=11:MV1TCS35&rtrsid=1&xi_rtrtsrc=1&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2554&x_psac=2554&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e81fe3f1~1401025%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2224%22,%22subid%22:%2211:MV1TCS35%22,%22x_offerid%22:%22334%22,%22x_clickid%22:%22102f5a9dc15c04b470702d9f8ab951%22,%22email%22:%22rtrent@gravitydiagnostics.com%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222554%22}
IP 44.228.143.47:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (365)
Hash 8586ca61ca135fc50d3ee6b42a4242bb
e2645150e957853ba3963c24e840a94c0bad9208
86b580fe696850e66491f30dfce6d2726e5814040a20c55ed2fea1716107f812
GET /?rtrcid=503475~e81fe3f1~1401025&rtrtid=11:MV1TCS35&rtrsid=1&xi_rtrtsrc=1&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2554&x_psac=2554&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e81fe3f1~1401025%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2224%22,%22subid%22:%2211:MV1TCS35%22,%22x_offerid%22:%22334%22,%22x_clickid%22:%22102f5a9dc15c04b470702d9f8ab951%22,%22email%22:%22rtrent@gravitydiagnostics.com%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222554%22} HTTP/1.1
Host: www.quickeasyfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://offer.quickeasyfund.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 06:07:53 GMT
content-type: text/html; charset=UTF-8
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
x-powered-by: PHP/7.4.33
set-cookie: SCSSESSIONID=q54hb03sucvgq8omcegid20k49; expires=Sat, 10-Dec-2022 14:07:52 GMT; Max-Age=28800; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.quickeasyfund.com/common/assets/js/global/lazysizes.min.js?version=1670487785
44.228.143.47200 OK 3.5 kB URL HTTP/2 www.quickeasyfund.com/common/assets/js/global/lazysizes.min.js?version=1670487785
IP 44.228.143.47:0
File type ASCII text, with very long lines (6761)
Hash ca6266d69da1d8eb8e6875062b3a2b1f
6599d22230cc84fba297b588ba1184aaf1d299fa
9d2dcd6895f7d1ef4dbe6c772cb2357b9eab6192440a650b84b7c2b31fb0c9cc
GET /common/assets/js/global/lazysizes.min.js?version=1670487785 HTTP/1.1
Host: www.quickeasyfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/?rtrcid=503475~e81fe3f1~1401025&rtrtid=11:MV1TCS35&rtrsid=1&xi_rtrtsrc=1&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2554&x_psac=2554&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e81fe3f1~1401025%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2224%22,%22subid%22:%2211:MV1TCS35%22,%22x_offerid%22:%22334%22,%22x_clickid%22:%22102f5a9dc15c04b470702d9f8ab951%22,%22email%22:%22rtrent@gravitydiagnostics.com%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222554%22}
Cookie: SCSSESSIONID=q54hb03sucvgq8omcegid20k49
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 06:07:54 GMT
content-type: application/javascript
content-length: 3454
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Fri, 09 Dec 2022 08:24:03 GMT
etag: "1a83-5ef60e059c5ee-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.quickeasyfund.com/common/assets/js/global/noSleep.min.js?version=1670487785
44.228.143.47200 OK 7.4 kB URL HTTP/2 www.quickeasyfund.com/common/assets/js/global/noSleep.min.js?version=1670487785
IP 44.228.143.47:0
File type ASCII text, with very long lines (16658)
Hash cc72b9cea8878304f558e99f7dfc7c34
bb749c9280dacd9ff76af6fc745d280fc0e4ad4a
3a7c696703ea3fea8ae4bdde898b184fb188474869aac897dfa65625f0dbedb5
GET /common/assets/js/global/noSleep.min.js?version=1670487785 HTTP/1.1
Host: www.quickeasyfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/?rtrcid=503475~e81fe3f1~1401025&rtrtid=11:MV1TCS35&rtrsid=1&xi_rtrtsrc=1&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2554&x_psac=2554&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e81fe3f1~1401025%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2224%22,%22subid%22:%2211:MV1TCS35%22,%22x_offerid%22:%22334%22,%22x_clickid%22:%22102f5a9dc15c04b470702d9f8ab951%22,%22email%22:%22rtrent@gravitydiagnostics.com%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222554%22}
