fondlink.fond.co/ls/click?upn=dxcsLPn-2BPJghqstrxQR9L31rMTpCRnGAwA7M2u5ENS4TgTQ4MFeButCREPEvGHwIfq7c3H8uV2GM0uXWb5vQHLqSaHrX9GXWYSbrrzeqNQ9R7OxOmVRES1RDviJhn-2FczLUKnLLynWw73yMq5kLl-2BE0NxR7x1q3KGNG6A1-2FrRTA0-3DiUJ5_tRSoNy6DHIKtyCaruBpIsPl4R-2Ffia-2FNLAp1hecF5WjiIerJ9pzD2GmCJaXbgVcPFVoLbCxfbiRMrCEdaaiv5erySitLEMGo3X68PUPXmgiLoCw6xCD-2BYkj0XUr-2BmKZPUmnLWUzBR1XghQeIXk-2B4bG7I-2Fvm0-2BVCHkKHXGW0sUZSeNvw-2Fxfn1zWoCIZy-2FCJl69vTKTfx7xdLkuu63Kv-2Fue98HauQmwDB2p4kyERLx57g7RMtKxNN6f2NpReNoyGH-2BU2uFlTuivZYEP8J8m81qKgHeocFbqmRyYsxAxpzoFWqSYVevfYNdjcxbteCX7hAVt5yem6heLQs-2BlMBfYaivm-2FlT9LRw86t6CV7yPISpLlYLrB1ca1EYQ7c9B7Lciei4zog-2FpGHB9w-2BCU2HRgTFnzvSeIDjBGGJ83ODnSKJAyzGM-3D
167.89.123.54302 Found 145 B URL HTTP/1.1 fondlink.fond.co/ls/click?upn=dxcsLPn-2BPJghqstrxQR9L31rMTpCRnGAwA7M2u5ENS4TgTQ4MFeButCREPEvGHwIfq7c3H8uV2GM0uXWb5vQHLqSaHrX9GXWYSbrrzeqNQ9R7OxOmVRES1RDviJhn-2FczLUKnLLynWw73yMq5kLl-2BE0NxR7x1q3KGNG6A1-2FrRTA0-3DiUJ5_tRSoNy6DHIKtyCaruBpIsPl4R-2Ffia-2FNLAp1hecF5WjiIerJ9pzD2GmCJaXbgVcPFVoLbCxfbiRMrCEdaaiv5erySitLEMGo3X68PUPXmgiLoCw6xCD-2BYkj0XUr-2BmKZPUmnLWUzBR1XghQeIXk-2B4bG7I-2Fvm0-2BVCHkKHXGW0sUZSeNvw-2Fxfn1zWoCIZy-2FCJl69vTKTfx7xdLkuu63Kv-2Fue98HauQmwDB2p4kyERLx57g7RMtKxNN6f2NpReNoyGH-2BU2uFlTuivZYEP8J8m81qKgHeocFbqmRyYsxAxpzoFWqSYVevfYNdjcxbteCX7hAVt5yem6heLQs-2BlMBfYaivm-2FlT9LRw86t6CV7yPISpLlYLrB1ca1EYQ7c9B7Lciei4zog-2FpGHB9w-2BCU2HRgTFnzvSeIDjBGGJ83ODnSKJAyzGM-3D
IP 167.89.123.54:0
File type HTML document, ASCII text
Hash da817ce6da4e6c545f651e91bc2e37d0
a250e41ee63b0464f37a2232cd324f0238f71b89
aea066b3101f1d0b3edfc9d5b41eb6d3c2d6fa578a51042205bfe0f58caa1dfa
GET /ls/click?upn=dxcsLPn-2BPJghqstrxQR9L31rMTpCRnGAwA7M2u5ENS4TgTQ4MFeButCREPEvGHwIfq7c3H8uV2GM0uXWb5vQHLqSaHrX9GXWYSbrrzeqNQ9R7OxOmVRES1RDviJhn-2FczLUKnLLynWw73yMq5kLl-2BE0NxR7x1q3KGNG6A1-2FrRTA0-3DiUJ5_tRSoNy6DHIKtyCaruBpIsPl4R-2Ffia-2FNLAp1hecF5WjiIerJ9pzD2GmCJaXbgVcPFVoLbCxfbiRMrCEdaaiv5erySitLEMGo3X68PUPXmgiLoCw6xCD-2BYkj0XUr-2BmKZPUmnLWUzBR1XghQeIXk-2B4bG7I-2Fvm0-2BVCHkKHXGW0sUZSeNvw-2Fxfn1zWoCIZy-2FCJl69vTKTfx7xdLkuu63Kv-2Fue98HauQmwDB2p4kyERLx57g7RMtKxNN6f2NpReNoyGH-2BU2uFlTuivZYEP8J8m81qKgHeocFbqmRyYsxAxpzoFWqSYVevfYNdjcxbteCX7hAVt5yem6heLQs-2BlMBfYaivm-2FlT9LRw86t6CV7yPISpLlYLrB1ca1EYQ7c9B7Lciei4zog-2FpGHB9w-2BCU2HRgTFnzvSeIDjBGGJ83ODnSKJAyzGM-3D HTTP/1.1
Host: fondlink.fond.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 24 Nov 2022 05:52:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 145
Connection: keep-alive
Location: https://fond.app.link/S7tXhL61bvb?utm_medium=email&utm_campaign=11%2F23%2F22+Black+Friday+Deals&utm_source=fond.co
X-Robots-Tag: noindex, nofollow
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4172
Expires: Thu, 24 Nov 2022 07:02:02 GMT
Date: Thu, 24 Nov 2022 05:52:30 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6530
Cache-Control: max-age=109656
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:52:30 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 12:20:06 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 05:17:14 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2116
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4929
Expires: Thu, 24 Nov 2022 07:14:39 GMT
Date: Thu, 24 Nov 2022 05:52:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: uK8wp0XF9QCvcMsE3O3JbYPWKBYj6yeHIXEXZ1vDcBAJRpzMgZiqk2sv4oOa2a+960HSeQyOusg=
x-amz-request-id: 9AE9KAWD2MC6R9VV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 05:43:17 GMT
age: 553
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 05:52:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 05:08:53 GMT
cache-control: public,max-age=3600
age: 2618
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
fond.app.link/S7tXhL61bvb?utm_medium=email&utm_campaign=11%2F23%2F22+Black+Friday+Deals&utm_source=fond.co
54.230.111.23307 Temporary Redirect 401 B URL HTTP/2 fond.app.link/S7tXhL61bvb?utm_medium=email&utm_campaign=11%2F23%2F22+Black+Friday+Deals&utm_source=fond.co
IP 54.230.111.23:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (401), with no line terminators
Hash b12abe2d6d2b5bebd00440fd7e54e5bf
42da496b84723831eb307970cf7edc5fd9455e8d
c989cd8b4f080823fed9ab8d83924d76c98cb584d76420d5a109d6539e3d6119
GET /S7tXhL61bvb?utm_medium=email&utm_campaign=11%2F23%2F22+Black+Friday+Deals&utm_source=fond.co HTTP/1.1
Host: fond.app.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _s=%2F31SILt7P19jZ7KS8kYPQ1uvv6lIK49jS2sQqA846IjvTr%2Fva2wjaW9hs%2FuemTYW
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
location: http://fond.co/perks/10988?utm_medium=email&utm_campaign=11%2F23%2F22%20Black%20Friday%20Deals&utm_source=fond.co&_branch_match_id=1062369509546216292&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9YPNi%2BJyPAxM0wqS7IvLcmNz01NySzNtU3NTczMUQMJJCfmFiRmpufZGhqqGrkZGYMII22nnMTkbG23osyUxEptl9TEnGKw4uL80qLkVFuwFcn5AHfxqyhyAAAA
server: openresty
date: Thu, 24 Nov 2022 05:52:30 GMT
set-cookie: _s=%2F31SILt7P19jZ7KS8kYPQ1uvv6lIK49jS2sQqA846IjvTr%2Fva2wjaW9hs%2FuemTYW; Max-Age=31536000; Domain=.app.link; Path=/; Expires=Fri, 24 Nov 2023 05:52:30 GMT; Secure
last-modified: Thu, 24 Nov 2022 05:52:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xAY9jf3hpTql0HE1zmOIU0NazwDJkLmuF8T4KwZGo8QZkSto_tl5SQ==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6397
Cache-Control: max-age=104459
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:52:31 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 10:53:30 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 84d0dc0cddfc1dbfdc07dac3caab559c
7ba2af972d8803f1eadfa668079e685571dc26f0
e1d4c6e19d2bbaa1ad28dcb04b0be2fe29a55f7fac17d04e2c4842967cd832e3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:52:31 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 17:22:12 GMT
