engage.freshmarketadvantage.com/aff_c?offer_id=337&aff_id=11&aff_sub=FD1TCS59&aff_sub2=russell.simmons@slurpmail.net&aff_sub3=123&aff_sub4=2022-10-26%2020:00:37&aff_sub5=[POSTURL]&email=russell.simmons@memphistn.gov
54.78.61.231302 Found 439 B URL HTTP/1.1 engage.freshmarketadvantage.com/aff_c?offer_id=337&aff_id=11&aff_sub=FD1TCS59&aff_sub2=russell.simmons@slurpmail.net&aff_sub3=123&aff_sub4=2022-10-26%2020:00:37&aff_sub5=[POSTURL]&email=russell.simmons@memphistn.gov
IP 54.78.61.231:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (305)
Hash 425a2ce625e1f1bc7606751d28555764
8b0f1d11df15f1d3417252e9975ecfda15bcf8de
daefd4e143724ceedb60bb9f6483db64bd304c9e50d46a3d7f221971d562d565
GET /aff_c?offer_id=337&aff_id=11&aff_sub=FD1TCS59&aff_sub2=russell.simmons@slurpmail.net&aff_sub3=123&aff_sub4=2022-10-26%2020:00:37&aff_sub5=[POSTURL]&email=russell.simmons@memphistn.gov HTTP/1.1
Host: engage.freshmarketadvantage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 29 Nov 2022 23:59:51 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 439
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://offer.speedy5kloan.com?aid=503475&acid=26&subid=11:FD1TCS59&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname={fname}&lname={lname}&xi_resid={resid}&xi_oclkid={kid}
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_337=ENC036105525ffebdc8115af42ae5b0a41c340e584de38bfb9e04e53a52d91028aa1c168fb22061625e18517b4c89fa9864005243291d180b413cdfb9a224b08e53ddacddd1903f8139588c75985c8132b999800204977b918a24be36f1dc3e18c1e4a10f6f71ebe2478a7ca48d60e19f13437aee91ffb2befab66c4b41bb1da3f9e88f988c086c7f4cf2f1a583615664c2144f82243813c8c1685858b1c96177e315e08853b70dce3b297281ac82d333a09e86849cd9c9bbab57dd4dcfdfef7ede151525648e; expires=Thu, 29 Dec 2022 23:59:51 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Fri, 24 Oct 2025 10:39:51 GMT; path=/; SameSite=None; Secure
Tracking_id: 10240d519785945e2ebc26262bfb75
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: d706f228c90dd91243d2f40a3e4b1a7d
Access-Control-Allow-Headers: Tune-SDK-Version
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5988
Expires: Wed, 30 Nov 2022 01:39:39 GMT
Date: Tue, 29 Nov 2022 23:59:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 55 B IP 93.184.220.29:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4196
Cache-Control: public, max-age=1209600
Content-Type: text/html
Date: Tue, 29 Nov 2022 23:59:51 GMT
Etag: "63866b87-37"
Last-Modified: Tue, 29 Nov 2022 20:28:55 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 55
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3196
Expires: Wed, 30 Nov 2022 00:53:07 GMT
Date: Tue, 29 Nov 2022 23:59:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 23:17:56 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2515
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ClKehbY2aKbVPqbC84M2T+VUWbz8RgOOsvKmpiAvA9CPXpKeKXlwqksOIHJopJSBynG3QYqQ6lE=
x-amz-request-id: KH5XGEEHBPVCSEYV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 23:45:00 GMT
age: 891
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 23:59:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 23:08:56 GMT
cache-control: public,max-age=3600
age: 3056
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 55 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 55
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=1209600
Date: Tue, 29 Nov 2022 23:59:52 GMT
Etag: "638650c5-37"
Last-Modified: Tue, 29 Nov 2022 18:34:45 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -AD2wb_Wx4lBFDmSA7aA87s9qE5EqJBMFPr5qcrt3X5rhgSejpW5bg==
ocsp.digicert.com/
93.184.220.29200 OK 55 B IP 93.184.220.29:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6047
Cache-Control: public, max-age=1209600
Content-Type: text/html
Date: Tue, 29 Nov 2022 23:59:52 GMT
Etag: "63866bb2-37"
Last-Modified: Tue, 29 Nov 2022 20:29:38 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 55
offer.speedy5kloan.com/?aid=503475&acid=26&subid=11:FD1TCS59&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname={fname}&lname={lname}&xi_resid={resid}&xi_oclkid={kid}
35.80.122.153200 OK 410 B URL HTTP/2 offer.speedy5kloan.com/?aid=503475&acid=26&subid=11:FD1TCS59&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname={fname}&lname={lname}&xi_resid={resid}&xi_oclkid={kid}
IP 35.80.122.153:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (679), with CRLF line terminators
Hash ac596f5c63a6f03d7621264a9bc11dca
030c25bf8d7df8f7a1595626364d4c074181794b
d0422fa65961906e842861b626330bee20f403f08f62ee0a2382e059efb1fe2d
GET /?aid=503475&acid=26&subid=11:FD1TCS59&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname={fname}&lname={lname}&xi_resid={resid}&xi_oclkid={kid} HTTP/1.1
Host: offer.speedy5kloan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:52 GMT
content-type: text/html; charset=UTF-8
content-length: 410
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.25
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token, accept-encoding, accept-language, host, referer, user-agent
x-powered-by: PHP/7.4.25
refresh: 1; url=https://www.speedy5kloan.com/?rtrcid=503475~e4481a22~1610211&rtrtid=11:FD1TCS59&rtrsid=1&xi_rtrtsrc=1&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=3708&x_psac=3708&xi_cfg={"srtr":1,"ertr":1,"psrtr":1,"bcktr":1,"pv":[11,13]}&xi_tft={"rtrcid":"503475~e4481a22~1610211","xi_tier":"1"}&odata={"aid":"503475","acid":"26","subid":"11:FD1TCS59","x_offerid":"337","x_clickid":"10240d519785945e2ebc26262bfb75","email":"russell.simmons@memphistn.gov","fname":"{fname}","lname":"{lname}","xi_resid":"{resid}","xi_oclkid":"{kid}","x_psac":"3708"}