Cookie: SCSSESSIONID=q54hb03sucvgq8omcegid20k49
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 06:07:54 GMT
content-type: application/javascript
content-length: 7378
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Fri, 09 Dec 2022 08:24:03 GMT
etag: "415c-5ef60e059c5ee-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.quickeasyfund.com/common/assets/js/funnel/pvexl42step/final/local-storage-wrapper.js?version=1670487785
44.228.143.47200 OK 447 B URL HTTP/2 www.quickeasyfund.com/common/assets/js/funnel/pvexl42step/final/local-storage-wrapper.js?version=1670487785
IP 44.228.143.47:0
Hash d62c5ca1baa18951e04f01c446c1ac1d
ea2b43b7b4fba74a53a16ece693dac223c98b74b
4b06bf9902324b73ac543c6a8227a59cda93bf74652e6f9291b03de44d512d0f
GET /common/assets/js/funnel/pvexl42step/final/local-storage-wrapper.js?version=1670487785 HTTP/1.1
Host: www.quickeasyfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/?rtrcid=503475~e81fe3f1~1401025&rtrtid=11:MV1TCS35&rtrsid=1&xi_rtrtsrc=1&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2554&x_psac=2554&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e81fe3f1~1401025%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2224%22,%22subid%22:%2211:MV1TCS35%22,%22x_offerid%22:%22334%22,%22x_clickid%22:%22102f5a9dc15c04b470702d9f8ab951%22,%22email%22:%22rtrent@gravitydiagnostics.com%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222554%22}
Cookie: SCSSESSIONID=q54hb03sucvgq8omcegid20k49
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 06:07:54 GMT
content-type: application/javascript
content-length: 447
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Thu, 08 Dec 2022 08:23:05 GMT
etag: "826-5ef4cbf090ad7-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.quickeasyfund.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_steps_110.js?version=1670487785
44.228.143.47200 OK 5.9 kB URL HTTP/2 www.quickeasyfund.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_steps_110.js?version=1670487785
IP 44.228.143.47:0
File type ASCII text, with very long lines (13686)
Hash 9122fadc073d660ce3ee7c3afbb02d2b
5df9c5da5c7f71e43961fcd601aa0d6969212005
54a75ab40ca4289011a1355bbd2078e80be34c7d6c1933a24e528d82a5957d7c
GET /common/assets/js/funnel/pvexl42step/final/lib/js/jquery_steps_110.js?version=1670487785 HTTP/1.1
Host: www.quickeasyfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/?rtrcid=503475~e81fe3f1~1401025&rtrtid=11:MV1TCS35&rtrsid=1&xi_rtrtsrc=1&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2554&x_psac=2554&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e81fe3f1~1401025%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2224%22,%22subid%22:%2211:MV1TCS35%22,%22x_offerid%22:%22334%22,%22x_clickid%22:%22102f5a9dc15c04b470702d9f8ab951%22,%22email%22:%22rtrent@gravitydiagnostics.com%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222554%22}
Cookie: SCSSESSIONID=q54hb03sucvgq8omcegid20k49
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 06:07:54 GMT
content-type: application/javascript
content-length: 5931
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Fri, 09 Dec 2022 08:24:03 GMT
etag: "3620-5ef60e054a56b-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.quickeasyfund.com/?cmd=ExtTAVSEvent&i_tavsid=6562&sugid=3&i_appid=&appSessDataId=780748755&evt=P1
44.228.143.47200 OK 43 B URL HTTP/2 www.quickeasyfund.com/?cmd=ExtTAVSEvent&i_tavsid=6562&sugid=3&i_appid=&appSessDataId=780748755&evt=P1
IP 44.228.143.47:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /?cmd=ExtTAVSEvent&i_tavsid=6562&sugid=3&i_appid=&appSessDataId=780748755&evt=P1 HTTP/1.1
Host: www.quickeasyfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/?rtrcid=503475~e81fe3f1~1401025&rtrtid=11:MV1TCS35&rtrsid=1&xi_rtrtsrc=1&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2554&x_psac=2554&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e81fe3f1~1401025%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2224%22,%22subid%22:%2211:MV1TCS35%22,%22x_offerid%22:%22334%22,%22x_clickid%22:%22102f5a9dc15c04b470702d9f8ab951%22,%22email%22:%22rtrent@gravitydiagnostics.com%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222554%22}