Expires: Wed, 30 Nov 2022 17:22:11 GMT
Etag: "7ba2af972d8803f1eadfa668079e685571dc26f0"
Cache-Control: max-age=559179,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76efe105fc73b50b-OSL
push.services.mozilla.com/
54.187.102.159101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.102.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: knGhyjsEYkoCHVMXYdY+1w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ud1hKUxQjCfx2B+oCEht1JTdiLM=
fond.co/perks/10988?utm_medium=email&utm_campaign=11%2F23%2F22%20Black%20Friday%20Deals&utm_source=fond.co&_branch_match_id=1062369509546216292&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9YPNi%2BJyPAxM0wqS7IvLcmNz01NySzNtU3NTczMUQMJJCfmFiRmpufZGhqqGrkZGYMII22nnMTkbG23osyUxEptl9TEnGKw4uL80qLkVFuwFcn5AHfxqyhyAAAA
52.52.65.159200 OK 15 kB URL HTTP/1.1 fond.co/perks/10988?utm_medium=email&utm_campaign=11%2F23%2F22%20Black%20Friday%20Deals&utm_source=fond.co&_branch_match_id=1062369509546216292&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9YPNi%2BJyPAxM0wqS7IvLcmNz01NySzNtU3NTczMUQMJJCfmFiRmpufZGhqqGrkZGYMII22nnMTkbG23osyUxEptl9TEnGKw4uL80qLkVFuwFcn5AHfxqyhyAAAA
IP 52.52.65.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (24290)
Hash 5d91ea0ed1009d6cd37b116ee06babac
11618a27b93df295894ebb771bb0c2b16513cf5c
4c36c8a9ecb14222fc5ebbf51d974362360a88388564afa161fad6eff0502690
GET /perks/10988?utm_medium=email&utm_campaign=11%2F23%2F22%20Black%20Friday%20Deals&utm_source=fond.co&_branch_match_id=1062369509546216292&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9YPNi%2BJyPAxM0wqS7IvLcmNz01NySzNtU3NTczMUQMJJCfmFiRmpufZGhqqGrkZGYMII22nnMTkbG23osyUxEptl9TEnGKw4uL80qLkVFuwFcn5AHfxqyhyAAAA HTTP/1.1
Host: fond.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 24 Nov 2022 05:52:31 GMT
ETag: W/"7cfc9a3e108d6e883dce7b2d32c3b69e"
Link: <//d2ozb2dzx6fukc.cloudfront.net/assets/application-c2af7fc8ddd7b6836559458c149e875c2cc86dfbf148d7e66f16c692c5478eef.css>; rel=preload; as=style; nopush,<//d2ozb2dzx6fukc.cloudfront.net/assets/jquery.sidr.light-1aa3ba6d1caca8231b2149020173d828d95adc51fe7f34f04fdc7029dffcb406.css>; rel=preload; as=style; nopush,<//d2ozb2dzx6fukc.cloudfront.net/assets/application-b762e7f388427acef2be2f83170435f0ce28bd500365f62e95848a7a70f4c06c.js>; rel=preload; as=script; nopush,<//d2ozb2dzx6fukc.cloudfront.net/assets/jquery.sidr.min-da75d251d249389ca41a8b6e8611f89cc18ed7d79e28096a820ed462b1b9af69.js>; rel=preload; as=script; nopush
Server: nginx
Set-Cookie: _anpk_session=51243a6c6d474ac3befb91f5c6b5a2a0; domain=.fond.co; path=/; secure; HttpOnly; SameSite=Lax
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Request-Id: 47b18357-67ed-48af-81ed-6734f0a241e7
X-Runtime: 0.052759
X-UA-Compatible: IE=Edge,chrome=1
X-XSS-Protection: 1; mode=block
transfer-encoding: chunked
Connection: keep-alive
d2ozb2dzx6fukc.cloudfront.net/assets/application-b762e7f388427acef2be2f83170435f0ce28bd500365f62e95848a7a70f4c06c.js
54.230.245.47200 OK 202 kB URL HTTP/2 d2ozb2dzx6fukc.cloudfront.net/assets/application-b762e7f388427acef2be2f83170435f0ce28bd500365f62e95848a7a70f4c06c.js
IP 54.230.245.47:0
File type C source, ASCII text, with very long lines (32750)
Size 202 kB (201829 bytes)
Hash 9dab4f3802f816bf4ef6967c1ac49d71
a1becab723d413f81a9995755aef587f84fd4b43
b762e7f388427acef2be2f83170435f0ce28bd500365f62e95848a7a70f4c06c
GET /assets/application-b762e7f388427acef2be2f83170435f0ce28bd500365f62e95848a7a70f4c06c.js HTTP/1.1
Host: d2ozb2dzx6fukc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fond.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 201829
accept-ranges: bytes
last-modified: Thu, 11 Aug 2022 23:01:57 GMT
server: nginx
date: Thu, 24 Nov 2022 05:50:43 GMT
etag: "62f58a65-31465"
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: frGIxBkylfP0YIYffkY9xRffBePWhmypjOs4npoAmAnzIWDmBCEhrA==
age: 79784
X-Firefox-Spdy: h2
d2ozb2dzx6fukc.cloudfront.net/assets/jquery.sidr.light-1aa3ba6d1caca8231b2149020173d828d95adc51fe7f34f04fdc7029dffcb406.css
54.230.245.47200 OK 792 B URL HTTP/2 d2ozb2dzx6fukc.cloudfront.net/assets/jquery.sidr.light-1aa3ba6d1caca8231b2149020173d828d95adc51fe7f34f04fdc7029dffcb406.css
IP 54.230.245.47:0
File type ASCII text, with very long lines (2291)
Hash a958c4b428470cdf6985863bd751fc6f
e13c4dd1db2cf2b0e7704626e7ce972febd2f461
7cb0ee71dde190b9269b845d70ef46575553121043137f5392c891da710b9bef
GET /assets/jquery.sidr.light-1aa3ba6d1caca8231b2149020173d828d95adc51fe7f34f04fdc7029dffcb406.css HTTP/1.1
Host: d2ozb2dzx6fukc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fond.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 792
content-encoding: gzip
last-modified: Tue, 18 Jul 2017 00:48:20 GMT
server: nginx
date: Wed, 23 Nov 2022 11:14:41 GMT
etag: W/"596d5ad4-8f4"
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gXSBF445-F0fWVTZ5ly3_ZVU2k1ZNzBYMlBVtbSGxaIsKqYyV_UlVw==
age: 67071
X-Firefox-Spdy: h2
d2ozb2dzx6fukc.cloudfront.net/assets/jquery.sidr.min-da75d251d249389ca41a8b6e8611f89cc18ed7d79e28096a820ed462b1b9af69.js
54.230.245.47200 OK 3.6 kB URL HTTP/2 d2ozb2dzx6fukc.cloudfront.net/assets/jquery.sidr.min-da75d251d249389ca41a8b6e8611f89cc18ed7d79e28096a820ed462b1b9af69.js
IP 54.230.245.47:0
File type ASCII text, with very long lines (3520)
Hash 966337129ea0ba0935195597b0e5c5d6
56410a8b946ec5949d6357801766808e0ac2790e
da75d251d249389ca41a8b6e8611f89cc18ed7d79e28096a820ed462b1b9af69
GET /assets/jquery.sidr.min-da75d251d249389ca41a8b6e8611f89cc18ed7d79e28096a820ed462b1b9af69.js HTTP/1.1
Host: d2ozb2dzx6fukc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fond.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 3641
