r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12030
Expires: Fri, 03 Feb 2023 16:57:08 GMT
Date: Fri, 03 Feb 2023 13:36:38 GMT
Connection: keep-alive
www.eform2290.com/login/
52.71.160.129301 Moved Permanently 134 B IP 52.71.160.129:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /login/ HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Fri, 03 Feb 2023 13:36:38 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://www.eform2290.com:443/login/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13619
Expires: Fri, 03 Feb 2023 17:23:37 GMT
Date: Fri, 03 Feb 2023 13:36:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 12:43:35 GMT
content-type: application/json
age: 3183
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13919
Expires: Fri, 03 Feb 2023 17:28:37 GMT
Date: Fri, 03 Feb 2023 13:36:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: fHV88K7FKjlfg6ipTtyTz0WLecLcsUeGrVhZ2rPdOAFCyWi+FaGYmrsTZ4lIk7wX1SK+g+OkULI=
x-amz-request-id: BWF58KDZCTKA0KXT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 12:52:25 GMT
age: 2653
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 13:36:38 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 6d06e493b5e21f6721425679690c9fb6
88a8fba7194bc0cc3a53f29d901243d065174746
f1b4840e60914856eff50a42babd2722591838d86b4723c11bcb5fe8b0a4c6ac
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111992
Date: Fri, 03 Feb 2023 13:36:39 GMT
Etag: "63dc205f-1d7"
Expires: Sat, 04 Feb 2023 20:43:11 GMT
Last-Modified: Thu, 02 Feb 2023 20:43:11 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 42d0OzDzRFEO5zrKz5LIDH6WOLWWDWBer2F52iGCn4IVmr5jp9jdxA==
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 13:07:19 GMT
age: 1760
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12716
Expires: Fri, 03 Feb 2023 17:08:35 GMT
Date: Fri, 03 Feb 2023 13:36:39 GMT
Connection: keep-alive
www.eform2290.com/login/wp-includes/css/classic-themes.min.css?ver=1
3.80.0.188200 OK 217 B URL HTTP/2 www.eform2290.com/login/wp-includes/css/classic-themes.min.css?ver=1
IP 3.80.0.188:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /login/wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: text/css
content-length: 217
server: nginx/1.14.0 (Ubuntu)
last-modified: Sun, 29 Jan 2023 08:40:55 GMT
etag: "63d63117-d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js
151.101.193.229200 OK 22 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js
IP 151.101.193.229:0
File type ASCII text, with very long lines (65299)
Hash 97a3b040961685ae5a2bf2b14388756f
246a07f0f583ef5397c8669f17e522e6056ad713
7ee85b3e591b043ba11795194f60a4aa5e30bae9ce973c6c8945da1108b869d2
GET /npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.6.2
x-jsd-version-type: version
etag: W/"145b0-MjP9Adh/ukV+qtjcvCifdbFw+BQ"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 03 Feb 2023 13:36:39 GMT
age: 715371
x-served-by: cache-fra-eddf8230044-FRA, cache-bma1651-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22129
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-95223
142.250.74.72200 OK 51 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-95223
IP 142.250.74.72:0
File type ASCII text, with very long lines (1759)
Hash a4c4ee388a7487e6581966e3cba4fbf6
0838df27fd11308951f0aef34809eabd7a768e94
00c120b0e9242617f478073066260c29df07b2f3dc2d59ac578907ac9beb62e3
GET /gtag/js?id=AW-95223 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 13:36:39 GMT
expires: Fri, 03 Feb 2023 13:36:39 GMT
cache-control: private, max-age=900
last-modified: Fri, 03 Feb 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50656
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css
151.101.193.229200 OK 24 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css
IP 151.101.193.229:0
File type ASCII text, with very long lines (65326)
Hash ae5285e2862bba71ea08b297d1f615be
783c46e491c4927028683152dfbf8feec6061f45
71b843a2c319407d43fca37dadd51b27c5d8e12577cd7a1f1b5dc2640f0aa7fb
GET /npm/bootstrap@4.6.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.6.2
x-jsd-version-type: version
etag: W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 03 Feb 2023 13:36:39 GMT
age: 6950344
x-served-by: cache-fra-eddf8230127-FRA, cache-bma1651-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24176
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=GTM-MLLRNV8
142.250.74.142200 OK 44 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=GTM-MLLRNV8
IP 142.250.74.142:0
File type ASCII text, with very long lines (1759)
Hash cf4df8f5a71310492556064977e25c3f
a85b177973fbe36858bcca3d44e373b8ac62be89
35bce1ae46604be026a259c394d8c01a6cd547bd9ec7a65e92877045184212d8
GET /optimize.js?id=GTM-MLLRNV8 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 13:36:39 GMT
expires: Fri, 03 Feb 2023 13:36:39 GMT
cache-control: private, max-age=900
last-modified: Fri, 03 Feb 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44232
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/uploads/2022/07/eform-2290-logo-desktop.webp
3.80.0.188200 OK 5.8 kB URL HTTP/2 www.eform2290.com/login/wp-content/uploads/2022/07/eform-2290-logo-desktop.webp
IP 3.80.0.188:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d2196a973171ea5608e4cbd955189079
f90ab0533b96d4c07b133aa55731ada399cbbffa
8382f8ad741ad38855f6392428b9be1d018a0529220ddbf25645a7f0bf47d0f8
GET /login/wp-content/uploads/2022/07/eform-2290-logo-desktop.webp HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: image/webp
content-length: 5784
server: nginx/1.14.0 (Ubuntu)
last-modified: Thu, 21 Jul 2022 14:31:05 GMT
etag: "62d96329-1698"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-26348509-2
142.250.74.72200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-26348509-2
IP 142.250.74.72:0
File type ASCII text, with very long lines (1759)
Hash 5920ae6551deb47bc24a3f3d1b4bccce
94caee3a4ac37f41f4cfa94b3d714983d2ab8074
49a2d543f5a2e40d703d642f67e79c03d0edb9da99b656846ca282788073dce4
GET /gtag/js?id=UA-26348509-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 13:36:39 GMT
expires: Fri, 03 Feb 2023 13:36:39 GMT
cache-control: private, max-age=900
last-modified: Fri, 03 Feb 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43908
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/uploads/2022/06/outline-phone-24px.png
3.80.0.188200 OK 234 B URL HTTP/2 www.eform2290.com/login/wp-content/uploads/2022/06/outline-phone-24px.png
IP 3.80.0.188:0
File type PNG image data, 24 x 24, 4-bit colormap, non-interlaced\012- data
Hash 9ed39d91e7d274f3f7f6da72689ec92c
928ed1f3beb4dc3b10b06346ae827d359cacf02a
ebfeddbd344d08806f9e666443cc720ac9f42f409fd1a6fda4e386f18d511828
GET /login/wp-content/uploads/2022/06/outline-phone-24px.png HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: image/png
content-length: 234
server: nginx/1.14.0 (Ubuntu)
last-modified: Thu, 21 Jul 2022 14:31:05 GMT
etag: "62d96329-ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-952235328
142.250.74.72200 OK 68 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-952235328
IP 142.250.74.72:0
File type ASCII text, with very long lines (6669)
Hash f5fceaefc2a7f8bd408a24f8eaa7305b
aff2d608b6b84bcd9ad9ed1c10633c602bd1f90c
8ba5c9bebf8eefbf888fa638c712111ce86eeb43a8ac1641b6983ac2fcc6ff67
GET /gtag/js?id=AW-952235328 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 13:36:39 GMT
expires: Fri, 03 Feb 2023 13:36:39 GMT
cache-control: private, max-age=900
last-modified: Fri, 03 Feb 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67695
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.eform2290.com/instructions/wp-content/uploads/2020/11/d-irs-logo.png
3.80.0.188200 OK 3.6 kB URL HTTP/2 www.eform2290.com/instructions/wp-content/uploads/2020/11/d-irs-logo.png
IP 3.80.0.188:0
File type PNG image data, 62 x 61, 8-bit colormap, non-interlaced\012- data
Hash 531e20fbce74081b04e93c17f77fabb1
779b24ed33e1d63325caf749d65e4d0cc99d8f96
cdd4edeaf28d19104ddd9bef45cda71467baab49b3e593905fb0c9f449a788a4
GET /instructions/wp-content/uploads/2020/11/d-irs-logo.png HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: image/png
content-length: 3646
server: nginx/1.14.0 (Ubuntu)
last-modified: Wed, 27 Apr 2022 11:04:39 GMT