Cookie: SCSSESSIONID=q54hb03sucvgq8omcegid20k49
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 06:07:54 GMT
content-type: image/gif
content-length: 43
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
x-powered-by: PHP/7.4.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: User-Agent
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 06:07:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.emlasts.com/epcvip/ac-icons/asterisks.png
143.204.55.34200 OK 587 B URL HTTP/2 img.emlasts.com/epcvip/ac-icons/asterisks.png
IP 143.204.55.34:0
File type PNG image data, 184 x 42, 8-bit colormap, non-interlaced\012- data
Hash 4b7874d634e9faa2470b05f42b731aa0
dcfb3eab7ccc349b47196d1354387ad204c62e2c
22e29b0f2fa3e4c59fbed79e72c2b339a4ea76f9d6ddd5eba59c0e668bf0b1b8
GET /epcvip/ac-icons/asterisks.png HTTP/1.1
Host: img.emlasts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 587
last-modified: Tue, 06 Apr 2021 21:06:50 GMT
x-amz-version-id: 3gNNo2cxRohJ_8ZRm9kVCxwIRHxSx4ek
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Dec 2022 06:07:54 GMT
etag: "4b7874d634e9faa2470b05f42b731aa0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W3ZDRpzoaW0PajUgo01wtDRSfr6FNErGo7BvDm5qEd_SCimmfxc-Sw==
age: 11554
cache-control: max-age=31536000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
142.250.74.35200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Hash 9ed361bba8488aeb2797b82befda20f1
6f80d965a066aff81c0a344d4b7297bd009cc099
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
GET /s/poppins/v15/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.quickeasyfund.com
Connection: keep-alive
Referer: https://www.quickeasyfund.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Dec 2022 04:35:09 GMT
expires: Sun, 10 Dec 2023 04:35:09 GMT
cache-control: public, max-age=31536000
age: 5566
last-modified: Thu, 05 Nov 2020 22:01:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
142.250.74.35200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7776, version 1.0\012- data
Hash 84780596e268aa0cb2be48af2ed5c375
d67ccd32f8c790a746d64d06145882a2f7b06560
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
GET /s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.quickeasyfund.com
Connection: keep-alive
Referer: https://www.quickeasyfund.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 17:06:08 GMT
expires: Thu, 07 Dec 2023 17:06:08 GMT
cache-control: public, max-age=31536000
age: 219707
last-modified: Thu, 05 Nov 2020 22:01:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
142.250.74.35200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7832, version 1.0\012- data
Hash f4f17fd53c7d040e56f91a3ecb692b22
1b51342175762634835645ba2f99cd3ab0ac615c
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
GET /s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.quickeasyfund.com
Connection: keep-alive
Referer: https://www.quickeasyfund.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7832
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 15:48:16 GMT
expires: Wed, 06 Dec 2023 15:48:16 GMT
cache-control: public, max-age=31536000
age: 310779
last-modified: Thu, 05 Nov 2020 22:01:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
142.250.74.35200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7988, version 1.0\012- data
Hash 087457026965f98466618a478c4b1b07
00b024ccb35e3694de662d180d6ea7f56de6d654
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
GET /s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.quickeasyfund.com
Connection: keep-alive
Referer: https://www.quickeasyfund.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7988
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 05:18:27 GMT