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.236.232.139101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.236.232.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ca1FlPP1ReOsd0RKFaVr+w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: l3ccDcsoE8fZo44hT2e6aYqHw9Y=
offer.speedy5kloan.com/favicon.ico
35.80.122.153404 Not Found 196 B URL HTTP/2 offer.speedy5kloan.com/favicon.ico
IP 35.80.122.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /favicon.ico HTTP/1.1
Host: offer.speedy5kloan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://offer.speedy5kloan.com/?aid=503475&acid=26&subid=11:FD1TCS59&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname={fname}&lname={lname}&xi_resid={resid}&xi_oclkid={kid}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Tue, 29 Nov 2022 23:59:52 GMT
content-type: text/html; charset=iso-8859-1
content-length: 196
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.25
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token, accept-encoding, accept-language, host, referer, user-agent
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 95adbf3991d9e7391a5fb203bc6567f7
8f31889ab1eac955730ed3b3e676c3be540adfc4
e55ec8b32b10f67d3de6ff636498178e941b53acd43ef5654f811f3f25d7c176
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4650
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:59:53 GMT
Last-Modified: Tue, 29 Nov 2022 22:42:23 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 280
www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/lib/css/google_fonts.css?version=1669710080
44.228.143.47200 OK 1.2 kB URL HTTP/2 www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/lib/css/google_fonts.css?version=1669710080
IP 44.228.143.47:0
Hash 8108c6011ba65ac5f0610b05074e9950
5f39fe89039d79a2926d9256081cd91497203964
b0c689c20a67111ad0b928d9be91f0aa8e2847e4719b00e9c1b18dd484859436
Analyzer Verdict Alert fortinet Phishing
GET /common/assets/js/funnel/pvexl42step/final/lib/css/google_fonts.css?version=1669710080 HTTP/1.1
Host: www.speedy5kloan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/?rtrcid=503475~e4481a22~1610211&rtrtid=11:FD1TCS59&rtrsid=1&xi_rtrtsrc=1&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=3708&x_psac=3708&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e4481a22~1610211%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2226%22,%22subid%22:%2211:FD1TCS59%22,%22x_offerid%22:%22337%22,%22x_clickid%22:%2210240d519785945e2ebc26262bfb75%22,%22email%22:%22russell.simmons@memphistn.gov%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%223708%22}
Cookie: SCSSESSIONID=8bgm7fhn8k4qg6dgnudjivesfr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:53 GMT
content-type: text/css
content-length: 1167
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Tue, 29 Nov 2022 08:21:20 GMT
etag: "161a-5ee97ac3f1ffc-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_validate_119.js?version=1669710080
44.228.143.47200 OK 9.7 kB URL HTTP/2 www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_validate_119.js?version=1669710080
IP 44.228.143.47:0
File type Unicode text, UTF-8 text, with very long lines (24292)
Hash 2d29a91f4da2add72ef6d7a71d2a29a6
67a3dfcd09c184128f76d7b3a33507f0ae3d86ee
9fe41ee1c8bbe47173dd9fd6cd6951029df7fb6f90c89513570b1ed95305d3ab
GET /common/assets/js/funnel/pvexl42step/final/lib/js/jquery_validate_119.js?version=1669710080 HTTP/1.1
Host: www.speedy5kloan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/?rtrcid=503475~e4481a22~1610211&rtrtid=11:FD1TCS59&rtrsid=1&xi_rtrtsrc=1&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=3708&x_psac=3708&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e4481a22~1610211%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2226%22,%22subid%22:%2211:FD1TCS59%22,%22x_offerid%22:%22337%22,%22x_clickid%22:%2210240d519785945e2ebc26262bfb75%22,%22email%22:%22russell.simmons@memphistn.gov%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%223708%22}
Cookie: SCSSESSIONID=8bgm7fhn8k4qg6dgnudjivesfr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:53 GMT
content-type: application/javascript
content-length: 9726
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Tue, 29 Nov 2022 08:21:20 GMT
etag: "5f6e-5ee97ac3f6e1d-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_validation_methods_119.js?version=1669710080
44.228.143.47200 OK 7.8 kB URL HTTP/2 www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_validation_methods_119.js?version=1669710080
IP 44.228.143.47:0
File type Unicode text, UTF-8 text, with very long lines (22514)
Hash 6834ecad7088cefc2a704c93a45f06e7
e41df4f655ec226532df22891793f50f9dbebd6d
f07e88fdfdfda9917a7f371a6ef10032bacd13e328e6e71ebca7398c9b28ec86
Analyzer Verdict Alert fortinet Phishing
GET /common/assets/js/funnel/pvexl42step/final/lib/js/jquery_validation_methods_119.js?version=1669710080 HTTP/1.1
Host: www.speedy5kloan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/?rtrcid=503475~e4481a22~1610211&rtrtid=11:FD1TCS59&rtrsid=1&xi_rtrtsrc=1&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=3708&x_psac=3708&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e4481a22~1610211%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2226%22,%22subid%22:%2211:FD1TCS59%22,%22x_offerid%22:%22337%22,%22x_clickid%22:%2210240d519785945e2ebc26262bfb75%22,%22email%22:%22russell.simmons@memphistn.gov%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%223708%22}
Cookie: SCSSESSIONID=8bgm7fhn8k4qg6dgnudjivesfr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:53 GMT