etag: "62692347-e3e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.167.56.184101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.167.56.184:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QJOm9yFf4J6Lr4CxzoItiQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2FYFcJVQRfrfEcmIKAQht85KIcs=
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash 9f65e5087aab1293e2f2733dd40405f4
adb6926205fbeba73396f288968b56b2e35fc3a7
80a4f5c5242c22f77d42eee759793fd70588a869989393a527b7fc647e777248
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 13:36:39 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "C3A0E0188A92125AD5FE01499413AAA4A1AEDDD5"
Expires: Sat, 04 Feb 2023 00:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 12:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2110
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793b8e897a1ab511-OSL
fonts.googleapis.com/css?display=swap&family=Open%20Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CSource%20Sans%20Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CBarlow%20Semi%20Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CBarlow%2C%20sans-serif%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CBarlow%20Semi%20Condensed%2C%20sans-serif%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CFont%20Awesome%205%20Free%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CFont%20Awesome%205%20Brands%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900
142.250.74.106200 OK 2.7 kB URL HTTP/2 fonts.googleapis.com/css?display=swap&family=Open%20Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CSource%20Sans%20Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CBarlow%20Semi%20Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CBarlow%2C%20sans-serif%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CBarlow%20Semi%20Condensed%2C%20sans-serif%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CFont%20Awesome%205%20Free%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CFont%20Awesome%205%20Brands%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900
IP 142.250.74.106:0
Hash 81b012502f1f14232c9b244b629a524d
9c8edfc2887ee078232ad49a781c70ebf5f9a8b8
5731568bbadbc0a3d7c21a6eeb6e2abbca9df17f9d7384ade6159eecfa1d52cf
GET /css?display=swap&family=Open%20Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CSource%20Sans%20Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CBarlow%20Semi%20Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CBarlow%2C%20sans-serif%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CBarlow%20Semi%20Condensed%2C%20sans-serif%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CFont%20Awesome%205%20Free%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CFont%20Awesome%205%20Brands%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 13:36:39 GMT
date: Fri, 03 Feb 2023 13:36:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/Oxygen-Mobile-Sub-Menu-master/assets/css/mobile-sub-menus.css?ver=1.1.0
3.80.0.188200 OK 1.1 kB URL HTTP/2 www.eform2290.com/login/wp-content/plugins/Oxygen-Mobile-Sub-Menu-master/assets/css/mobile-sub-menus.css?ver=1.1.0
IP 3.80.0.188:0
Hash 6328f117d785618cc2de93b1b385765a
f214a27126101bfd49ee6151fc9026a53ecf994f
18e8c49501e7286fd78522ab712db2f944d51219acae0797854b8dbbfa0d7139
GET /login/wp-content/plugins/Oxygen-Mobile-Sub-Menu-master/assets/css/mobile-sub-menus.css?ver=1.1.0 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: text/css
server: nginx/1.14.0 (Ubuntu)
last-modified: Thu, 21 Jul 2022 14:31:05 GMT
vary: Accept-Encoding
etag: W/"62d96329-919"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.eform2290.com/login/wp-content/uploads/2022/06/IdenTrustSeal.png
3.80.0.188200 OK 7.7 kB URL HTTP/2 www.eform2290.com/login/wp-content/uploads/2022/06/IdenTrustSeal.png
IP 3.80.0.188:0
File type PNG image data, 70 x 69, 8-bit/color RGBA, non-interlaced\012- data
Hash 244e6ffc3438d47b83e9aa4f60db3f98
f668b774312477a5d110b72fa230c591a473b295
4a64c6f19122b5f6ba7d821636b01e17bc96a71b6f4b28d864c3dc5e19cfb1f0
GET /login/wp-content/uploads/2022/06/IdenTrustSeal.png HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: image/png
content-length: 7732
server: nginx/1.14.0 (Ubuntu)
last-modified: Thu, 21 Jul 2022 14:31:05 GMT
etag: "62d96329-1e34"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/uploads/2022/07/IRS-Logo.jpg
3.80.0.188200 OK 2.0 kB URL HTTP/2 www.eform2290.com/login/wp-content/uploads/2022/07/IRS-Logo.jpg
IP 3.80.0.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 56x56, components 3\012- data
Hash c9e7fe7c01848be724d9a3014aeb5254
96220cba4d6ce71f4bfa6dbe05aa7e2ab8a5a5d1
ee4873d2c187267a763eee8c6757a516832d494d9a170f9b0fb368ac67facd49
GET /login/wp-content/uploads/2022/07/IRS-Logo.jpg HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: image/jpeg
content-length: 2023
server: nginx/1.14.0 (Ubuntu)
last-modified: Thu, 21 Jul 2022 14:31:05 GMT
etag: "62d96329-7e7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/uploads/2022/07/eform-2290-logo-mobile.webp
3.80.0.188200 OK 3.0 kB URL HTTP/2 www.eform2290.com/login/wp-content/uploads/2022/07/eform-2290-logo-mobile.webp
IP 3.80.0.188:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7c864b5af328ad0ff805dc88de4790f2
043303523277cf4b0e6473a20257707141a9dac4
7c8326ec8098a420d8e71cf0022b5cbfa46dc6d5b69304fdd0f70b57626c368f
GET /login/wp-content/uploads/2022/07/eform-2290-logo-mobile.webp HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: image/webp
content-length: 2994
server: nginx/1.14.0 (Ubuntu)
last-modified: Thu, 21 Jul 2022 14:31:05 GMT
etag: "62d96329-bb2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/resource-enqueuer/services/route.js?ver=9.9.0
3.80.0.188200 OK 105 B URL HTTP/2 www.eform2290.com/login/wp-content/plugins/resource-enqueuer/services/route.js?ver=9.9.0
IP 3.80.0.188:0
Hash 535d17b181ba7b25ee4a0af053b38ba7
763daa50afcc8166945861f84216976f65fbdf00
783979aba4ddee8b19698960c6403f3a0bffd82f238c6582a86a47fa4b8b514c
GET /login/wp-content/plugins/resource-enqueuer/services/route.js?ver=9.9.0 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: application/javascript
content-length: 105
server: nginx/1.14.0 (Ubuntu)
last-modified: Thu, 04 Aug 2022 12:10:24 GMT
etag: "62ebb730-69"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/resource-enqueuer/services/base.js?ver=9.9.0
3.80.0.188200 OK 96 B URL HTTP/2 www.eform2290.com/login/wp-content/plugins/resource-enqueuer/services/base.js?ver=9.9.0
IP 3.80.0.188:0
Hash 486df473ec48fc0ac6d62acaf9e4c170
b3f9770ee294253db0ed0204a78c06197a5f9cbe
e79afcd31eca4e2bb1c148d8337013842453212e3113a2f089474e56b938d8d3
GET /login/wp-content/plugins/resource-enqueuer/services/base.js?ver=9.9.0 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: application/javascript
content-length: 96
server: nginx/1.14.0 (Ubuntu)
last-modified: Thu, 04 Aug 2022 08:59:21 GMT
etag: "62eb8a69-60"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/resource-enqueuer/services/errorHandler.js?ver=9.9.0
3.80.0.188200 OK 208 B URL HTTP/2 www.eform2290.com/login/wp-content/plugins/resource-enqueuer/services/errorHandler.js?ver=9.9.0
IP 3.80.0.188:0
Hash bf8e6cb9fb259ec2c9c861f81ec990ee
6e5834c1c50856afe905acd34616b73429089d09
494db5cfe0cb9cfcff0a22d6e0c15f2d37f68caadd140ae1434199ba4c929f0c
GET /login/wp-content/plugins/resource-enqueuer/services/errorHandler.js?ver=9.9.0 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: application/javascript
content-length: 208
server: nginx/1.14.0 (Ubuntu)
last-modified: Thu, 04 Aug 2022 08:59:21 GMT
etag: "62eb8a69-d0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/resource-enqueuer/assets/js/cf7-btn-disabled.js?ver=9.9.0
3.80.0.188200 OK 68 kB URL HTTP/2 www.eform2290.com/login/wp-content/plugins/resource-enqueuer/assets/js/cf7-btn-disabled.js?ver=9.9.0
IP 3.80.0.188:0
Hash 77c2e2f782e8a0694e590342cd2c26ef
c1ccf85ce5b5b4fe28997ac28f440f191101d4c4
e4d684a5f2aef447402c030f9de3130cfda5c40c122eb2f8ed68bf32d818a767
GET /login/wp-content/plugins/resource-enqueuer/assets/js/cf7-btn-disabled.js?ver=9.9.0 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: application/javascript
server: nginx/1.14.0 (Ubuntu)
last-modified: Thu, 04 Aug 2022 08:59:22 GMT
vary: Accept-Encoding