accept-ranges: bytes
last-modified: Tue, 18 Jul 2017 00:48:20 GMT
server: nginx
date: Thu, 24 Nov 2022 05:50:43 GMT
etag: "596d5ad4-e39"
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2f2Qs3aUPUGsHGC0yshpJpz0HITtbyz8gJmSaWPbaz-kDBqZq1nCYA==
age: 71396
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e82bac439b4e05b63bd8049769218cb8
fe8c2994c00b1d8c6212d9a7006ff58498375575
5b905305e33eb7e21beb21216242ed0af8a4288b3a36c6aa278755244e57c373
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3212
Cache-Control: max-age=159626
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:52:32 GMT
Etag: "637ec69e-1d7"
Expires: Sat, 26 Nov 2022 02:12:58 GMT
Last-Modified: Thu, 24 Nov 2022 01:19:26 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
cdn.optimizely.com/js/288518099.js
23.38.200.155200 OK 64 kB URL HTTP/2 cdn.optimizely.com/js/288518099.js
IP 23.38.200.155:0
File type ASCII text, with very long lines (723)
Hash d242752c29c1140a1230958dcdec79cd
ec180fa14f301144520d8cc8d9df1507e7ad21b7
827c6d5d3642e985be446f0f7cc9bbd9dd3ad0f374136a8296d0d2e613df1b16
GET /js/288518099.js HTTP/1.1
Host: cdn.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fond.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: oRvO6ZwXkurRRJd6PaNPP38aoGvhfkFlr+3QRPMT4Xv/xVFvgAbAKq2NNV/v9cyRnmWC4pAHfxo=
x-amz-request-id: KV4JVG604ZP6Z97X
last-modified: Wed, 31 May 2017 16:49:58 GMT
etag: "d242752c29c1140a1230958dcdec79cd"
x-amz-meta-revision: 419
content-encoding: gzip
x-amz-version-id: J..LoSndXXLEVdxpmcMRUtdT4KTDVcvv
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
server: AmazonS3
content-length: 63916
vary: Accept-Encoding
cache-control: max-age=120
date: Thu, 24 Nov 2022 05:52:32 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="11";dur=0,cdnip;desc="23.38.200.155";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
access-control-max-age: 86400
access-control-expose-headers: x-amz-meta-revision
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:52:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.stripe.com/v2/
151.101.84.176200 OK 20 kB IP 151.101.84.176:0
File type ASCII text, with very long lines (32015)
Hash 1525f13ee9f77d2b5dfcea88fa83b328
afbad498fb1ef9b17f990e02ace467a3bdb0a8c2
17312b5e480f3a7c401ed6b09912b1ae413a18595d46fb93b5f1aa40e3279664
GET /v2/ HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 03 Feb 2022 12:42:55 GMT
etag: "4e0e5080f8f45588fcc33b82ee08fa3c"
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 24 Nov 2022 05:52:32 GMT
via: 1.1 varnish
age: 108
x-request-id: 73957a7f-27c1-4da2-80e7-2ce48818191a
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 4
vary: Accept-Encoding
timing-allow-origin: *
content-length: 19860
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:52:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 55bc30743496fc60ba35a242c2d2f0a8
5119b5b017f39b3379556534f2ca4e3cedd4fa3b
0addb4cc5a85506efa7c0f820e1ebcb1383bf4d4cd53f895df54a402b196959c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:52:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.stripe.com/v3/
151.101.84.176200 OK 98 kB IP 151.101.84.176:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 33ce25622a9174df5e500c4eaaa59025
6320c6bbbf3bb0fdb24c2d89429801de0f3f0cf3
0d2a1bcc296db5f01716d984140fc99a1da76591562adc3580355654c7dfb255
GET /v3/ HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 04:09:16 GMT
etag: "0811280c436e51c657484d591864732e"
cache-control: max-age=60
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 24 Nov 2022 05:52:32 GMT
via: 1.1 varnish
age: 21
x-request-id: 2e4979ad-eac5-428d-b942-afa36a72ec71
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 2
vary: Accept-Encoding
timing-allow-origin: *
content-length: 97906
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-24269933-12
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-24269933-12
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 95533d0f692e92a4c0693a70452a0ee1
c1e58b9358af701e38b4d0353b7e40a60f1ef4f2
d2fea6f585bb83f4d3d929c98247abddae924ef80c0963934a50948f61a5e161
GET /gtag/js?id=UA-24269933-12 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 05:52:32 GMT
expires: Thu, 24 Nov 2022 05:52:32 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43617
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion.js
142.250.74.2200 OK 17 kB URL HTTP/2 www.googleadservices.com/pagead/conversion.js
IP 142.250.74.2:0
File type ASCII text, with very long lines (2772)
Hash ac7574cbc5b2e85b7ddfa76b8657e59d
2bbeec5531576d6352b1c2b74e0e05c1ea10251d
bdf1e52afba9d671ea698707f97e8609de6360c502dc7b6eed2f40f979e08387
GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 24 Nov 2022 05:52:32 GMT
expires: Thu, 24 Nov 2022 05:52:32 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16359567893097152046
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 16827
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NBWWFKS
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NBWWFKS
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 119d37da039542f0761d3a5eac397886
39008984c5bebdf17b39dbae6477ab9919dfc73a
6f2d4a35acf1a583168f135bf206b31c3aea767c71213714b2a92d24c0d8fd81
GET /gtm.js?id=GTM-NBWWFKS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fond.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 05:52:32 GMT
expires: Thu, 24 Nov 2022 05:52:32 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45270
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:52:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05681a05de8df6e408ae41032401b73f
f4824b4863e26866b10cd45a8cb422c339997035