content-type: application/javascript
content-length: 7805
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Tue, 29 Nov 2022 08:21:20 GMT
etag: "5883-5ee97ac3f6e1d-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.speedy5kloan.com/common/template/funnel/pvexl42step/L4/DynamicRLA-wCS/style.css?version=1669710081
44.228.143.47200 OK 6.6 kB URL HTTP/2 www.speedy5kloan.com/common/template/funnel/pvexl42step/L4/DynamicRLA-wCS/style.css?version=1669710081
IP 44.228.143.47:0
Hash 848a84c24b0ab976b9d36a4ea9428bb8
bcb930bd62ed9b65bdc0aea3d690f9b2c3972960
c4516c421c694c714d7f2b5b4d01ef12629ec400f34c431dd9c1e4833fe7467f
GET /common/template/funnel/pvexl42step/L4/DynamicRLA-wCS/style.css?version=1669710081 HTTP/1.1
Host: www.speedy5kloan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/?rtrcid=503475~e4481a22~1610211&rtrtid=11:FD1TCS59&rtrsid=1&xi_rtrtsrc=1&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=3708&x_psac=3708&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e4481a22~1610211%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2226%22,%22subid%22:%2211:FD1TCS59%22,%22x_offerid%22:%22337%22,%22x_clickid%22:%2210240d519785945e2ebc26262bfb75%22,%22email%22:%22russell.simmons@memphistn.gov%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%223708%22}
Cookie: SCSSESSIONID=8bgm7fhn8k4qg6dgnudjivesfr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:53 GMT
content-type: text/css
content-length: 6612
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Tue, 29 Nov 2022 08:21:21 GMT
etag: "6307-5ee97ac471eea-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 55 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 55
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=1209600
Date: Tue, 29 Nov 2022 23:59:53 GMT
Etag: "63866b88-37"
Last-Modified: Tue, 29 Nov 2022 20:28:56 GMT
Server: ECS (dcb/7EEF)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4jMgQ4mlbKHh3yXOur9oT8ZfDc8pO-5NcjU_9ZmyP-uDbUt1fQt9Ew==
Age: 2447
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 78118c158200e73ba73414b36129796a
37d3a6af0cbf2e1aef6a52f34456d4fa493fd843
d42b989fef1b99f8dde83dcdced332223ecfd470d4f3e0a89683a4415eacbcd5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 23:59:53 GMT
Etag: "6384a03a-1d7"
Last-Modified: Tue, 29 Nov 2022 23:11:23 GMT
Server: ECS (dcb/7F82)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bG9miUUz9jug_-mzau1PcAENRH1jWInRtwrjPiA5k3a7ysAc_2SjuA==
Age: 2910
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 78118c158200e73ba73414b36129796a
37d3a6af0cbf2e1aef6a52f34456d4fa493fd843
d42b989fef1b99f8dde83dcdced332223ecfd470d4f3e0a89683a4415eacbcd5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=131872
Date: Tue, 29 Nov 2022 23:59:53 GMT
Etag: "6385f1bb-1d7"
Expires: Thu, 01 Dec 2022 12:37:45 GMT
Last-Modified: Tue, 29 Nov 2022 11:49:15 GMT
Server: ECS (dcb/7F81)
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DJkqpGMbpbE75-hL3NsSvurDfbRH9W3W8wj0JYjHLhJ3bX2qdLFTsA==
Age: 2910
img.emlasts.com/epcvip/ac-icons/chevron-right.png
143.204.55.73200 OK 280 B URL HTTP/2 img.emlasts.com/epcvip/ac-icons/chevron-right.png
IP 143.204.55.73:0
File type PNG image data, 13 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 8608fe7805f9b2cc600d488487ae4b8f
77905d057928f48036bbd182f0b3306b76d7486c
bd0f9937b7933017c088172977ba87a577e80f1786c30ee92cc4030690b1fd69
GET /epcvip/ac-icons/chevron-right.png HTTP/1.1
Host: img.emlasts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 280
last-modified: Thu, 11 Mar 2021 23:32:01 GMT
x-amz-version-id: eGPQONq.wABFUcImR8OR.6golFu.9eyT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 01:04:03 GMT
etag: "8608fe7805f9b2cc600d488487ae4b8f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: --qHU9ZdDZ4Dc7m_-AWVsFI-0llbgWgVCmwqNQALaMCDnAobUj2Utg==
age: 82550
cache-control: max-age=31536000
X-Firefox-Spdy: h2
offer.speedy5kloan.com/pxl.php?rxid=503475~e4481a22~1610211&tdat=11:FD1TCS59&evt=J1
35.80.122.153200 OK 43 B URL HTTP/2 offer.speedy5kloan.com/pxl.php?rxid=503475~e4481a22~1610211&tdat=11:FD1TCS59&evt=J1
IP 35.80.122.153:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /pxl.php?rxid=503475~e4481a22~1610211&tdat=11:FD1TCS59&evt=J1 HTTP/1.1
Host: offer.speedy5kloan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:53 GMT
content-type: image/gif
content-length: 43
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.25
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token, accept-encoding, accept-language, host, referer, user-agent
x-powered-by: PHP/7.4.25
vary: User-Agent
X-Firefox-Spdy: h2
img.emlasts.com/epcvip/ac-icons/worker-07.jpg
143.204.55.73200 OK 27 kB URL HTTP/2 img.emlasts.com/epcvip/ac-icons/worker-07.jpg
IP 143.204.55.73:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x400, components 3\012- data
Hash c43fbbb54845c8a46eaaa9a547653b39
d4a6699278f98dc83a445e511950fbe665d169a8
1f1f396e24884a8c24ba29fb60b167cd51c64b22cab0922c4b43e629fdf29b9f
GET /epcvip/ac-icons/worker-07.jpg HTTP/1.1
Host: img.emlasts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 26786
date: Tue, 29 Nov 2022 00:43:35 GMT
last-modified: Thu, 01 Apr 2021 22:04:51 GMT
etag: "c43fbbb54845c8a46eaaa9a547653b39"
x-amz-version-id: 7w7isLoDcH69.UW.mZA695oQSQH5X2uL
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: c2BvF08qXsqk4EXuQLGNcNf_imGGdp1mlBIWtCZIkfIklZLTlEl_qg==
age: 83779
cache-control: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8213
Expires: Wed, 30 Nov 2022 02:16:46 GMT
Date: Tue, 29 Nov 2022 23:59:53 GMT
Connection: keep-alive