etag: W/"62eb8a6a-b1b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.eform2290.com/login/wp-content/uploads/2022/07/outline-report-24px.png
3.80.0.188200 OK 290 B URL HTTP/2 www.eform2290.com/login/wp-content/uploads/2022/07/outline-report-24px.png
IP 3.80.0.188:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 72fa01163cd59a217f08fa96415a5519
a87c019cd07ec924a27f80f705c7b1b688d61ca0
94db43b107e728f179c06f871574aa4ed60cde29c9cfd078c2d075aea0213162
GET /login/wp-content/uploads/2022/07/outline-report-24px.png HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Cookie: _gcl_au=1.1.1904116091.1675431431
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:40 GMT
content-type: image/png
content-length: 290
server: nginx/1.14.0 (Ubuntu)
last-modified: Thu, 21 Jul 2022 14:31:05 GMT
etag: "62d96329-122"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3
3.80.0.188200 OK 20 kB URL HTTP/2 www.eform2290.com/login/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3
IP 3.80.0.188:0
Hash e9e2eeb52d3f2cc62bdaa267d3e21941
517f560bdfe1f0dd6a5214e70f2e1fd8abc3ace6
6d1a82ad0b7c0e0f70d4bf679475434809ce160cd86a42cea11e607993c9103d
GET /login/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: application/javascript
server: nginx/1.14.0 (Ubuntu)
last-modified: Sun, 29 Jan 2023 08:44:43 GMT
vary: Accept-Encoding
etag: W/"63d631fb-31d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/cf7-add-password-field/webfonts/fa-solid-900.woff2
3.80.0.188200 OK 78 kB URL HTTP/2 www.eform2290.com/login/wp-content/plugins/cf7-add-password-field/webfonts/fa-solid-900.woff2
IP 3.80.0.188:0
File type Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data
Hash d824df7eb2e268626a2dd9a6a741ac4e
0ccb2c814a7e4ca12c4778821633809cb0361eaa
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
GET /login/wp-content/plugins/cf7-add-password-field/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.eform2290.com/login/wp-content/plugins/cf7-add-password-field/css/all.css?ver=6.1.1
Cookie: _gcl_au=1.1.1904116091.1675431431
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:40 GMT
content-type: application/octet-stream
content-length: 78268
server: nginx/1.14.0 (Ubuntu)
last-modified: Sun, 29 Jan 2023 08:37:59 GMT
etag: "63d63067-131bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.eform2290.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 07:28:23 GMT
expires: Fri, 02 Feb 2024 07:28:23 GMT
cache-control: public, max-age=31536000
age: 108497
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9f01938839c6521590d71922deab94d2
0f3345b328545a35dd3bc7f34bdb4447c8095ff4
f1b0aaf2a88a5e0915f1199ac28c8197e32fac3ad8e32334340f2956e1ca13b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3389
Cache-Control: max-age=151029
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:40 GMT
Etag: "63dcaba0-117"
Expires: Sun, 05 Feb 2023 07:33:49 GMT
Last-Modified: Fri, 03 Feb 2023 06:37:20 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.eform2290.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 17:46:05 GMT
expires: Thu, 01 Feb 2024 17:46:05 GMT
cache-control: public, max-age=31536000
age: 157835
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/resource-enqueuer/services/google.js?ver=9.9.0
3.80.0.188200 OK 16 kB URL HTTP/2 www.eform2290.com/login/wp-content/plugins/resource-enqueuer/services/google.js?ver=9.9.0
IP 3.80.0.188:0
Hash 56969bd6be5d97c97627114b4b34f43c
6deb602048e5e0c4652dace6c3f67d032b825962
e444260b6954bea7241662000d444597129a87136b060a469a3faccbe1d124e8
GET /login/wp-content/plugins/resource-enqueuer/services/google.js?ver=9.9.0 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: application/javascript
server: nginx/1.14.0 (Ubuntu)
last-modified: Wed, 16 Nov 2022 07:22:18 GMT
vary: Accept-Encoding
etag: W/"63748faa-3ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/cf7-add-password-field/css/all.css?ver=6.1.1
3.80.0.188200 OK 14 kB URL HTTP/2 www.eform2290.com/login/wp-content/plugins/cf7-add-password-field/css/all.css?ver=6.1.1
IP 3.80.0.188:0
Hash 13bc1982193bfa99a62389e9c52af92c
7bd91ee23f28d737002d23f10eac06cfe3e07461
a96bfcab875c742d46334a6ea60728af69db4b0ff5d26f75a8af431e3c9f0732
GET /login/wp-content/plugins/cf7-add-password-field/css/all.css?ver=6.1.1 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: text/css
server: nginx/1.14.0 (Ubuntu)
last-modified: Sun, 29 Jan 2023 08:37:59 GMT
vary: Accept-Encoding
etag: W/"63d63067-11f69"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 71c50cb909022f062ca4dabb60cd7dac
0d5048a4ca70bb942a02dbb1b5ac111960bdd473
172f35e8db404b0b3b944394ab4d92262a6cf0f3e16b9ff71bbeec5e8bb39912
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2750
Cache-Control: max-age=104327
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:40 GMT
Etag: "63dbf7b1-118"
Expires: Sat, 04 Feb 2023 18:35:27 GMT
Last-Modified: Thu, 02 Feb 2023 17:49:37 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 71c50cb909022f062ca4dabb60cd7dac
0d5048a4ca70bb942a02dbb1b5ac111960bdd473
172f35e8db404b0b3b944394ab4d92262a6cf0f3e16b9ff71bbeec5e8bb39912
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2750
Cache-Control: max-age=104327
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:40 GMT
Etag: "63dbf7b1-118"
Expires: Sat, 04 Feb 2023 18:35:27 GMT
Last-Modified: Thu, 02 Feb 2023 17:49:37 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 264c757814627b3fd5c373f962d25a4b
971e0e82b9c625cf25ff908ae58f56d00562c118
895b9e9b27703db1c6cb28dd7100dba2e600cb628a9122e7bd92c2990db1cec7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1206
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:40 GMT
Last-Modified: Fri, 03 Feb 2023 13:16:34 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
104.16.85.5200 OK 35 B URL HTTP/2 forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
IP 104.16.85.5:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1 HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:40 GMT
content-type: image/gif
content-length: 35
x-trace: 2B44A9997DBC61CEC13B51CEC7FF17255585E44BB4000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: origin
x-hubspot-correlation-id: d0cd9b7b-f00a-4269-9a85-b593af1c4dee
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 793b8e8f8eff0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 264c757814627b3fd5c373f962d25a4b
971e0e82b9c625cf25ff908ae58f56d00562c118
895b9e9b27703db1c6cb28dd7100dba2e600cb628a9122e7bd92c2990db1cec7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1207
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:41 GMT
Last-Modified: Fri, 03 Feb 2023 13:16:34 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash aa5809ba834dbb2d2aeb01e4d7858cab
a5feba654026fec8871aa252344e41923e05f2f6
c1a90a4571f53704311269a2e6cdb6ca20041515cba71b4392adc134b098d3a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6302
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:41 GMT
Last-Modified: Fri, 03 Feb 2023 11:51:39 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ede42358dbe8cf2e6b7e6a2653774d01
5dc8ca0b929f04fb15c7ff81d0a9decda023b7fb
8e841815d41c4ade06e328cb1ffb9be342640167ec6acb658f6b4b373e23a52a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5282
Cache-Control: max-age=99613
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:41 GMT
Etag: "63dbdb64-1d7"
Expires: Sat, 04 Feb 2023 17:16:54 GMT
Last-Modified: Thu, 02 Feb 2023 15:48:52 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8d777e9406316814b36e3c580cccd4c8
7653df86c61ff7c801e35da9eeca3ecc70c7d7e8
2c4bb952aa3359712306a7c20b845627ee26689aacdb2560a61fc175e7c0c731
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
216.239.32.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.32.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 03 Feb 2023 11:45:20 GMT
expires: Fri, 03 Feb 2023 13:45:20 GMT
cache-control: public, max-age=7200
age: 6681
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash b838ac4bfe10194ce870fa25b04d7d70
c64670dad1b8e0cbb56ad849b6e02bc5fbe32422
abf1322bfedbb368e494709d83b308d34d6f78d6cc67b45c488256726e338c96
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: d0b725beb9e39ce15787229798fe7eb9