97ab2238b53d233622081c75f7c60621eea9ae85c19c7ae958cfdbd685f39ebc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:52:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d2ozb2dzx6fukc.cloudfront.net/assets/fonts/GT-Walsheim-Pro-Regular-6c858dcf2b93cfceb38af27262f0ed75f4252823ebbd4e175572ee26410c3ed7.woff
54.230.245.47200 OK 118 kB URL HTTP/2 d2ozb2dzx6fukc.cloudfront.net/assets/fonts/GT-Walsheim-Pro-Regular-6c858dcf2b93cfceb38af27262f0ed75f4252823ebbd4e175572ee26410c3ed7.woff
IP 54.230.245.47:0
File type Web Open Font Format, TrueType, length 117680, version 1.0\012- data
Size 118 kB (117680 bytes)
Hash a3db5049b9e83b55d319b954063b65c3
d411d70b0d817d4a0fe0f3dad20ff9634105ce3a
6c858dcf2b93cfceb38af27262f0ed75f4252823ebbd4e175572ee26410c3ed7
GET /assets/fonts/GT-Walsheim-Pro-Regular-6c858dcf2b93cfceb38af27262f0ed75f4252823ebbd4e175572ee26410c3ed7.woff HTTP/1.1
Host: d2ozb2dzx6fukc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fond.co
Connection: keep-alive
Referer: https://d2ozb2dzx6fukc.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
content-length: 117680
accept-ranges: bytes
access-control-allow-origin: *
date: Wed, 23 Nov 2022 12:54:02 GMT
etag: "596d5ad4-1cbb0"
last-modified: Tue, 18 Jul 2017 00:48:20 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Do6QbR6cNPqhSoOCAtxS1twnv4QNUeerREWG8sZxqfd8wnxj5-3n1g==
age: 61110
X-Firefox-Spdy: h2
d2ozb2dzx6fukc.cloudfront.net/assets/fonts/AnyPerk-Regular-f5811349e1a65b0106a15a91912a2e347f42265428e43629950cbf09abebb6cd.woff
54.230.245.47200 OK 8.5 kB URL HTTP/2 d2ozb2dzx6fukc.cloudfront.net/assets/fonts/AnyPerk-Regular-f5811349e1a65b0106a15a91912a2e347f42265428e43629950cbf09abebb6cd.woff
IP 54.230.245.47:0
File type Web Open Font Format, TrueType, length 8548, version 1.0\012- data
Hash 41b384daff555fa87116ff7ee991e33b
7e83d83d4f2690201a49ae8d76508fb4e4aefec4
f5811349e1a65b0106a15a91912a2e347f42265428e43629950cbf09abebb6cd
GET /assets/fonts/AnyPerk-Regular-f5811349e1a65b0106a15a91912a2e347f42265428e43629950cbf09abebb6cd.woff HTTP/1.1
Host: d2ozb2dzx6fukc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fond.co
Connection: keep-alive
Referer: https://d2ozb2dzx6fukc.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
content-length: 8548
accept-ranges: bytes
access-control-allow-origin: *
date: Wed, 23 Nov 2022 12:54:02 GMT
etag: "633f5122-2164"
last-modified: Thu, 06 Oct 2022 22:05:22 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2Yv8HaGSXFBHXEnUJCwzXiM3ExeCY6v10MLbbvSUFq-ueFVTIrvscg==
age: 61110
X-Firefox-Spdy: h2
js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Ffond.co&stripe_xdm_c=default823035&stripe_xdm_p=1
151.101.84.176200 OK 449 B URL HTTP/2 js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Ffond.co&stripe_xdm_c=default823035&stripe_xdm_p=1
IP 151.101.84.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 250041ec585b44caf68fa5da96deddb7
6181d59d0ff064f6247ceeeea57115a7047dd0c3
cb194361f8db863c735879c44ae409a928ced752d34e3dd703c47d11bf17fcb1
GET /v2/channel.html?stripe_xdm_e=https%3A%2F%2Ffond.co&stripe_xdm_c=default823035&stripe_xdm_p=1 HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Oct 2021 15:24:12 GMT
etag: "19af0c6cc7a0bca20a355b3362dc64a0"
content-type: text/html; charset=utf-8
cache-control: public, max-age=300
content-security-policy: report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: default-src 'self'; connect-src https://api.stripe.com; base-uri 'none'; form-action 'none'; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-M1LJiJCn3XBCZ1erCVATqpCSJ5Yd9sUrS2npRlBZ6YE='; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 24 Nov 2022 05:52:32 GMT
via: 1.1 varnish
age: 48
x-request-id: de3772de-94d3-4405-8108-aef36374af7a
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
timing-allow-origin: *
content-length: 449
X-Firefox-Spdy: h2
js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
151.101.84.176200 OK 122 B URL HTTP/2 js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
IP 151.101.84.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 0fb49bf445ceac1dcb1b6c5d284a57a1
8988f3ceef20a494a419e595e8d802a0dc663c7a
5e0d98b9fefc9f5ccf02b5ac4f4e4de3fe727a1ac97a4cd778efd58062afd5e8
GET /v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
cache-control: max-age=31536000
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 24 Nov 2022 05:52:32 GMT
via: 1.1 varnish
age: 899227
x-request-id: 4235949c-942e-4328-aabc-c096a6842d5c
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 34498
vary: Accept-Encoding
timing-allow-origin: *
content-length: 122
X-Firefox-Spdy: h2
js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
151.101.84.176200 OK 332 B URL HTTP/2 js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
IP 151.101.84.176:0
File type ASCII text, with very long lines (526)
Hash ada7d17b721f065b91d249c998f2967e
1c686ed2c2218a3889b7d9a9b1acdf851b0bf563
12125f2ad96bb800b475309dcc276eeddffd6db095e29fe1f8514b3f8c7e544a
GET /v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
etag: "f8f6a4584135f737b26927596ce6e0a7"
cache-control: max-age=31536000
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 24 Nov 2022 05:52:32 GMT
via: 1.1 varnish
age: 899227
x-request-id: 0c9c9002-0cb1-4959-9178-fb639b23a7ae
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 29263
vary: Accept-Encoding
timing-allow-origin: *
content-length: 332
X-Firefox-Spdy: h2
d2ozb2dzx6fukc.cloudfront.net/assets/common/fond_logo-54008f58cea2fe647e6060ebd75fe7f89e12deb42954e26fc81a5e9b67c1d2c6.png
54.230.245.47200 OK 2.3 kB URL HTTP/2 d2ozb2dzx6fukc.cloudfront.net/assets/common/fond_logo-54008f58cea2fe647e6060ebd75fe7f89e12deb42954e26fc81a5e9b67c1d2c6.png
IP 54.230.245.47:0
File type PNG image data, 198 x 56, 8-bit colormap, non-interlaced\012- data