img.emlasts.com/epcvip/ac-icons-grey/icon-ownhome.png
143.204.55.73200 OK 6.4 kB URL HTTP/2 img.emlasts.com/epcvip/ac-icons-grey/icon-ownhome.png
IP 143.204.55.73:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 586dacd0c109fa905b7edb0ef4abdefe
3b419acc60e26aacf2a8dd1fc08460bb25f636a2
fd5bf883ed0f5bf746fd4abd0a6a43b9b19380682308aab6cae85f189ddd25a9
GET /epcvip/ac-icons-grey/icon-ownhome.png HTTP/1.1
Host: img.emlasts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 6367
last-modified: Sat, 23 Nov 2019 00:18:30 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 05:45:10 GMT
etag: "586dacd0c109fa905b7edb0ef4abdefe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: METURstBQKnGmyYkmBIVrzSF2BDuzr9E8rcU6ZobZ_8xAO0IQtUU0A==
age: 65684
cache-control: max-age=31536000
X-Firefox-Spdy: h2
img.emlasts.com/epcvip/ac-icons/secure-ssl3.png
143.204.55.73200 OK 7.3 kB URL HTTP/2 img.emlasts.com/epcvip/ac-icons/secure-ssl3.png
IP 143.204.55.73:0
File type PNG image data, 200 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 831f890e664ce35d7f0554e2126078aa
6ed787560e553674d14d58e279c3e299414009f8
855b0a95aeeb8aa9486858e43e750dd74ca266ffd79078426ccd1b60f5e270f2
GET /epcvip/ac-icons/secure-ssl3.png HTTP/1.1
Host: img.emlasts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 7289
last-modified: Thu, 29 Oct 2020 17:38:08 GMT
x-amz-version-id: wR0zkLiUqp1C6RY7mam1Yg4lA3JtwZ0j
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 06:43:18 GMT
etag: "831f890e664ce35d7f0554e2126078aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: If4X88ZGqOouEE64qYzHm55C_g_baC6W6V1hviOgZTg536PysdEImQ==
age: 62196
cache-control: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8213
Expires: Wed, 30 Nov 2022 02:16:46 GMT
Date: Tue, 29 Nov 2022 23:59:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8213
Expires: Wed, 30 Nov 2022 02:16:46 GMT
Date: Tue, 29 Nov 2022 23:59:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33ee67e62c49fc8d51f18df313002aac
3d8c927b6945d880f92d4e7a686cad5a9985e8ad
ba6e66e07cd93219926927fd2b468a92b8d02cc9bf1da0b3b9a3c48da160bbdc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9670
x-amzn-requestid: d9a529ac-9dc6-4e12-80c5-3250dc97e7bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcFiAoAMF0nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-116ddf09265d51523c3638b3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dTu4TnkeBj5Jm6nU8CA37pptq4F43BUYXcAJPcXro47W1MJriiVrcw==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:35 GMT
etag: "3d8c927b6945d880f92d4e7a686cad5a9985e8ad"
content-type: image/jpeg
age: 8118
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e08af5b1d18986e112913c6e69cc8ce6
151b60134a66305bd72dbb3810f67a57720b2af1
555a62d98f4002ad187a6b480d534a1dbe3c64d1f4d17cffad2ab985c10ca462
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12853
x-amzn-requestid: 25e4402d-98d0-4c38-a927-397c37724bea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhdpHAuIAMFweQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c57-506672a36959d9ea09ef5155;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gHL2sFE-o1u5kEIUiabbP6u5CXr3ihI4mKiAVkfReyuJuTF5k5ktSg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:48 GMT
age: 8105
etag: "151b60134a66305bd72dbb3810f67a57720b2af1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8825a2c5c0d98323f489e0b816b7f1d8
05f46985ea4ace57460120876da8e19db08857b3
1d12590a78b32146d6f1d107fb93bdb6cb45228d15babd087c0111495d7138e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 67e1ba67-b4fb-42c8-985d-f34164101c7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhIGGtloAMFxjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bcd-295995bb1123430c55659fe3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d64lSE184IwrwZKVC8KOUINEBclth9b7xRGV9T1uNfAptgXz0bxKhw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:14:25 GMT
age: 6328
etag: "05f46985ea4ace57460120876da8e19db08857b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7a6f598-362e-4a6c-ba04-330df636e33b.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7a6f598-362e-4a6c-ba04-330df636e33b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3c7e8351884491aeab9323c004bc3f3
127ac68bac21c88ffc6e09cc6666e93de4746a1f
e6fa04c502105c43c85c00d39481d2598c6d8fd56540e10107b6668c51597ae4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7a6f598-362e-4a6c-ba04-330df636e33b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8498
x-amzn-requestid: f6b92060-88d4-49bd-b60e-94d99feca4e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYiBaGPOIAMFu1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867d3c-331dacfb087d23881924eef9;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:44:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Zv5zu1q8h4GFU6agEcDzSVFYuvF74qu7UBnovs3vH5jpu17cmyxjQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:50 GMT
age: 8104
etag: "127ac68bac21c88ffc6e09cc6666e93de4746a1f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e135c29a8769eb12ef8c26f99097400
87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d
ce41ff79c382efc54aa2fd3ab64293d2d2b706a7f21585f4bd8bbcd9a3566126
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7971
x-amzn-requestid: e47d10e4-2b60-4998-b5fa-5b145e60aac2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgWHgGoAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-5b9710a07b0a59730e73dce4;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OURSF_raDXrHV3-3ScaEdorNpW9ZKSIQjv6WUCQYHhruGz372BU_QA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:11:32 GMT
age: 6502