etag: "e7258b65159d6e93cd1eacc7507e4a3e"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 03 Feb 2023 13:41:00 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: uDisS/4QGUzocPolsE19cA==
x-fb-debug: omwEtLM9ZIau3o/Z38dhogy3/efAZiyHgCpNu3rDZFib/GrwRPASWMUQFZPMg+pWgMI+V4lR3A7eriLog+A9Ng==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1904183273
date: Fri, 03 Feb 2023 13:36:41 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.eform2290.com/favicon.ico
3.80.0.188200 OK 15 kB URL HTTP/2 www.eform2290.com/favicon.ico
IP 3.80.0.188:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash b318162ebb96ab24069bf950db19d444
5a01d9740b2944f70db9bcd5eb368f2f468e5ea4
e49b5841c0738ac4a96eea9b351d3eddeb77830e167c693ec2a4e865f0f21037
GET /favicon.ico HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Cookie: _gcl_au=1.1.1904116091.1675431431
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:41 GMT
content-type: image/x-icon
content-length: 15406
set-cookie: AWSALB=BZSUyt2aGgxGyRkkJf+hCAcsa4RURbkU6pLrUuMylVDTrmg61KKJwRtYk3SF4OyOK/g9ZLwIwxO4JjuILpYoCBkjAAVKtFcaYsoznUXpvson/RrmdtEkBeK0CalD; Expires=Fri, 10 Feb 2023 13:36:41 GMT; Path=/
AWSALBCORS=BZSUyt2aGgxGyRkkJf+hCAcsa4RURbkU6pLrUuMylVDTrmg61KKJwRtYk3SF4OyOK/g9ZLwIwxO4JjuILpYoCBkjAAVKtFcaYsoznUXpvson/RrmdtEkBeK0CalD; Expires=Fri, 10 Feb 2023 13:36:41 GMT; Path=/; SameSite=None; Secure
cache-control: max-age=2592000
last-modified: Fri, 27 Jan 2023 10:08:22 GMT
accept-ranges: bytes
etag: "f82ac493732d91:0"
vary: Accept-Encoding, User-Agent
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-security-policy: default-src *; style-src 'self' https://* http://* 'unsafe-inline'; script-src 'self' https://* http://* 'unsafe-inline' 'unsafe-eval';img-src * 'self' data: https:;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ede42358dbe8cf2e6b7e6a2653774d01
5dc8ca0b929f04fb15c7ff81d0a9decda023b7fb
8e841815d41c4ade06e328cb1ffb9be342640167ec6acb658f6b4b373e23a52a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5282
Cache-Control: max-age=99613
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:41 GMT
Etag: "63dbdb64-1d7"
Expires: Sat, 04 Feb 2023 17:16:54 GMT
Last-Modified: Thu, 02 Feb 2023 15:48:52 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/952235328/?random=1675431431042&cv=11&fst=1675431431042&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.eform2290.com%2Flogin%2F&tiba=2290%20online%20login%20%7C%202290%20Instructions%20%7C%20eform2290%20login&auid=1904116091.1675431431&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.34200 OK 901 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/952235328/?random=1675431431042&cv=11&fst=1675431431042&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.eform2290.com%2Flogin%2F&tiba=2290%20online%20login%20%7C%202290%20Instructions%20%7C%20eform2290%20login&auid=1904116091.1675431431&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (1971), with no line terminators
Hash f8c15bd84c4e06de081ba5227ac7dff4
f7069cf1011c357d7fa41121b7acc8351c8201fd
e69c81d4e33dfae3dbe2745ae82de4b0ed04cf163b135d4fc8fbe280e24142c9
GET /pagead/viewthroughconversion/952235328/?random=1675431431042&cv=11&fst=1675431431042&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.eform2290.com%2Flogin%2F&tiba=2290%20online%20login%20%7C%202290%20Instructions%20%7C%20eform2290%20login&auid=1904116091.1675431431&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 13:36:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 901
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 03-Feb-2023 13:51:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13279
Expires: Fri, 03 Feb 2023 17:18:00 GMT
Date: Fri, 03 Feb 2023 13:36:41 GMT
Connection: keep-alive
www.google-analytics.com/j/collect?v=1&_v=j99&a=1674855702&t=pageview&_s=1&dl=https%3A%2F%2Fwww.eform2290.com%2Flogin%2F&ul=en-us&de=UTF-8&dt=2290%20online%20login%20%7C%202290%20Instructions%20%7C%20eform2290%20login&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1062878972&gjid=1324046638&cid=1991471737.1675431432&tid=UA-26348509-2&_gid=1330186641.1675431432&_r=1&_slc=1>m=457e3210&z=844426757
216.239.32.178200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=1674855702&t=pageview&_s=1&dl=https%3A%2F%2Fwww.eform2290.com%2Flogin%2F&ul=en-us&de=UTF-8&dt=2290%20online%20login%20%7C%202290%20Instructions%20%7C%20eform2290%20login&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1062878972&gjid=1324046638&cid=1991471737.1675431432&tid=UA-26348509-2&_gid=1330186641.1675431432&_r=1&_slc=1>m=457e3210&z=844426757
IP 216.239.32.178:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j99&a=1674855702&t=pageview&_s=1&dl=https%3A%2F%2Fwww.eform2290.com%2Flogin%2F&ul=en-us&de=UTF-8&dt=2290%20online%20login%20%7C%202290%20Instructions%20%7C%20eform2290%20login&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1062878972&gjid=1324046638&cid=1991471737.1675431432&tid=UA-26348509-2&_gid=1330186641.1675431432&_r=1&_slc=1>m=457e3210&z=844426757 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.eform2290.com
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.eform2290.com
date: Fri, 03 Feb 2023 13:36:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/952235328/?random=1675431431049&cv=11&fst=1675431431049&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.eform2290.com%2Flogin%2F&tiba=2290%20online%20login%20%7C%202290%20Instructions%20%7C%20eform2290%20login&auid=1904116091.1675431431&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.34200 OK 902 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/952235328/?random=1675431431049&cv=11&fst=1675431431049&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.eform2290.com%2Flogin%2F&tiba=2290%20online%20login%20%7C%202290%20Instructions%20%7C%20eform2290%20login&auid=1904116091.1675431431&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (1973), with no line terminators
Hash 688610d008353c12c0c4c9894213ff33
ba190fb2c1f342ff822b81930f67e145acd05845
eef98063b59ae6897f1455abf177d3f734eb345859d9552465d8c1b7ba5a9869
GET /pagead/viewthroughconversion/952235328/?random=1675431431049&cv=11&fst=1675431431049&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.eform2290.com%2Flogin%2F&tiba=2290%20online%20login%20%7C%202290%20Instructions%20%7C%20eform2290%20login&auid=1904116091.1675431431&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 13:36:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 902
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 03-Feb-2023 13:51:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vUJO-Pt9Hi1ndrCQQT1nNCGT7oDOYBpA8-EawHanESoZAsZv32dQdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 00:25:04 GMT
age: 47497
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13279
Expires: Fri, 03 Feb 2023 17:18:00 GMT
Date: Fri, 03 Feb 2023 13:36:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aTs6L8dJENFRdtBn7ggAbY5yaYRAzSY2B0bmElV4YNPrJg-KRDAyNA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:46:56 GMT
age: 56985
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:28:50 GMT
age: 54471
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13279
Expires: Fri, 03 Feb 2023 17:18:00 GMT
Date: Fri, 03 Feb 2023 13:36:41 GMT
Connection: keep-alive
script.hotjar.com/modules.bca0d1c28285412bb689.js
54.230.111.73200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.bca0d1c28285412bb689.js
IP 54.230.111.73:0
File type Unicode text, UTF-8 text, with very long lines (49086)
Hash e923aa360dc485b9df86355bd040c998
03c46dbd41e9d4bdf8a9e4bfbaba3f7f2e9280ec
9c7575553c5b81f9b905dbb27c8116b175b69e7472aa6597f8cace1c6434d676
GET /modules.bca0d1c28285412bb689.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 67924
date: Fri, 03 Feb 2023 13:10:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "e923aa360dc485b9df86355bd040c998"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZPr1LtZ25w7QCJo0ADT7QZNQgBjN3wtfMAm87WVqqff8t2kwli9fLA==
age: 1595
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 04:53:21 GMT
age: 31400
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13279
Expires: Fri, 03 Feb 2023 17:18:00 GMT
Date: Fri, 03 Feb 2023 13:36:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 114e345e134986d7451148fcea31b29d
541e878afee68c8802bb52b0cbbe5a5a0a185392
5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8211