Hash 57da21f7984f1c0a95d223d9cc155f95
1eed55cae2cab5f8f690e19efa831de14aee130c
54008f58cea2fe647e6060ebd75fe7f89e12deb42954e26fc81a5e9b67c1d2c6
GET /assets/common/fond_logo-54008f58cea2fe647e6060ebd75fe7f89e12deb42954e26fc81a5e9b67c1d2c6.png HTTP/1.1
Host: d2ozb2dzx6fukc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2304
accept-ranges: bytes
last-modified: Tue, 16 Mar 2021 16:17:48 GMT
server: nginx
date: Thu, 24 Nov 2022 05:50:44 GMT
etag: "6050da2c-900"
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QVKSCiy0he3Xdh9km_JfRjYLHFogbnabQGsnqWlY2zTvC9iKzrDhag==
age: 52759
X-Firefox-Spdy: h2
d1ikbwk92wlcol.cloudfront.net/production1/home.js?20221122221529
54.230.245.197200 OK 1.1 MB URL HTTP/1.1 d1ikbwk92wlcol.cloudfront.net/production1/home.js?20221122221529
IP 54.230.245.197:0
File type Unicode text, UTF-8 text, with very long lines (54639)
Size 1.1 MB (1065653 bytes)
Hash 42654b562371c884a923ad01570fb242
57b3426b560cba8ccfb2fd721777ac90c7791b4a
17d4ce85d476c18348c50717ec6e38f04e263a2992fc242be7462959d03cb580
GET /production1/home.js?20221122221529 HTTP/1.1
Host: d1ikbwk92wlcol.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1065653
Connection: keep-alive
Date: Tue, 22 Nov 2022 22:23:30 GMT
Last-Modified: Tue, 22 Nov 2022 22:14:14 GMT
ETag: "42654b562371c884a923ad01570fb242"
Cache-Control: max-age=315360000, no-transform, public
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: i4s2k3F3E6f5gDTs3PmFu_-tieuczB2qgfnoyAL7P3FRNpacUfFDbA==
Age: 113343
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:52:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 04:41:08 GMT
expires: Thu, 24 Nov 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 4284
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2169
Expires: Thu, 24 Nov 2022 06:28:41 GMT
Date: Thu, 24 Nov 2022 05:52:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2169
Expires: Thu, 24 Nov 2022 06:28:41 GMT
Date: Thu, 24 Nov 2022 05:52:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2169
Expires: Thu, 24 Nov 2022 06:28:41 GMT
Date: Thu, 24 Nov 2022 05:52:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2169
Expires: Thu, 24 Nov 2022 06:28:41 GMT
Date: Thu, 24 Nov 2022 05:52:32 GMT
Connection: keep-alive
googleads.g.doubleclick.net/pagead/viewthroughconversion/981506770/?random=1669269152372&cv=9&fst=1669269152372&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffond.co%2Fperks%2F10988%3Futm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26utm_source%3Dfond.co%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9YPNi%252BJyPAxM0wqS7IvLcmNz01NySzNtU3NTczMUQMJJCfmFiRmpufZGhqqGrkZGYMII22nnMTkbG23osyUxEptl9TEnGKw4uL80qLkVFuwFcn5AHfxqyhyAAAA&tiba=Ikon%20Pass%20on%20Fond&hn=www.googleadservices.com&rfmt=3&fmt=4
142.250.74.34200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/981506770/?random=1669269152372&cv=9&fst=1669269152372&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffond.co%2Fperks%2F10988%3Futm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26utm_source%3Dfond.co%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9YPNi%252BJyPAxM0wqS7IvLcmNz01NySzNtU3NTczMUQMJJCfmFiRmpufZGhqqGrkZGYMII22nnMTkbG23osyUxEptl9TEnGKw4uL80qLkVFuwFcn5AHfxqyhyAAAA&tiba=Ikon%20Pass%20on%20Fond&hn=www.googleadservices.com&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (2773), with no line terminators
Hash 6e79671cb2af47ebc638d7814d154acc
8c16be75dd64ea6f4a7271962323e468692ab3a7
0350c2303169cca5273497e6b96e8fd3ab74590b3f660afbc4eb0f1c952ff037
GET /pagead/viewthroughconversion/981506770/?random=1669269152372&cv=9&fst=1669269152372&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffond.co%2Fperks%2F10988%3Futm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26utm_source%3Dfond.co%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9YPNi%252BJyPAxM0wqS7IvLcmNz01NySzNtU3NTczMUQMJJCfmFiRmpufZGhqqGrkZGYMII22nnMTkbG23osyUxEptl9TEnGKw4uL80qLkVFuwFcn5AHfxqyhyAAAA&tiba=Ikon%20Pass%20on%20Fond&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:52:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1164
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 06:07:32 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb94ecb5881a7e49d964e4287d11e7a4
4b131a189db1b615e2519a28cad83d78297ab67f
f3693e29eb7b72361093434142e3f18969c1a0b02350fab430fa29c7c127bd1a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11401
x-amzn-requestid: 3bc374eb-7d70-4b95-94a7-2ad06cae4726
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtHcmoAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-333793987245ff9e741b9aed;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: K4A6bdVv0gauO3YWTEPWMS6fhuB9CZ6o5dUL-O6G5-NzqOGQRzQLUw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:04 GMT
age: 29008
etag: "4b131a189db1b615e2519a28cad83d78297ab67f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:08:16 GMT
age: 27856
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ngJvyUydpRDSiYy9kfeh8JmydmR_K8mjfZtGLgT0qeE2JaABbDMSaQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:06:51 GMT
age: 27941
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1535634498&t=pageview&_s=1&dl=https%3A%2F%2Ffond.co%2Fperks%2F10988%3Futm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26utm_source%3Dfond.co%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9YPNi%252BJyPAxM0wqS7IvLcmNz01NySzNtU3NTczMUQMJJCfmFiRmpufZGhqqGrkZGYMII22nnMTkbG23osyUxEptl9TEnGKw4uL80qLkVFuwFcn5AHfxqyhyAAAA&ul=en-us&de=UTF-8&dt=Ikon%20Pass%20on%20Fond&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=YEBAAEABAAAAACAAI~&jid=1168985907&gjid=84988341&cid=66253097.1669269153&tid=UA-24269933-12&_gid=1084433669.1669269153&_r=1>m=2wgb90NBWWFKS&z=81341242