etag: "87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9fb14804c284e300f976848e30396e9c
6004b4b7afd22dded903f026d245bc90a6706767
1cf96b0b6c83f182d018fa4ffb9924038bf282755091e7bacff2a624220260d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13195
x-amzn-requestid: 1303b72c-fe18-46a3-b3c1-06f3b8550d90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvHW6oAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1b3dbbb005a238117076d1f3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pw2Wm8mI8MxRAOVsdvvWLEuxPN5ffcgWBZ_KecuuS5stoTHF4hxECg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:49 GMT
age: 8105
etag: "6004b4b7afd22dded903f026d245bc90a6706767"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 55 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 55
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=1209600
Date: Tue, 29 Nov 2022 23:59:54 GMT
Etag: "63866b9a-37"
Last-Modified: Tue, 29 Nov 2022 20:29:14 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9nMOZ2CtbDP9wwj1gWWkzMENRUfX8TIdkiqZtE72wPWCF79_hoP0bQ==
www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_cookie_141.js?version=1669710080
44.228.143.47200 OK 696 B URL HTTP/2 www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_cookie_141.js?version=1669710080
IP 44.228.143.47:0
File type ASCII text, with very long lines (1266)
Hash 61d49a466143545253d40c6c6a91226d
4f7f06c8b9794690bf1d513126156b46185a6c30
7319fe517f9aac436543b8bc617df02f653023519622d8a0c064368946961f5a
Analyzer Verdict Alert fortinet Phishing
GET /common/assets/js/funnel/pvexl42step/final/lib/js/jquery_cookie_141.js?version=1669710080 HTTP/1.1
Host: www.speedy5kloan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/?rtrcid=503475~e4481a22~1610211&rtrtid=11:FD1TCS59&rtrsid=1&xi_rtrtsrc=1&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=3708&x_psac=3708&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e4481a22~1610211%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2226%22,%22subid%22:%2211:FD1TCS59%22,%22x_offerid%22:%22337%22,%22x_clickid%22:%2210240d519785945e2ebc26262bfb75%22,%22email%22:%22russell.simmons@memphistn.gov%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%223708%22}
Cookie: SCSSESSIONID=8bgm7fhn8k4qg6dgnudjivesfr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:53 GMT
content-type: application/javascript
content-length: 696
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Tue, 29 Nov 2022 08:21:20 GMT
etag: "514-5ee97ac3f6e1d-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_mask_114.js?version=1669710080
44.228.143.47200 OK 3.7 kB URL HTTP/2 www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_mask_114.js?version=1669710080
IP 44.228.143.47:0
File type ASCII text, with very long lines (1024)
Hash 6e4835c7754f969f87db2aec362f93d7
5e99b01c948bca2ce3f1b464420ca24008869516
e37e47c1692b9f3d3f4fecb8530b88330559c88aa29e4697d85dccd774e4e6c8
Analyzer Verdict Alert fortinet Phishing
GET /common/assets/js/funnel/pvexl42step/final/lib/js/jquery_mask_114.js?version=1669710080 HTTP/1.1
Host: www.speedy5kloan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/?rtrcid=503475~e4481a22~1610211&rtrtid=11:FD1TCS59&rtrsid=1&xi_rtrtsrc=1&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=3708&x_psac=3708&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e4481a22~1610211%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2226%22,%22subid%22:%2211:FD1TCS59%22,%22x_offerid%22:%22337%22,%22x_clickid%22:%2210240d519785945e2ebc26262bfb75%22,%22email%22:%22russell.simmons@memphistn.gov%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%223708%22}
Cookie: SCSSESSIONID=8bgm7fhn8k4qg6dgnudjivesfr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:53 GMT
content-type: application/javascript
content-length: 3741
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Tue, 29 Nov 2022 08:21:20 GMT
etag: "218e-5ee97ac3f6e1d-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/lib/js/bootstrap_341.js?version=1669710080
44.228.143.47200 OK 15 kB URL HTTP/2 www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/lib/js/bootstrap_341.js?version=1669710080
IP 44.228.143.47:0
File type ASCII text, with very long lines (39553)
Hash 4ca1581bbfa1769fd90081a0d3b217db
aa70415458ccab5aaefabac126a0e32197cad909
3a1f15a5e529a47aa078b75a643bc3c3d9755d11745e231423074883a394526f
GET /common/assets/js/funnel/pvexl42step/final/lib/js/bootstrap_341.js?version=1669710080 HTTP/1.1
Host: www.speedy5kloan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/?rtrcid=503475~e4481a22~1610211&rtrtid=11:FD1TCS59&rtrsid=1&xi_rtrtsrc=1&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=3708&x_psac=3708&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e4481a22~1610211%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2226%22,%22subid%22:%2211:FD1TCS59%22,%22x_offerid%22:%22337%22,%22x_clickid%22:%2210240d519785945e2ebc26262bfb75%22,%22email%22:%22russell.simmons@memphistn.gov%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%223708%22}
Cookie: SCSSESSIONID=8bgm7fhn8k4qg6dgnudjivesfr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:53 GMT
content-type: application/javascript
content-length: 15342
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Tue, 29 Nov 2022 08:21:20 GMT
etag: "9b00-5ee97ac3f1ffc-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
img.emlasts.com/epcvip/ac-icons/icon_success.png
143.204.55.73200 OK 12 kB URL HTTP/2 img.emlasts.com/epcvip/ac-icons/icon_success.png
IP 143.204.55.73:0
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 646beb0fefb01ebf9006e7722c5b4611
17cb12b9b3ae6322c8dcf28f5e3832910e384525