x-amzn-requestid: 2df5779a-a808-46ec-9246-1a9b9bddd9e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmKLVHwroAMF72Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bd7b-3cfe97e07d17958836425784;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:04:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZZXEXszbtmGh7kLfhabCGd41rZRnSmQvdcySUQRTDtJRBqZVUK3LaQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 07:19:27 GMT
age: 22634
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP :0
Hash 0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G0R-0w9HtLB5OXb-w-RyR9QCnrddkS29FqF_GeAQa1CRWkqaUJwQoA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:27:53 GMT
age: 54528
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
accounts.google.com/gsi/style
142.250.74.45200 OK 772 B URL HTTP/2 accounts.google.com/gsi/style
IP 142.250.74.45:0
Hash a58eea76d2170bd3ffccb1edd53a18d5
15541ccfb30ffee10048b433972355262e8c380f
0b1c3e2cafff9fd8602834a93838cee7770b6fffc46b834d90abb32dc76cf7e2
GET /gsi/style HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
expires: Fri, 03 Feb 2023 13:36:41 GMT
date: Fri, 03 Feb 2023 13:36:41 GMT
cache-control: private, max-age=86400
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-security-policy: script-src 'nonce-5JzSQ5sufTVm7oUVC7xTsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
143.204.55.118200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
IP 143.204.55.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 112fdf47cdb80b9ce3d033ed09717460
3898efa86cbf1b64dc41a90a110ed5afd6f2ae13
3bfb2e882091d872eece2eee40084183a5fcb0a7ed98c1b004850751260a4cbb
GET /box-e031119f9e9e307a08fa610f85dbfb52.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1034
date: Fri, 03 Feb 2023 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NFAibQGdoRp78JH0tnfYmenuLUzoEc9WkraVpb0SvXayW92JAUhqag==
age: 1595
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2bef39ac599211fe23ad884ceacf1c9b
c19b32a600412658c49a3e55d5d8353a5101c31d
0ff4181df99351d3aa3490540d2f19474531fb07e13ee457b9339efab1a47ad9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 4cf0ccf2909be74efd7a89dbe4228ffb
b4993da334b48312584d116a3de4be4cd71962cf
e81c8aa45d0707079d9eba798fb447059042453be4834d14467839688ca66f5d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2bef39ac599211fe23ad884ceacf1c9b
c19b32a600412658c49a3e55d5d8353a5101c31d
0ff4181df99351d3aa3490540d2f19474531fb07e13ee457b9339efab1a47ad9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/952235328/?random=1675431431049&cv=11&fst=1675429200000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.eform2290.com%2Flogin%2F&tiba=2290%20online%20login%20%7C%202290%20Instructions%20%7C%20eform2290%20login&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2168917654&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/952235328/?random=1675431431049&cv=11&fst=1675429200000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.eform2290.com%2Flogin%2F&tiba=2290%20online%20login%20%7C%202290%20Instructions%20%7C%20eform2290%20login&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2168917654&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/952235328/?random=1675431431049&cv=11&fst=1675429200000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.eform2290.com%2Flogin%2F&tiba=2290%20online%20login%20%7C%202290%20Instructions%20%7C%20eform2290%20login&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2168917654&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 13:36:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/952235328/?random=1675431431042&cv=11&fst=1675429200000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.eform2290.com%2Flogin%2F&tiba=2290%20online%20login%20%7C%202290%20Instructions%20%7C%20eform2290%20login&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=454712085&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/952235328/?random=1675431431042&cv=11&fst=1675429200000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.eform2290.com%2Flogin%2F&tiba=2290%20online%20login%20%7C%202290%20Instructions%20%7C%20eform2290%20login&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=454712085&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/952235328/?random=1675431431042&cv=11&fst=1675429200000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.eform2290.com%2Flogin%2F&tiba=2290%20online%20login%20%7C%202290%20Instructions%20%7C%20eform2290%20login&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=454712085&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 13:36:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/952235328/?random=1675431431049&cv=11&fst=1675429200000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.eform2290.com%2Flogin%2F&tiba=2290%20online%20login%20%7C%202290%20Instructions%20%7C%20eform2290%20login&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2168917654&rmt_tld=1&ipr=y
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/952235328/?random=1675431431049&cv=11&fst=1675429200000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.eform2290.com%2Flogin%2F&tiba=2290%20online%20login%20%7C%202290%20Instructions%20%7C%20eform2290%20login&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2168917654&rmt_tld=1&ipr=y
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/952235328/?random=1675431431049&cv=11&fst=1675429200000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.eform2290.com%2Flogin%2F&tiba=2290%20online%20login%20%7C%202290%20Instructions%20%7C%20eform2290%20login&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2168917654&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 13:36:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/952235328/?random=1675431431042&cv=11&fst=1675429200000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.eform2290.com%2Flogin%2F&tiba=2290%20online%20login%20%7C%202290%20Instructions%20%7C%20eform2290%20login&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=454712085&rmt_tld=1&ipr=y
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/952235328/?random=1675431431042&cv=11&fst=1675429200000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.eform2290.com%2Flogin%2F&tiba=2290%20online%20login%20%7C%202290%20Instructions%20%7C%20eform2290%20login&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=454712085&rmt_tld=1&ipr=y
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/952235328/?random=1675431431042&cv=11&fst=1675429200000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.eform2290.com%2Flogin%2F&tiba=2290%20online%20login%20%7C%202290%20Instructions%20%7C%20eform2290%20login&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=454712085&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 13:36:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2bef39ac599211fe23ad884ceacf1c9b
c19b32a600412658c49a3e55d5d8353a5101c31d
0ff4181df99351d3aa3490540d2f19474531fb07e13ee457b9339efab1a47ad9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 13:36:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.hotjar.com/preact-incoming-feedback.9bb61543ccb59ac3872b.js
54.230.111.73200 OK 35 kB URL HTTP/2 script.hotjar.com/preact-incoming-feedback.9bb61543ccb59ac3872b.js
IP 54.230.111.73:0
Hash a424df2d9d52361a4dcdb7a44b1f22af
5564c00d027172226de174a05735f5721a3ff5a1
4a7c13661437ebb8cf801ab1758675d8a3a9997f85a8be8c4c0dc54d0846afbf
GET /preact-incoming-feedback.9bb61543ccb59ac3872b.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 34550
date: Fri, 03 Feb 2023 13:10:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "a424df2d9d52361a4dcdb7a44b1f22af"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ENx5GnXUx70N3LprDrx18LeEgT064oIqWfr1MROrZOy8rgsx0AkdJQ==
age: 1595
X-Firefox-Spdy: h2
script.hotjar.com/font-hotjar_5.65042d.woff2
54.230.111.73200 OK 2.2 kB URL HTTP/2 script.hotjar.com/font-hotjar_5.65042d.woff2
IP 54.230.111.73:0
File type Web Open Font Format (Version 2), TrueType, length 2188, version 1.0\012- data
Hash c9fb9163f8b7be37023ebe649688bebf
8a045f40cc0f0035d41679c522334277f9f2de59
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da
GET /font-hotjar_5.65042d.woff2 HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.eform2290.com