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1535634498&t=pageview&_s=1&dl=https%3A%2F%2Ffond.co%2Fperks%2F10988%3Futm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26utm_source%3Dfond.co%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9YPNi%252BJyPAxM0wqS7IvLcmNz01NySzNtU3NTczMUQMJJCfmFiRmpufZGhqqGrkZGYMII22nnMTkbG23osyUxEptl9TEnGKw4uL80qLkVFuwFcn5AHfxqyhyAAAA&ul=en-us&de=UTF-8&dt=Ikon%20Pass%20on%20Fond&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=YEBAAEABAAAAACAAI~&jid=1168985907&gjid=84988341&cid=66253097.1669269153&tid=UA-24269933-12&_gid=1084433669.1669269153&_r=1>m=2wgb90NBWWFKS&z=81341242
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=1535634498&t=pageview&_s=1&dl=https%3A%2F%2Ffond.co%2Fperks%2F10988%3Futm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26utm_source%3Dfond.co%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9YPNi%252BJyPAxM0wqS7IvLcmNz01NySzNtU3NTczMUQMJJCfmFiRmpufZGhqqGrkZGYMII22nnMTkbG23osyUxEptl9TEnGKw4uL80qLkVFuwFcn5AHfxqyhyAAAA&ul=en-us&de=UTF-8&dt=Ikon%20Pass%20on%20Fond&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=YEBAAEABAAAAACAAI~&jid=1168985907&gjid=84988341&cid=66253097.1669269153&tid=UA-24269933-12&_gid=1084433669.1669269153&_r=1>m=2wgb90NBWWFKS&z=81341242 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Content-Type: text/plain
Content-Length: 0
Origin: https://fond.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://fond.co
date: Thu, 24 Nov 2022 05:52:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a9a0208-d5ae-4e15-bd4d-c5c19edf354e.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a9a0208-d5ae-4e15-bd4d-c5c19edf354e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1404c6b865808ea73ca5b2062fefecc0
c66fd3a955cd81ab93474fb1aabc4c19d5775bcc
0a92ca52eff8baa4ba43bdb29008c59bcd37c55e78ac657de25819e980ea8e96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a9a0208-d5ae-4e15-bd4d-c5c19edf354e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5545
x-amzn-requestid: 215b9f9b-4941-4c13-a1d4-6fdc5b453fad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtEkIIAMF3gg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-27081b9e0dc1de6522299e4e;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SFO53-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xr183esurgfu-4jjQtCS5s_np_CtltrPx48zpq-NMwZbcGnAwTxtkg==
via: 1.1 68914922a694954838e87fc9b0aa10fe.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:51:07 GMT
age: 28885
etag: "c66fd3a955cd81ab93474fb1aabc4c19d5775bcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 29080
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7327507d-2df2-4ca9-b67f-331be1f7aba4.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7327507d-2df2-4ca9-b67f-331be1f7aba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ac60e832454b4658f4f7f09b2c120c4
4c20adfe72d6b01777f840445d57c891230e5b32
ec1f4393eebaf1c4229fbda2524bd150191ca4067fe368e6a35ad4d65b8df59c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7327507d-2df2-4ca9-b67f-331be1f7aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8776
x-amzn-requestid: 7c511f0c-198d-44d5-bc52-29f698fca910
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvynEFBoAMFdJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9343-686e25237fb06f5031ffa88e;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5lsQ6fLfCKcIKmn8Fzl1ZkjOSUh6YTn4lH1OWKUXhQeAW0HzSv51JQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:50:57 GMT
age: 28895
etag: "4c20adfe72d6b01777f840445d57c891230e5b32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:52:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 3affd355de4cb12a78e6bdb74c2df116
214fc8d7e049b788fbd1ff583c40045040b11267
a1975d7c6b6e766136878973cfacceedd4eca11babfd32721a3e21b3dab03073
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 05:52:32 GMT
Last-Modified: Thu, 24 Nov 2022 04:16:20 GMT
Server: ECS (dcb/7FA4)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IlCuSCZrGKCLR1LDgaJjQQzdx53Y0_afmPAcc0rfeM-uVCcsXIASzQ==
Age: 5772
go.toutapp.com/site/emmpd57j9c?title=Ikon%20Pass%20on%20Fond&url=https%3A%2F%2Ffond.co%2Fperks%2F10988%3Futm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26utm_source%3Dfond.co%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9YPNi%252BJyPAxM0wqS7IvLcmNz01NySzNtU3NTczMUQMJJCfmFiRmpufZGhqqGrkZGYMII22nnMTkbG23osyUxEptl9TEnGKw4uL80qLkVFuwFcn5AHfxqyhyAAAA
54.197.94.229200 OK 0 B URL HTTP/2 go.toutapp.com/site/emmpd57j9c?title=Ikon%20Pass%20on%20Fond&url=https%3A%2F%2Ffond.co%2Fperks%2F10988%3Futm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26utm_source%3Dfond.co%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9YPNi%252BJyPAxM0wqS7IvLcmNz01NySzNtU3NTczMUQMJJCfmFiRmpufZGhqqGrkZGYMII22nnMTkbG23osyUxEptl9TEnGKw4uL80qLkVFuwFcn5AHfxqyhyAAAA
IP 54.197.94.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/emmpd57j9c?title=Ikon%20Pass%20on%20Fond&url=https%3A%2F%2Ffond.co%2Fperks%2F10988%3Futm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26utm_source%3Dfond.co%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9YPNi%252BJyPAxM0wqS7IvLcmNz01NySzNtU3NTczMUQMJJCfmFiRmpufZGhqqGrkZGYMII22nnMTkbG23osyUxEptl9TEnGKw4uL80qLkVFuwFcn5AHfxqyhyAAAA HTTP/1.1
Host: go.toutapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 05:52:33 GMT
content-type: text/javascript;charset=utf-8
content-length: 0
status: 200 OK
cache-control: no-cache
x-rack-cache: miss
x-request-id: 0268f3f4feb78787d1fd849e0b67db0d
x-ua-compatible: IE=Edge,chrome=1