bcba7e55c4cbbebd3ab071c189c875aebd5999ecd1c7ef835da7fed4e81bb692
GET /epcvip/ac-icons/icon_success.png HTTP/1.1
Host: img.emlasts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 11695
last-modified: Thu, 11 Mar 2021 22:01:06 GMT
x-amz-version-id: vue7UWARodNTQ1z3_MZFfQrXOvBUZEpx
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 02:26:55 GMT
etag: "646beb0fefb01ebf9006e7722c5b4611"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GH7WWcCRGwfJBptw7zauE2EAS5CsbMxxPkCh7GFJVHSeJEfgifCzQw==
age: 77580
cache-control: max-age=31536000
X-Firefox-Spdy: h2
www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/local-storage-wrapper.js?version=1669710080
44.228.143.47200 OK 447 B URL HTTP/2 www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/local-storage-wrapper.js?version=1669710080
IP 44.228.143.47:0
Hash d62c5ca1baa18951e04f01c446c1ac1d
ea2b43b7b4fba74a53a16ece693dac223c98b74b
4b06bf9902324b73ac543c6a8227a59cda93bf74652e6f9291b03de44d512d0f
Analyzer Verdict Alert fortinet Phishing
GET /common/assets/js/funnel/pvexl42step/final/local-storage-wrapper.js?version=1669710080 HTTP/1.1
Host: www.speedy5kloan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/?rtrcid=503475~e4481a22~1610211&rtrtid=11:FD1TCS59&rtrsid=1&xi_rtrtsrc=1&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=3708&x_psac=3708&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e4481a22~1610211%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2226%22,%22subid%22:%2211:FD1TCS59%22,%22x_offerid%22:%22337%22,%22x_clickid%22:%2210240d519785945e2ebc26262bfb75%22,%22email%22:%22russell.simmons@memphistn.gov%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%223708%22}
Cookie: SCSSESSIONID=8bgm7fhn8k4qg6dgnudjivesfr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:54 GMT
content-type: application/javascript
content-length: 447
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Tue, 29 Nov 2022 08:21:20 GMT
etag: "826-5ee97ac3f6e1d-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.speedy5kloan.com/common/assets/js/global/lazysizes.min.js?version=1669710081
44.228.143.47200 OK 3.5 kB URL HTTP/2 www.speedy5kloan.com/common/assets/js/global/lazysizes.min.js?version=1669710081
IP 44.228.143.47:0
File type ASCII text, with very long lines (6761)
Hash ca6266d69da1d8eb8e6875062b3a2b1f
6599d22230cc84fba297b588ba1184aaf1d299fa
9d2dcd6895f7d1ef4dbe6c772cb2357b9eab6192440a650b84b7c2b31fb0c9cc
Analyzer Verdict Alert fortinet Phishing
GET /common/assets/js/global/lazysizes.min.js?version=1669710081 HTTP/1.1
Host: www.speedy5kloan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/?rtrcid=503475~e4481a22~1610211&rtrtid=11:FD1TCS59&rtrsid=1&xi_rtrtsrc=1&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=3708&x_psac=3708&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e4481a22~1610211%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2226%22,%22subid%22:%2211:FD1TCS59%22,%22x_offerid%22:%22337%22,%22x_clickid%22:%2210240d519785945e2ebc26262bfb75%22,%22email%22:%22russell.simmons@memphistn.gov%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%223708%22}
Cookie: SCSSESSIONID=8bgm7fhn8k4qg6dgnudjivesfr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:54 GMT
content-type: application/javascript
content-length: 3454
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Tue, 29 Nov 2022 08:21:21 GMT
etag: "1a83-5ee97ac440205-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.speedy5kloan.com/?rtrcid=503475~e4481a22~1610211&rtrtid=11:FD1TCS59&rtrsid=1&xi_rtrtsrc=1&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=3708&x_psac=3708&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e4481a22~1610211%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2226%22,%22subid%22:%2211:FD1TCS59%22,%22x_offerid%22:%22337%22,%22x_clickid%22:%2210240d519785945e2ebc26262bfb75%22,%22email%22:%22russell.simmons@memphistn.gov%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%223708%22}
44.228.143.47200 OK 44 kB URL HTTP/2 www.speedy5kloan.com/?rtrcid=503475~e4481a22~1610211&rtrtid=11:FD1TCS59&rtrsid=1&xi_rtrtsrc=1&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=3708&x_psac=3708&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e4481a22~1610211%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2226%22,%22subid%22:%2211:FD1TCS59%22,%22x_offerid%22:%22337%22,%22x_clickid%22:%2210240d519785945e2ebc26262bfb75%22,%22email%22:%22russell.simmons@memphistn.gov%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%223708%22}
IP 44.228.143.47:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1950)
Hash 9e09a5242dc1823ff25c74742084c986
210d7f37498630c41b46c2c479e7c8355ed7b7a0
152ddbb559bf899be1fa0bb143bbf3c102b5637c3bda57a03e5de1e1d560f0c0
GET /?rtrcid=503475~e4481a22~1610211&rtrtid=11:FD1TCS59&rtrsid=1&xi_rtrtsrc=1&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=3708&x_psac=3708&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e4481a22~1610211%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2226%22,%22subid%22:%2211:FD1TCS59%22,%22x_offerid%22:%22337%22,%22x_clickid%22:%2210240d519785945e2ebc26262bfb75%22,%22email%22:%22russell.simmons@memphistn.gov%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%223708%22} HTTP/1.1
Host: www.speedy5kloan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://offer.speedy5kloan.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:53 GMT
content-type: text/html; charset=UTF-8
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
x-powered-by: PHP/7.4.33