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 2188
date: Thu, 19 Jan 2023 03:50:33 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
etag: "c9fb9163f8b7be37023ebe649688bebf"
last-modified: Wed, 18 Jan 2023 16:09:03 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fR46_ay7J02oufo3XR92e7o_CSUfCttH-b9SM5tF-m8gc6HrnEnpIA==
age: 1331168
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 280141043257105b3595ff426d2273a0
1bf9128e4aa4c785f77853a5af50c18c1aee9485
e6da03e355cfad082f0fcee6351561ebe402304c35a327d287251229274e5470
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 13:36:41 GMT
Last-Modified: Fri, 03 Feb 2023 12:50:59 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lt-O15UI3juwmOJfBqQj_qcL2Z1yDq_TlCdIyTPy313XW1bo3LqjiA==
Age: 2742
fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
142.250.74.163200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
IP 142.250.74.163:0
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, Copyright 2015 Google LLC. All Rights Reserved.Google Sans MediumRegularGoogle;GoogleSans-Medium\012- data
Hash 48d399faaa696e710b9d841b934461e2
8b867014ac0ae0a2b81a55f171deede8336a496f
c905a4d23caf1f95d96c244084f15336fba5f65b74de870ec5c2be878410625d
GET /s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.google.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27431
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 12:10:02 GMT
expires: Mon, 29 Jan 2024 12:10:02 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2019 23:43:31 GMT
content-type: font/ttf
age: 437199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf
142.250.74.163200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf
IP 142.250.74.163:0
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, Copyright 2015 Google LLC. All Rights Reserved.Google SansRegularGoogle;GoogleSans-RegularGoogle\012- data
Hash 097c4b560f821fb05c628abb70fab199
4650bf1244b6cba45b222aa269c96ad8ea95ab42
a9bd7cfb72481bd844fa2e3cd4019c8b2ab2a232b50cabe62f8d9483e284f672
GET /s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.google.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 12:42:55 GMT
expires: Thu, 01 Feb 2024 12:42:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2019 23:42:54 GMT
content-type: font/ttf
age: 176026
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
js.hs-analytics.net/analytics/1675431300000/20728395.js
104.17.71.176200 OK 22 kB URL HTTP/2 js.hs-analytics.net/analytics/1675431300000/20728395.js
IP 104.17.71.176:0
File type ASCII text, with very long lines (62490)
Hash 9ba589008eafdab01f178e4290818aaf
28ce6de401b564314e431dcb2f9d5e742b1aa063
32856d0f310958d0577a0492b914b0957aea2c3b3a140b34d831198734f57d0c
GET /analytics/1675431300000/20728395.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:41 GMT
content-type: text/javascript
x-amz-id-2: dkQIzJg4WXOCvSm18AAnDrtpzjfKtgqFp70vrQuNkpuusY/EMf91HhBn46l5PEuKVbsQ0ujGJ28=
x-amz-request-id: P47BWSGKNV7F2DRC
last-modified: Wed, 18 Jan 2023 21:00:40 GMT
etag: W/"06d344860204fd291e22cf8ac115ebfe"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Fri, 03 Feb 2023 13:41:41 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 793b8e90994d0b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-26348509-2&cid=1991471737.1675431432&jid=1062878972&gjid=1324046638&_gid=1330186641.1675431432&_u=YEBAAUAAAAAAACAAI~&z=311641814
173.194.222.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-26348509-2&cid=1991471737.1675431432&jid=1062878972&gjid=1324046638&_gid=1330186641.1675431432&_u=YEBAAUAAAAAAACAAI~&z=311641814
IP 173.194.222.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-26348509-2&cid=1991471737.1675431432&jid=1062878972&gjid=1324046638&_gid=1330186641.1675431432&_u=YEBAAUAAAAAAACAAI~&z=311641814 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.eform2290.com
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.eform2290.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 03 Feb 2023 13:36:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ws24.hotjar.com/api/v2/client/ws
52.19.243.176101 Switching Protocols 0 B URL HTTP/1.1 ws24.hotjar.com/api/v2/client/ws
IP 52.19.243.176:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v2/client/ws HTTP/1.1
Host: ws24.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.eform2290.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uDLoAtWaITFN2ocv09sTdA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 03 Feb 2023 13:36:41 GMT
Content-Type: application/octet-stream
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PKhbyce2sBj/qfup3dvrIvcZK/8=
Sec-WebSocket-Extensions: permessage-deflate
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash df046691ff10d3721401b906b676c346
de1dea9a515c9a715a6cce2f3c324eec36961b6e
8600116dd0e570e6ac712a198923c256ccdf7dedd145e8555aaebcb1b9026aea
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 13:36:41 GMT
Last-Modified: Fri, 03 Feb 2023 11:53:57 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: b3vXZJ60G3Tr4ZOZ2G5fj_gV6Tm9toPs9qeOFcWlpC9VzrNmCJY5Ow==
Age: 6164
content.hotjar.io/
54.194.34.1200 OK 56 B IP 54.194.34.1:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 297a8ad85a5b3fd02c80ae6f9478761e
b3eadce98510c80d9e89c34d97c432be9c393ec5
823264c3c64987a59f946e05a4176771611c2e7ff82d48c4ca09578e12bb1a7e
POST / HTTP/1.1
Host: content.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 138333
Origin: https://www.eform2290.com
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:42 GMT
content-type: application/json
content-length: 56
vary: Origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
accounts.google.com/gsi/button?type=standard&shape=rectangular&text=signin&size=large&logo_alignment=center&width=250&client_id=957711396209-vn71u7m5gj1s3jt1mia18vpmg24ddo3i.apps.googleusercontent.com&iframe_id=gsi_432240_78489&as=l4krZAfrnlhWLexCh8aOfQ
142.250.74.45200 OK 0 B URL HTTP/2 accounts.google.com/gsi/button?type=standard&shape=rectangular&text=signin&size=large&logo_alignment=center&width=250&client_id=957711396209-vn71u7m5gj1s3jt1mia18vpmg24ddo3i.apps.googleusercontent.com&iframe_id=gsi_432240_78489&as=l4krZAfrnlhWLexCh8aOfQ
IP 142.250.74.45:0
GET /gsi/button?type=standard&shape=rectangular&text=signin&size=large&logo_alignment=center&width=250&client_id=957711396209-vn71u7m5gj1s3jt1mia18vpmg24ddo3i.apps.googleusercontent.com&iframe_id=gsi_432240_78489&as=l4krZAfrnlhWLexCh8aOfQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 03 Feb 2023 13:36:41 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-efAY0tQw6oJeatr0_8PPag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-json/contact-form-7/v1/contact-forms/1574/refill
3.80.0.188200 OK 0 B URL HTTP/2 www.eform2290.com/login/wp-json/contact-form-7/v1/contact-forms/1574/refill
IP 3.80.0.188:0
GET /login/wp-json/contact-form-7/v1/contact-forms/1574/refill HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.eform2290.com/login/
Connection: keep-alive
Cookie: _gcl_au=1.1.1904116091.1675431431; _ga=GA1.2.1991471737.1675431432; _gid=GA1.2.1330186641.1675431432; _gat_gtag_UA_26348509_2=1; AWSALB=BZSUyt2aGgxGyRkkJf+hCAcsa4RURbkU6pLrUuMylVDTrmg61KKJwRtYk3SF4OyOK/g9ZLwIwxO4JjuILpYoCBkjAAVKtFcaYsoznUXpvson/RrmdtEkBeK0CalD; AWSALBCORS=BZSUyt2aGgxGyRkkJf+hCAcsa4RURbkU6pLrUuMylVDTrmg61KKJwRtYk3SF4OyOK/g9ZLwIwxO4JjuILpYoCBkjAAVKtFcaYsoznUXpvson/RrmdtEkBeK0CalD; _hjSessionUser_979904=eyJpZCI6IjA5ZGM5NGVlLTdhMTQtNWIxNC1hNzg5LTJlOTRjZjQzOWQ3NyIsImNyZWF0ZWQiOjE2NzU0MzE0MzIzMzUsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=1; _hjSession_979904=eyJpZCI6IjFkMTgzZWRiLTI3ZDYtNDFhYy1hNzEyLWU4YjJmNGQ2NTUwZiIsImNyZWF0ZWQiOjE2NzU0MzE0MzI0MDEsImluU2FtcGxlIjp0cnVlfQ==; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:41 GMT
content-type: application/json; charset=UTF-8
server: nginx/1.14.0 (Ubuntu)
x-robots-tag: noindex
link: <https://www.eform2290.com/login/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Accept-Encoding, Origin
content-encoding: gzip
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
3.80.0.188200 OK 0 B URL HTTP/2 www.eform2290.com/login/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 3.80.0.188:0
GET /login/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: text/css