set-cookie: linker_guid=d935b908-7adf-4f63-bd16-bf4aa2f9a541; domain=.toutapp.com; path=/; expires=Wed, 24-Nov-2027 10:56:23 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:52:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f7801fe8b983652ae788bc952856c2ed
f3898da21792b146a9f856e87ed3520d76277fb8
faa1bc8a9887e2dc694ff645546ea16cb96ac4bd1b0c460aef95f2cced100d6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:52:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/981506770/?random=1669269152372&cv=9&fst=1669266000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Ffond.co%2Fperks%2F10988%3Futm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26utm_source%3Dfond.co%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9YPNi%252BJyPAxM0wqS7IvLcmNz01NySzNtU3NTczMUQMJJCfmFiRmpufZGhqqGrkZGYMII22nnMTkbG23osyUxEptl9TEnGKw4uL80qLkVFuwFcn5AHfxqyhyAAAA&tiba=Ikon%20Pass%20on%20Fond&fmt=3&is_vtc=1&random=2925192960&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/981506770/?random=1669269152372&cv=9&fst=1669266000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Ffond.co%2Fperks%2F10988%3Futm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26utm_source%3Dfond.co%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9YPNi%252BJyPAxM0wqS7IvLcmNz01NySzNtU3NTczMUQMJJCfmFiRmpufZGhqqGrkZGYMII22nnMTkbG23osyUxEptl9TEnGKw4uL80qLkVFuwFcn5AHfxqyhyAAAA&tiba=Ikon%20Pass%20on%20Fond&fmt=3&is_vtc=1&random=2925192960&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/981506770/?random=1669269152372&cv=9&fst=1669266000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Ffond.co%2Fperks%2F10988%3Futm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26utm_source%3Dfond.co%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9YPNi%252BJyPAxM0wqS7IvLcmNz01NySzNtU3NTczMUQMJJCfmFiRmpufZGhqqGrkZGYMII22nnMTkbG23osyUxEptl9TEnGKw4uL80qLkVFuwFcn5AHfxqyhyAAAA&tiba=Ikon%20Pass%20on%20Fond&fmt=3&is_vtc=1&random=2925192960&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:52:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/981506770/?random=1669269152372&cv=9&fst=1669266000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Ffond.co%2Fperks%2F10988%3Futm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26utm_source%3Dfond.co%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9YPNi%252BJyPAxM0wqS7IvLcmNz01NySzNtU3NTczMUQMJJCfmFiRmpufZGhqqGrkZGYMII22nnMTkbG23osyUxEptl9TEnGKw4uL80qLkVFuwFcn5AHfxqyhyAAAA&tiba=Ikon%20Pass%20on%20Fond&fmt=3&is_vtc=1&random=2925192960&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/981506770/?random=1669269152372&cv=9&fst=1669266000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Ffond.co%2Fperks%2F10988%3Futm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26utm_source%3Dfond.co%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9YPNi%252BJyPAxM0wqS7IvLcmNz01NySzNtU3NTczMUQMJJCfmFiRmpufZGhqqGrkZGYMII22nnMTkbG23osyUxEptl9TEnGKw4uL80qLkVFuwFcn5AHfxqyhyAAAA&tiba=Ikon%20Pass%20on%20Fond&fmt=3&is_vtc=1&random=2925192960&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/981506770/?random=1669269152372&cv=9&fst=1669266000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Ffond.co%2Fperks%2F10988%3Futm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26utm_source%3Dfond.co%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9YPNi%252BJyPAxM0wqS7IvLcmNz01NySzNtU3NTczMUQMJJCfmFiRmpufZGhqqGrkZGYMII22nnMTkbG23osyUxEptl9TEnGKw4uL80qLkVFuwFcn5AHfxqyhyAAAA&tiba=Ikon%20Pass%20on%20Fond&fmt=3&is_vtc=1&random=2925192960&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:52:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:52:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:52:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 426133ba6dfc4d15e0cb4c7b2dabd3fe
17cddc28ede33c87d7dcb9700f39b70c19c644dd
4fcae487b293113493e2fc379ccc680a9189a7dc34165f25ed26f9e05d3a4c20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4872
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:52:33 GMT
Last-Modified: Thu, 24 Nov 2022 04:31:21 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 640ac735900c76fea0d1601d03c169b2
85eda21f03a65f4b7ea6a9e41bd18e048f3d0cd3
0b6d19b0b5825dd47a7ae7c89fd61e8f3a10adb52913b2642874baa35500df63
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:52:33 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 21:46:56 GMT
Expires: Tue, 29 Nov 2022 21:46:55 GMT
Etag: "85eda21f03a65f4b7ea6a9e41bd18e048f3d0cd3"
Cache-Control: max-age=488661,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76efe110ff16b50b-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 640ac735900c76fea0d1601d03c169b2
85eda21f03a65f4b7ea6a9e41bd18e048f3d0cd3
0b6d19b0b5825dd47a7ae7c89fd61e8f3a10adb52913b2642874baa35500df63
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:52:33 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 21:46:56 GMT
Expires: Tue, 29 Nov 2022 21:46:55 GMT
Etag: "85eda21f03a65f4b7ea6a9e41bd18e048f3d0cd3"
Cache-Control: max-age=488661,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76efe110ff2ab512-OSL
sessions.bugsnag.com/
35.190.88.7200 OK 0 B IP 35.190.88.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS / HTTP/1.1
Host: sessions.bugsnag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Referer: https://fond.co/
Origin: https://fond.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Thu, 24 Nov 2022 05:52:33 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-1216.min.js
151.101.86.137200 OK 14 kB URL HTTP/2 js-agent.newrelic.com/nr-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32022)
Hash b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 24 Nov 2022 05:52:33 GMT
via: 1.1 varnish
x-served-by: cache-bma1624-BMA
x-cache: HIT
x-cache-hits: 737