expires: Fri, 08 Dec 2023 05:18:27 GMT
cache-control: public, max-age=31536000
age: 175768
last-modified: Thu, 05 Nov 2020 22:02:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 06:07:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.quickeasyfund.com/apple-touch-icon.png?version=1670492957
44.228.143.47200 OK 7.5 kB URL HTTP/2 www.quickeasyfund.com/apple-touch-icon.png?version=1670492957
IP 44.228.143.47:0
File type PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Hash c58bbc0a09a9c97dd31b2e9b4faea8aa
8ae1b5a6babd23dc5dffcc08f7888e95b0b67288
f38d0821593fa2f25d7f39ffdf9e30ce47c01b7b26997ece15f154a23bb77bd7
GET /apple-touch-icon.png?version=1670492957 HTTP/1.1
Host: www.quickeasyfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/?rtrcid=503475~e81fe3f1~1401025&rtrtid=11:MV1TCS35&rtrsid=1&xi_rtrtsrc=1&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2554&x_psac=2554&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e81fe3f1~1401025%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2224%22,%22subid%22:%2211:MV1TCS35%22,%22x_offerid%22:%22334%22,%22x_clickid%22:%22102f5a9dc15c04b470702d9f8ab951%22,%22email%22:%22rtrent@gravitydiagnostics.com%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222554%22}
Cookie: SCSSESSIONID=q54hb03sucvgq8omcegid20k49
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 06:07:55 GMT
content-type: image/png
content-length: 7473
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Fri, 09 Dec 2022 09:34:02 GMT
etag: "1d31-5ef61da9f26ac"
accept-ranges: bytes
vary: User-Agent
X-Firefox-Spdy: h2
www.quickeasyfund.com/favicon-16x16.png?version=1670492958
44.228.143.47200 OK 1.1 kB URL HTTP/2 www.quickeasyfund.com/favicon-16x16.png?version=1670492958
IP 44.228.143.47:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 3c6314a401bb73916992fcb03fc3c3d0
f14e222055f165512dcb1be9c2a86a5befc65029
5ac1974cbb3ef42653d4bcccbd657b90ca20b145f088161e6e3672e4aa164a9b
GET /favicon-16x16.png?version=1670492958 HTTP/1.1
Host: www.quickeasyfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/?rtrcid=503475~e81fe3f1~1401025&rtrtid=11:MV1TCS35&rtrsid=1&xi_rtrtsrc=1&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2554&x_psac=2554&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e81fe3f1~1401025%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2224%22,%22subid%22:%2211:MV1TCS35%22,%22x_offerid%22:%22334%22,%22x_clickid%22:%22102f5a9dc15c04b470702d9f8ab951%22,%22email%22:%22rtrent@gravitydiagnostics.com%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222554%22}
Cookie: SCSSESSIONID=q54hb03sucvgq8omcegid20k49
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 06:07:55 GMT
content-type: image/png
content-length: 1087
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Fri, 09 Dec 2022 09:34:02 GMT
etag: "43f-5ef61da9fc2ed"
accept-ranges: bytes
vary: User-Agent
X-Firefox-Spdy: h2
www.quickeasyfund.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_360.js?version=1670487785
44.228.143.47200 OK 0 B URL HTTP/2 www.quickeasyfund.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_360.js?version=1670487785
IP 44.228.143.47:0
GET /common/assets/js/funnel/pvexl42step/final/lib/js/jquery_360.js?version=1670487785 HTTP/1.1
Host: www.quickeasyfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/?rtrcid=503475~e81fe3f1~1401025&rtrtid=11:MV1TCS35&rtrsid=1&xi_rtrtsrc=1&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2554&x_psac=2554&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e81fe3f1~1401025%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2224%22,%22subid%22:%2211:MV1TCS35%22,%22x_offerid%22:%22334%22,%22x_clickid%22:%22102f5a9dc15c04b470702d9f8ab951%22,%22email%22:%22rtrent@gravitydiagnostics.com%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222554%22}
Cookie: SCSSESSIONID=q54hb03sucvgq8omcegid20k49
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 06:07:54 GMT
content-type: application/javascript