server: nginx/1.14.0 (Ubuntu)
last-modified: Sun, 29 Jan 2023 08:40:55 GMT
vary: Accept-Encoding
etag: W/"63d63117-172a9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
forms.hubspot.com/collected-forms/v1/config/json?portalId=20728395&utk=
104.19.155.83200 OK 0 B URL HTTP/2 forms.hubspot.com/collected-forms/v1/config/json?portalId=20728395&utk=
IP 104.19.155.83:0
GET /collected-forms/v1/config/json?portalId=20728395&utk= HTTP/1.1
Host: forms.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.eform2290.com
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:40 GMT
content-type: application/json;charset=utf-8
vary: origin
x-hubspot-correlation-id: 5f77c3a7-bdca-4eda-9541-ab46915a3c5a
access-control-allow-credentials: false
access-control-allow-origin: https://www.eform2290.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: *
access-control-max-age: 180
x-robots-tag: none
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=ClvbE_bJ1kaBeJq9BAZjLvYRw7poesjde9Yb4mm9m0k-1675431400-0-AQ+Hwym+iTTcwfcB/oU5Jc/YVw36jmDMGexKB2DQe4GD1bA2nlsvdwrDLlWO8k7jQ6wUgVIVHuGIBGmfcqVccOo=; path=/; expires=Fri, 03-Feb-23 14:06:40 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5D%2FCABLa5qyUQCT3mvou3Pe8tLs4N8KeFxbprpKU9KKKqGs8z3sB%2BFjGcVhA9QJUHlZWeSc57aVPR0WU5AwUVpQnwrnfH%2B719WggtO5q4bMlKAVdL54uHVhqYmR5J%2FQf5YUw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 793b8e8e8e16b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/resource-enqueuer/assets/css/form-style.css?ver=6.1.1
3.80.0.188200 OK 0 B URL HTTP/2 www.eform2290.com/login/wp-content/plugins/resource-enqueuer/assets/css/form-style.css?ver=6.1.1
IP 3.80.0.188:0
GET /login/wp-content/plugins/resource-enqueuer/assets/css/form-style.css?ver=6.1.1 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: text/css
server: nginx/1.14.0 (Ubuntu)
last-modified: Wed, 09 Nov 2022 08:50:32 GMT
vary: Accept-Encoding
etag: W/"636b69d8-32c8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/Oxygen-Mobile-Sub-Menu-master/assets/js/sub-menus.js?ver=1.1.0
3.80.0.188200 OK 0 B URL HTTP/2 www.eform2290.com/login/wp-content/plugins/Oxygen-Mobile-Sub-Menu-master/assets/js/sub-menus.js?ver=1.1.0
IP 3.80.0.188:0
GET /login/wp-content/plugins/Oxygen-Mobile-Sub-Menu-master/assets/js/sub-menus.js?ver=1.1.0 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: application/javascript
server: nginx/1.14.0 (Ubuntu)
last-modified: Thu, 21 Jul 2022 14:31:05 GMT
vary: Accept-Encoding
etag: W/"62d96329-864"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
js.hs-scripts.com/20728395.js
104.17.211.204200 OK 0 B URL HTTP/2 js.hs-scripts.com/20728395.js
IP 104.17.211.204:0
GET /20728395.js HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:40 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B089EC7A84179E23448DC8B025E6192E3A6947389000000000000000000
cache-control: public, max-age=60
vary: origin, Accept-Encoding
x-hubspot-correlation-id: e88daae4-171e-479c-97c0-71bd7a7f1fb8
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://www.eform2290.com
last-modified: Fri, 03 Feb 2023 13:36:40 GMT
cf-cache-status: MISS
expires: Fri, 03 Feb 2023 13:37:40 GMT
server: cloudflare
cf-ray: 793b8e88a8f3b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=6bc6d90c6e96650ff3446d12c3a9d59d
31.13.72.12200 OK 0 B URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=6bc6d90c6e96650ff3446d12c3a9d59d
IP 31.13.72.12:0
GET /en_US/sdk.js?hash=6bc6d90c6e96650ff3446d12c3a9d59d HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.eform2290.com
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: d0efb7e9a57e08690a10ed0df0856c81
etag: "6bbc933d874d85b6a7f3196a48291edb"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 03 Feb 2024 11:03:45 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: cwAjrs/AOCsR6HRWF9ZZ8A==
x-fb-debug: sbNu04bIzk/ZnSposZI7+v6wJ8Tyj/BhnTZlhqdkgw3kxtMOm9NkIbY1f2gVMZei2DfvhUlBG+Kt3+Jj8MzsJA==
content-length: 86989
x-fb-trip-id: 1904183273
date: Fri, 03 Feb 2023 13:36:41 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
js.hs-banner.com/v2/20728395/banner.js
104.18.33.171200 OK 0 B URL HTTP/2 js.hs-banner.com/v2/20728395/banner.js
IP 104.18.33.171:0
GET /v2/20728395/banner.js HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:40 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: Gnavk5nAKK7Wam/BFwX0kRYugZ/c897H2rSFo3lRML11XBfRGpOzHa8OGED3xA6byV4NlAtB+q0=
x-amz-request-id: B9MXEEHSK1WH5JGX
last-modified: Thu, 26 Jan 2023 19:51:35 GMT
etag: W/"c95916e16f55a3aa8f6f6b238be22b7f"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: frpkG5tePnlfA8zpRMd9mRf9p_TwYQn2
access-control-allow-origin: https://www.eform2290.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin, Accept-Encoding
expires: Fri, 03 Feb 2023 13:41:40 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 793b8e8bfbe0b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/resource-enqueuer/assets/js/constants.js?ver=9.9.0
3.80.0.188200 OK 0 B URL HTTP/2 www.eform2290.com/login/wp-content/plugins/resource-enqueuer/assets/js/constants.js?ver=9.9.0
IP 3.80.0.188:0
GET /login/wp-content/plugins/resource-enqueuer/assets/js/constants.js?ver=9.9.0 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: application/javascript
server: nginx/1.14.0 (Ubuntu)
last-modified: Wed, 09 Nov 2022 04:15:33 GMT
vary: Accept-Encoding
etag: W/"636b2965-285"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/resource-enqueuer/services/cache.js?ver=9.9.0
3.80.0.188200 OK 0 B URL HTTP/2 www.eform2290.com/login/wp-content/plugins/resource-enqueuer/services/cache.js?ver=9.9.0
IP 3.80.0.188:0
GET /login/wp-content/plugins/resource-enqueuer/services/cache.js?ver=9.9.0 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: application/javascript
server: nginx/1.14.0 (Ubuntu)
last-modified: Wed, 11 Jan 2023 10:25:31 GMT
vary: Accept-Encoding
etag: W/"63be8e9b-10c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/wp-google-analytics-events/js/dist/frontend-scripts.min.js?ver=1.0
3.80.0.188200 OK 0 B URL HTTP/2 www.eform2290.com/login/wp-content/plugins/wp-google-analytics-events/js/dist/frontend-scripts.min.js?ver=1.0
IP 3.80.0.188:0
GET /login/wp-content/plugins/wp-google-analytics-events/js/dist/frontend-scripts.min.js?ver=1.0 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: application/javascript
server: nginx/1.14.0 (Ubuntu)
last-modified: Thu, 21 Jul 2022 14:31:05 GMT
vary: Accept-Encoding
etag: W/"62d96329-1379"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/resource-enqueuer/assets/js/form-validation-login.js?ver=9.9.0
3.80.0.188200 OK 0 B URL HTTP/2 www.eform2290.com/login/wp-content/plugins/resource-enqueuer/assets/js/form-validation-login.js?ver=9.9.0
IP 3.80.0.188:0
GET /login/wp-content/plugins/resource-enqueuer/assets/js/form-validation-login.js?ver=9.9.0 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: application/javascript
server: nginx/1.14.0 (Ubuntu)
last-modified: Thu, 29 Dec 2022 10:38:32 GMT
vary: Accept-Encoding
etag: W/"63ad6e28-1c12"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/oxygen/component-framework/oxygen.css?ver=4.4
3.80.0.188200 OK 0 B URL HTTP/2 www.eform2290.com/login/wp-content/plugins/oxygen/component-framework/oxygen.css?ver=4.4
IP 3.80.0.188:0
GET /login/wp-content/plugins/oxygen/component-framework/oxygen.css?ver=4.4 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: text/css
server: nginx/1.14.0 (Ubuntu)
last-modified: Sun, 29 Jan 2023 08:42:05 GMT
vary: Accept-Encoding
etag: W/"63d6315d-5003"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/resource-enqueuer/services/fetchWrapper.js?ver=9.9.0
3.80.0.188200 OK 0 B URL HTTP/2 www.eform2290.com/login/wp-content/plugins/resource-enqueuer/services/fetchWrapper.js?ver=9.9.0
IP 3.80.0.188:0
GET /login/wp-content/plugins/resource-enqueuer/services/fetchWrapper.js?ver=9.9.0 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: application/javascript
server: nginx/1.14.0 (Ubuntu)
last-modified: Thu, 10 Nov 2022 05:27:14 GMT
vary: Accept-Encoding
etag: W/"636c8bb2-5c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-json/contact-form-7/v1/contact-forms/1574/feedback/schema
3.80.0.188200 OK 0 B URL HTTP/2 www.eform2290.com/login/wp-json/contact-form-7/v1/contact-forms/1574/feedback/schema