set-cookie: SCSSESSIONID=8bgm7fhn8k4qg6dgnudjivesfr; expires=Wed, 30-Nov-2022 07:59:53 GMT; Max-Age=28800; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_steps_110.js?version=1669710080
44.228.143.47200 OK 5.9 kB URL HTTP/2 www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_steps_110.js?version=1669710080
IP 44.228.143.47:0
File type ASCII text, with very long lines (13686)
Hash 9122fadc073d660ce3ee7c3afbb02d2b
5df9c5da5c7f71e43961fcd601aa0d6969212005
54a75ab40ca4289011a1355bbd2078e80be34c7d6c1933a24e528d82a5957d7c
GET /common/assets/js/funnel/pvexl42step/final/lib/js/jquery_steps_110.js?version=1669710080 HTTP/1.1
Host: www.speedy5kloan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/?rtrcid=503475~e4481a22~1610211&rtrtid=11:FD1TCS59&rtrsid=1&xi_rtrtsrc=1&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=3708&x_psac=3708&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e4481a22~1610211%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2226%22,%22subid%22:%2211:FD1TCS59%22,%22x_offerid%22:%22337%22,%22x_clickid%22:%2210240d519785945e2ebc26262bfb75%22,%22email%22:%22russell.simmons@memphistn.gov%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%223708%22}
Cookie: SCSSESSIONID=8bgm7fhn8k4qg6dgnudjivesfr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:54 GMT
content-type: application/javascript
content-length: 5931
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Tue, 29 Nov 2022 08:21:20 GMT
etag: "3620-5ee97ac3f6e1d-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 78118c158200e73ba73414b36129796a
37d3a6af0cbf2e1aef6a52f34456d4fa493fd843
d42b989fef1b99f8dde83dcdced332223ecfd470d4f3e0a89683a4415eacbcd5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 23:59:54 GMT
Etag: "6385f1bb-1d7"
Server: ECS (dcb/7F39)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0QTfrCgNwwOe5bWU-ue9w2o87RUf6VMyQ-jlYR3YXkYLkv6Xka4ZMg==
img.emlasts.com/epcvip/ac-icons/spinner.gif
143.204.55.73200 OK 73 kB URL HTTP/2 img.emlasts.com/epcvip/ac-icons/spinner.gif
IP 143.204.55.73:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash f05d5e1f77b32a187040b0c3b3b06481
6b0728cb2b735aca08043b2e80e42e4c8e490a6c
7bf6600fc5e0e9ba6e0816783e3346ca53d016c65feac96d24da10ea307e1b08
GET /epcvip/ac-icons/spinner.gif HTTP/1.1
Host: img.emlasts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 73338
last-modified: Thu, 11 Mar 2021 23:55:10 GMT
x-amz-version-id: MXyLnF3YP.QdPE6INbkqV5vz_1brMawS
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 02:52:59 GMT
etag: "f05d5e1f77b32a187040b0c3b3b06481"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: C3IN9XqAN4ktrXv04Dt5m2RJKDPJuobAmUOkPmBq3nnJOgPxFw71rw==
age: 76015
cache-control: max-age=31536000
X-Firefox-Spdy: h2
img.emlasts.com/epcvip/ac-icons/asterisks.png
143.204.55.73200 OK 587 B URL HTTP/2 img.emlasts.com/epcvip/ac-icons/asterisks.png
IP 143.204.55.73:0
File type PNG image data, 184 x 42, 8-bit colormap, non-interlaced\012- data
Hash 4b7874d634e9faa2470b05f42b731aa0
dcfb3eab7ccc349b47196d1354387ad204c62e2c
22e29b0f2fa3e4c59fbed79e72c2b339a4ea76f9d6ddd5eba59c0e668bf0b1b8
GET /epcvip/ac-icons/asterisks.png HTTP/1.1
Host: img.emlasts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 587
last-modified: Tue, 06 Apr 2021 21:06:50 GMT
x-amz-version-id: 3gNNo2cxRohJ_8ZRm9kVCxwIRHxSx4ek
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 01:03:55 GMT
etag: "4b7874d634e9faa2470b05f42b731aa0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5iczeEyJNCegDaELtxoQulq5ANm-FzbZk8vWRoaQIYyT42ho2NA-Ww==
age: 82560
cache-control: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:59:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:59:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:59:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:59:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:59:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_360.js?version=1669710080
44.228.143.47200 OK 47 kB URL HTTP/2 www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_360.js?version=1669710080
IP 44.228.143.47:0
Hash ef441a963c03a59bf786eeb6be49fafe
404f0cba173412a70226728693ed5a8b80bc2915
4a5f3cbc8f4598176bb9b2463f9a6629c92bfeb075441357a83d87468c76fa94
GET /common/assets/js/funnel/pvexl42step/final/lib/js/jquery_360.js?version=1669710080 HTTP/1.1
Host: www.speedy5kloan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/?rtrcid=503475~e4481a22~1610211&rtrtid=11:FD1TCS59&rtrsid=1&xi_rtrtsrc=1&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=3708&x_psac=3708&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e4481a22~1610211%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2226%22,%22subid%22:%2211:FD1TCS59%22,%22x_offerid%22:%22337%22,%22x_clickid%22:%2210240d519785945e2ebc26262bfb75%22,%22email%22:%22russell.simmons@memphistn.gov%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%223708%22}
Cookie: SCSSESSIONID=8bgm7fhn8k4qg6dgnudjivesfr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:53 GMT
content-type: application/javascript
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Tue, 29 Nov 2022 08:21:20 GMT
etag: "15d9c-5ee97ac3f6e1d-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7776, version 1.0\012- data
Hash 84780596e268aa0cb2be48af2ed5c375
d67ccd32f8c790a746d64d06145882a2f7b06560
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
GET /s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.speedy5kloan.com
Connection: keep-alive
Referer: https://www.speedy5kloan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 17:05:49 GMT
expires: Thu, 23 Nov 2023 17:05:49 GMT
cache-control: public, max-age=31536000
age: 543245