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Fri, 09 Dec 2022 08:24:03 GMT
etag: "15d9c-5ef60e054a56b-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.quickeasyfund.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_ui_112.js?version=1670487785
44.228.143.47200 OK 0 B URL HTTP/2 www.quickeasyfund.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_ui_112.js?version=1670487785
IP 44.228.143.47:0
GET /common/assets/js/funnel/pvexl42step/final/lib/js/jquery_ui_112.js?version=1670487785 HTTP/1.1
Host: www.quickeasyfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/?rtrcid=503475~e81fe3f1~1401025&rtrtid=11:MV1TCS35&rtrsid=1&xi_rtrtsrc=1&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2554&x_psac=2554&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e81fe3f1~1401025%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2224%22,%22subid%22:%2211:MV1TCS35%22,%22x_offerid%22:%22334%22,%22x_clickid%22:%22102f5a9dc15c04b470702d9f8ab951%22,%22email%22:%22rtrent@gravitydiagnostics.com%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222554%22}
Cookie: SCSSESSIONID=q54hb03sucvgq8omcegid20k49
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 06:07:54 GMT
content-type: application/javascript
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Fri, 09 Dec 2022 08:24:03 GMT
etag: "3ddf1-5ef60e054a56b-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.quickeasyfund.com/common/assets/js/funnel/pvexl42step/final/lib/css/bootstrap_337.css?version=1670487785
44.228.143.47200 OK 0 B URL HTTP/2 www.quickeasyfund.com/common/assets/js/funnel/pvexl42step/final/lib/css/bootstrap_337.css?version=1670487785
IP 44.228.143.47:0
GET /common/assets/js/funnel/pvexl42step/final/lib/css/bootstrap_337.css?version=1670487785 HTTP/1.1
Host: www.quickeasyfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/?rtrcid=503475~e81fe3f1~1401025&rtrtid=11:MV1TCS35&rtrsid=1&xi_rtrtsrc=1&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2554&x_psac=2554&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e81fe3f1~1401025%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2224%22,%22subid%22:%2211:MV1TCS35%22,%22x_offerid%22:%22334%22,%22x_clickid%22:%22102f5a9dc15c04b470702d9f8ab951%22,%22email%22:%22rtrent@gravitydiagnostics.com%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222554%22}
Cookie: SCSSESSIONID=q54hb03sucvgq8omcegid20k49
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 06:07:54 GMT
content-type: text/css
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Fri, 09 Dec 2022 08:24:03 GMT
etag: "1d942-5ef60e054380b-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.quickeasyfund.com/common/template/funnel/pvexl42step/dynamicStep/FF20/js/step.js?version=1670487785
44.228.143.47200 OK 0 B URL HTTP/2 www.quickeasyfund.com/common/template/funnel/pvexl42step/dynamicStep/FF20/js/step.js?version=1670487785
IP 44.228.143.47:0
GET /common/template/funnel/pvexl42step/dynamicStep/FF20/js/step.js?version=1670487785 HTTP/1.1
Host: www.quickeasyfund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickeasyfund.com/?rtrcid=503475~e81fe3f1~1401025&rtrtid=11:MV1TCS35&rtrsid=1&xi_rtrtsrc=1&x_offerid=334&x_clickid=102f5a9dc15c04b470702d9f8ab951&email=rtrent@gravitydiagnostics.com&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=2554&x_psac=2554&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e81fe3f1~1401025%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2224%22,%22subid%22:%2211:MV1TCS35%22,%22x_offerid%22:%22334%22,%22x_clickid%22:%22102f5a9dc15c04b470702d9f8ab951%22,%22email%22:%22rtrent@gravitydiagnostics.com%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%222554%22}
Cookie: SCSSESSIONID=q54hb03sucvgq8omcegid20k49
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 06:07:54 GMT
content-type: application/javascript
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Fri, 09 Dec 2022 08:24:03 GMT
etag: "1053f-5ef60e05e2af1-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2