IP 3.80.0.188:0
GET /login/wp-json/contact-form-7/v1/contact-forms/1574/feedback/schema HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.eform2290.com/login/
Connection: keep-alive
Cookie: _gcl_au=1.1.1904116091.1675431431
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:40 GMT
content-type: application/json; charset=UTF-8
server: nginx/1.14.0 (Ubuntu)
x-robots-tag: noindex
link: <https://www.eform2290.com/login/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Accept-Encoding, Origin
content-encoding: gzip
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/resource-enqueuer/services/storageWrapper.js?ver=9.9.0
3.80.0.188200 OK 0 B URL HTTP/2 www.eform2290.com/login/wp-content/plugins/resource-enqueuer/services/storageWrapper.js?ver=9.9.0
IP 3.80.0.188:0
GET /login/wp-content/plugins/resource-enqueuer/services/storageWrapper.js?ver=9.9.0 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: application/javascript
server: nginx/1.14.0 (Ubuntu)
last-modified: Thu, 04 Aug 2022 08:59:22 GMT
vary: Accept-Encoding
etag: W/"62eb8a6a-163"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/resource-enqueuer/assets/js/label.js?ver=1
3.80.0.188200 OK 0 B URL HTTP/2 www.eform2290.com/login/wp-content/plugins/resource-enqueuer/assets/js/label.js?ver=1
IP 3.80.0.188:0
Analyzer Verdict Alert fortinet Malware
GET /login/wp-content/plugins/resource-enqueuer/assets/js/label.js?ver=1 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: application/javascript
server: nginx/1.14.0 (Ubuntu)
last-modified: Tue, 08 Nov 2022 08:06:36 GMT
vary: Accept-Encoding
etag: W/"636a0e0c-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
3.80.0.188200 OK 0 B URL HTTP/2 www.eform2290.com/login/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 3.80.0.188:0
GET /login/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: application/javascript
server: nginx/1.14.0 (Ubuntu)
last-modified: Sun, 29 Jan 2023 08:40:54 GMT
vary: Accept-Encoding
etag: W/"63d63116-15e54"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/uploads/oxygen/css/1568.css?cache=1674981785&ver=6.1.1
3.80.0.188200 OK 0 B URL HTTP/2 www.eform2290.com/login/wp-content/uploads/oxygen/css/1568.css?cache=1674981785&ver=6.1.1
IP 3.80.0.188:0
GET /login/wp-content/uploads/oxygen/css/1568.css?cache=1674981785&ver=6.1.1 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: text/css
server: nginx/1.14.0 (Ubuntu)
last-modified: Sun, 29 Jan 2023 08:43:05 GMT
vary: Accept-Encoding
etag: W/"63d63199-13ae"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/resource-enqueuer/services/ef_utils.js?ver=9.9.0
3.80.0.188200 OK 0 B URL HTTP/2 www.eform2290.com/login/wp-content/plugins/resource-enqueuer/services/ef_utils.js?ver=9.9.0
IP 3.80.0.188:0
GET /login/wp-content/plugins/resource-enqueuer/services/ef_utils.js?ver=9.9.0 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: application/javascript
server: nginx/1.14.0 (Ubuntu)
last-modified: Wed, 11 Jan 2023 11:13:27 GMT
vary: Accept-Encoding
etag: W/"63be99d7-656"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/uploads/oxygen/css/universal.css?cache=1674981779&ver=6.1.1
3.80.0.188200 OK 0 B URL HTTP/2 www.eform2290.com/login/wp-content/uploads/oxygen/css/universal.css?cache=1674981779&ver=6.1.1
IP 3.80.0.188:0
GET /login/wp-content/uploads/oxygen/css/universal.css?cache=1674981779&ver=6.1.1 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: text/css
server: nginx/1.14.0 (Ubuntu)
last-modified: Sun, 29 Jan 2023 08:42:59 GMT
vary: Accept-Encoding
etag: W/"63d63193-129ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3
3.80.0.188200 OK 0 B URL HTTP/2 www.eform2290.com/login/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3
IP 3.80.0.188:0
GET /login/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: application/javascript
server: nginx/1.14.0 (Ubuntu)
last-modified: Sun, 29 Jan 2023 08:44:43 GMT
vary: Accept-Encoding
etag: W/"63d631fb-2945"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/cf7-add-password-field/js/eye.js?ver=6.1.1
3.80.0.188200 OK 0 B URL HTTP/2 www.eform2290.com/login/wp-content/plugins/cf7-add-password-field/js/eye.js?ver=6.1.1
IP 3.80.0.188:0
GET /login/wp-content/plugins/cf7-add-password-field/js/eye.js?ver=6.1.1 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: application/javascript
server: nginx/1.14.0 (Ubuntu)
last-modified: Sun, 29 Jan 2023 08:37:59 GMT
vary: Accept-Encoding
etag: W/"63d63067-157"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
js.hscollectedforms.net/collectedforms.js
104.17.130.171200 OK 0 B URL HTTP/2 js.hscollectedforms.net/collectedforms.js
IP 104.17.130.171:0
GET /collectedforms.js HTTP/1.1
Host: js.hscollectedforms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.eform2290.com
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:40 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Dec 2022 02:49:13 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: SN4HXBautbT5xHa4DdPckLpyluwLE8QR
etag: W/"349cabd549e2249f8fb6ac3ac6f08e00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: J2rPTypvmIXUrP4ZVRJtSS9JpvdWttJslJftXyU89OF6s09JO72weg==
cache-control: s-maxage=600, max-age=300
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.312/bundles/project.js&cfRay=793b8e8bdc04b51d-IAD
x-hs-target-asset: collected-forms-embed-js/static-1.312/bundles/project.js
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
cf-cache-status: MISS
server: cloudflare
cf-ray: 793b8e8bdc04b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/plugins/resource-enqueuer/assets/js/fblogin.js?ver=9.9.0
3.80.0.188200 OK 0 B URL HTTP/2 www.eform2290.com/login/wp-content/plugins/resource-enqueuer/assets/js/fblogin.js?ver=9.9.0
IP 3.80.0.188:0
GET /login/wp-content/plugins/resource-enqueuer/assets/js/fblogin.js?ver=9.9.0 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: application/javascript
server: nginx/1.14.0 (Ubuntu)
last-modified: Thu, 04 Aug 2022 08:59:22 GMT
vary: Accept-Encoding
etag: W/"62eb8a6a-621"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-979904.js?sv=5
54.230.111.39200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-979904.js?sv=5
IP 54.230.111.39:0
GET /c/hotjar-979904.js?sv=5 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 13:36:41 GMT
cache-control: max-age=60
etag: W/d65e14d3769e2b08bb03d4953fcbd1e9
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5UdlYvyKOLNxPBanegLMsSww3xfoq5SbojvDPGI60XKpuWjmvCdCpw==
X-Firefox-Spdy: h2
www.eform2290.com/login/
3.80.0.188200 OK 0 B IP 3.80.0.188:0
GET /login/ HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
last-modified: Fri, 03 Feb 2023 06:40:59 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
www.eform2290.com/login/wp-content/uploads/oxygen/css/1553.css?cache=1674981786&ver=6.1.1
3.80.0.188200 OK 0 B URL HTTP/2 www.eform2290.com/login/wp-content/uploads/oxygen/css/1553.css?cache=1674981786&ver=6.1.1
IP 3.80.0.188:0
GET /login/wp-content/uploads/oxygen/css/1553.css?cache=1674981786&ver=6.1.1 HTTP/1.1
Host: www.eform2290.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/login/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:39 GMT
content-type: text/css
server: nginx/1.14.0 (Ubuntu)
last-modified: Sun, 29 Jan 2023 08:43:06 GMT
vary: Accept-Encoding
etag: W/"63d6319a-2149"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
accounts.google.com/gsi/client
142.250.74.45200 OK 0 B URL HTTP/2 accounts.google.com/gsi/client
IP 142.250.74.45:0
GET /gsi/client HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
expires: Fri, 03 Feb 2023 13:36:41 GMT
date: Fri, 03 Feb 2023 13:36:41 GMT
cache-control: private, max-age=1800
content-security-policy: script-src 'nonce-1n2KH2qHwJ5F0GJjrcuNDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/979904/visit-data?sv=5
63.32.143.51200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/979904/visit-data?sv=5
IP 63.32.143.51:0
POST /api/v2/client/sites/979904/visit-data?sv=5 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 112
Origin: https://www.eform2290.com
Connection: keep-alive
Referer: https://www.eform2290.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 13:36:41 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2