x-timer: S1669269154.706175,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
m.stripe.com/6
52.43.63.177200 OK 156 B IP 52.43.63.177:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8e50796c316f32791d6c3e1cc44bf8ae
86102e17d1c331aa7eb3f9a9749af1b5c32d1ff4
6e57e4f458b4eeba9249472587860f2580f1bb81c789c87d83b845a61a3178c6
POST /6 HTTP/1.1
Host: m.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2228
Origin: https://m.stripe.network
Connection: keep-alive
Referer: https://m.stripe.network/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 05:52:33 GMT
content-length: 156
set-cookie: m=52b765a2-9696-4743-8588-5ed9b3ed1d38ac860e;Expires=Sat, 23-Nov-2024 05:52:33 GMT;Secure;HttpOnly; SameSite=None
x-content-type-options: nosniff
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
X-Firefox-Spdy: h2
sessions.bugsnag.com/
35.190.88.7202 Accepted 21 B IP 35.190.88.7:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1807ffa1d44e667592a0f91c668ba65b
4d48849fa0f6917c9c57ed958680e9a1e722382b
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
POST / HTTP/1.1
Host: sessions.bugsnag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Content-Type: application/json
Bugsnag-Api-Key: 45f87da0e729716791f4c429aa8a9954
Bugsnag-Payload-Version: 1
Bugsnag-Sent-At: 2022-11-24T05:52:33.185Z
Content-Length: 396
Origin: https://fond.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
access-control-allow-origin: *
content-type: application/json
date: Thu, 24 Nov 2022 05:52:33 GMT
content-length: 21
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 640ac735900c76fea0d1601d03c169b2
85eda21f03a65f4b7ea6a9e41bd18e048f3d0cd3
0b6d19b0b5825dd47a7ae7c89fd61e8f3a10adb52913b2642874baa35500df63
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:52:33 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 21:46:56 GMT
Expires: Tue, 29 Nov 2022 21:46:55 GMT
Etag: "85eda21f03a65f4b7ea6a9e41bd18e048f3d0cd3"
Cache-Control: max-age=488661,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76efe112685fb50b-OSL
bam.nr-data.net/1/f835ddceab?a=2895449&v=1216.487a282&to=JV5dEBRYWlpQExgTUhRaQEsVX1lB&rst=3370&ck=1&ref=https://fond.co/perks/10988&ap=51&be=1856&fe=3210&dc=2281&af=err,xhr&perf=%7B%22timing%22:%7B%22of%22:1669269150150,%22n%22:0,%22f%22:973,%22dn%22:978,%22dne%22:979,%22c%22:980,%22s%22:1137,%22ce%22:1461,%22rq%22:1461,%22rp%22:1674,%22rpe%22:1832,%22dl%22:1842,%22di%22:2225,%22ds%22:2280,%22de%22:2305,%22dc%22:3209,%22l%22:3209,%22le%22:3210%7D,%22navigation%22:%7B%7D%7D&fcp=2215&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/f835ddceab?a=2895449&v=1216.487a282&to=JV5dEBRYWlpQExgTUhRaQEsVX1lB&rst=3370&ck=1&ref=https://fond.co/perks/10988&ap=51&be=1856&fe=3210&dc=2281&af=err,xhr&perf=%7B%22timing%22:%7B%22of%22:1669269150150,%22n%22:0,%22f%22:973,%22dn%22:978,%22dne%22:979,%22c%22:980,%22s%22:1137,%22ce%22:1461,%22rq%22:1461,%22rp%22:1674,%22rpe%22:1832,%22dl%22:1842,%22di%22:2225,%22ds%22:2280,%22de%22:2305,%22dc%22:3209,%22l%22:3209,%22le%22:3210%7D,%22navigation%22:%7B%7D%7D&fcp=2215&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/f835ddceab?a=2895449&v=1216.487a282&to=JV5dEBRYWlpQExgTUhRaQEsVX1lB&rst=3370&ck=1&ref=https://fond.co/perks/10988&ap=51&be=1856&fe=3210&dc=2281&af=err,xhr&perf=%7B%22timing%22:%7B%22of%22:1669269150150,%22n%22:0,%22f%22:973,%22dn%22:978,%22dne%22:979,%22c%22:980,%22s%22:1137,%22ce%22:1461,%22rq%22:1461,%22rp%22:1674,%22rpe%22:1832,%22dl%22:1842,%22di%22:2225,%22ds%22:2280,%22de%22:2305,%22dc%22:3209,%22l%22:3209,%22le%22:3210%7D,%22navigation%22:%7B%7D%7D&fcp=2215&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:52:34 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 76efe1135e8ffac8-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=5fabaca7d7b32874; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
d2ozb2dzx6fukc.cloudfront.net/assets/application-c2af7fc8ddd7b6836559458c149e875c2cc86dfbf148d7e66f16c692c5478eef.css
54.230.245.47200 OK 0 B URL HTTP/2 d2ozb2dzx6fukc.cloudfront.net/assets/application-c2af7fc8ddd7b6836559458c149e875c2cc86dfbf148d7e66f16c692c5478eef.css
IP 54.230.245.47:0
GET /assets/application-c2af7fc8ddd7b6836559458c149e875c2cc86dfbf148d7e66f16c692c5478eef.css HTTP/1.1
Host: d2ozb2dzx6fukc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fond.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Thu, 06 Oct 2022 22:05:22 GMT
server: nginx
date: Wed, 23 Nov 2022 10:45:46 GMT
etag: W/"633f5122-1b166"
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: o4P2xsjKnKZJBGBscZ0c_Pyt-F1KoSu6yOlvVaIA4Xp8ozRXqCxV7Q==
age: 68806
X-Firefox-Spdy: h2
m.stripe.network/out-4.5.42.js
54.230.111.85200 OK 0 B URL HTTP/2 m.stripe.network/out-4.5.42.js
IP 54.230.111.85:0
GET /out-4.5.42.js HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.stripe.network/inner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Thu, 24 Nov 2022 05:48:03 GMT
cache-control: max-age=300, public
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mDmRC7iHq6j9bVDjamAGPAA9xo0wx6ErpnESO-boWEbMSjubMMTa1A==
age: 297
X-Firefox-Spdy: h2
d17yvb56124x4l.cloudfront.net/perks/images/10988/original.jpg?1601506959
143.204.42.119200 OK 0 B URL HTTP/2 d17yvb56124x4l.cloudfront.net/perks/images/10988/original.jpg?1601506959
IP 143.204.42.119:0
GET /perks/images/10988/original.jpg?1601506959 HTTP/1.1
Host: d17yvb56124x4l.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 191105
last-modified: Wed, 30 Sep 2020 23:02:41 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 15:34:15 GMT
etag: "66596c480ea00777d73ae16cea50a450"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mqG-nGZ-2G5EajcOnF5cQkIM5qmnkP_BLnbtq7JtTG7baKZXXf5feg==
age: 51498
X-Firefox-Spdy: h2