last-modified: Thu, 05 Nov 2020 22:01:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Hash 9ed361bba8488aeb2797b82befda20f1
6f80d965a066aff81c0a344d4b7297bd009cc099
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
GET /s/poppins/v15/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.speedy5kloan.com
Connection: keep-alive
Referer: https://www.speedy5kloan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 04:28:42 GMT
expires: Sun, 26 Nov 2023 04:28:42 GMT
cache-control: public, max-age=31536000
age: 329472
last-modified: Thu, 05 Nov 2020 22:01:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7832, version 1.0\012- data
Hash f4f17fd53c7d040e56f91a3ecb692b22
1b51342175762634835645ba2f99cd3ab0ac615c
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
GET /s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.speedy5kloan.com
Connection: keep-alive
Referer: https://www.speedy5kloan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7832
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:48:16 GMT
expires: Wed, 29 Nov 2023 15:48:16 GMT
cache-control: public, max-age=31536000
age: 29498
last-modified: Thu, 05 Nov 2020 22:01:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDD4Z1xlFd2JQEk.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDD4Z1xlFd2JQEk.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7844, version 1.0\012- data
Hash 93c0db9332c3f46d1842b36bcf89dac0
7d5057e994e405022a1bfa3c6c668028ac222532
e28d860a51754d183f6f97432fd94046cd31afb7ce65c8ea179b0ff63b3d84fa
GET /s/poppins/v15/pxiByp8kv8JHgFVrLDD4Z1xlFd2JQEk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.speedy5kloan.com
Connection: keep-alive
Referer: https://www.speedy5kloan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 19:39:03 GMT
expires: Wed, 29 Nov 2023 19:39:03 GMT
cache-control: public, max-age=31536000
age: 15651
last-modified: Thu, 05 Nov 2020 22:01:51 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:59:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.emlasts.com/epcvip/ac-icons/point_online.png
143.204.55.73200 OK 1.7 kB URL HTTP/2 img.emlasts.com/epcvip/ac-icons/point_online.png
IP 143.204.55.73:0
File type PNG image data, 85 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash b7106637d27b8935b243868d559964d9
a7af18522be80b76e2ff69b6b3e67e9afa143bae
eee7b579b6209a4d45aaf94fefb1c04908ad8021250e3b73e84be24475afafb2
GET /epcvip/ac-icons/point_online.png HTTP/1.1
Host: img.emlasts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1716
last-modified: Tue, 23 Mar 2021 22:56:35 GMT
x-amz-version-id: cNjZgvknIhiZHhv31pjFkikTELtLDYxY
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 03:43:12 GMT
etag: "b7106637d27b8935b243868d559964d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tTNwKs-ImAsPURUhFAF-Cwn1wRe12ebkMKnMCJ2-zU4I9pezOaBcWg==
age: 73003
cache-control: max-age=31536000
X-Firefox-Spdy: h2
img.emlasts.com/epcvip/ac-icons/point_cards.png
143.204.55.73200 OK 2.9 kB URL HTTP/2 img.emlasts.com/epcvip/ac-icons/point_cards.png
IP 143.204.55.73:0
File type PNG image data, 85 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash eeeda29d39302be45f4c1f4617975b11
09753ab28d2c6d7e8f5db1c1d7ad03a674b61e97
50e8f37b4bb0ecd3bae73788be069b5b9578da527040124676cd3d257ac2d247
GET /epcvip/ac-icons/point_cards.png HTTP/1.1
Host: img.emlasts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2871
last-modified: Tue, 23 Mar 2021 22:56:35 GMT
x-amz-version-id: 4FoewmqY5fkC9PQVQvhlQzDPeayvKJ7k
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 03:43:14 GMT
etag: "eeeda29d39302be45f4c1f4617975b11"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uLF_C3Gx1UX2ciXXPary8W7CqnT1_6WkgPjheuhyc0t5XAJUCIfrjg==
age: 73001
cache-control: max-age=31536000
X-Firefox-Spdy: h2
img.emlasts.com/epcvip/ac-icons/point_bank.png
143.204.55.73200 OK 2.0 kB URL HTTP/2 img.emlasts.com/epcvip/ac-icons/point_bank.png
IP 143.204.55.73:0
File type PNG image data, 85 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash aa079a92b89893842226149cf779d8b0
145f7b66882deb3d08b77416cdf30f2a87c6828a
21dff3be1d7fc41ebada2386ffcf13261bf0adae089902012b3d1c0df1492432
GET /epcvip/ac-icons/point_bank.png HTTP/1.1
Host: img.emlasts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1963
last-modified: Tue, 23 Mar 2021 22:56:35 GMT
x-amz-version-id: qHFNgw0Eq5FCoyIyUa88cwP9.EslyGYg
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 04:37:44 GMT
etag: "aa079a92b89893842226149cf779d8b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rRHa9kPW6CMB76rzffsnRfc1PpE_W2kv78PCIn950FqZSsR5ud049Q==
age: 69731
cache-control: max-age=31536000
X-Firefox-Spdy: h2
img.emlasts.com/epcvip/ac-icons/point_require.png
143.204.55.73200 OK 2.5 kB URL HTTP/2 img.emlasts.com/epcvip/ac-icons/point_require.png
IP 143.204.55.73:0
File type PNG image data, 85 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash 5131654e37c3fe6c3ddbed25e397e136
cab55bc50213b84b088e65fe44ee9c9f1a41ea2e
421a6e46be6f1fea476a59431f97eff87b1b888cdcde020d6e75ff767649f34d
GET /epcvip/ac-icons/point_require.png HTTP/1.1
Host: img.emlasts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2495
last-modified: Tue, 23 Mar 2021 22:56:36 GMT
x-amz-version-id: lHlHEphfWqC3XH.CuG3_CDT5vzRlR2q8
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 08:08:28 GMT
etag: "5131654e37c3fe6c3ddbed25e397e136"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5HrcPhIcCMplqNmlVWkK4iMU1po4VWURHCehcQDmzDmTmQHg_xnmjg==
age: 57087
cache-control: max-age=31536000
X-Firefox-Spdy: h2
www.speedy5kloan.com/assets/img/logo.png
44.228.143.47200 OK 22 kB URL HTTP/2 www.speedy5kloan.com/assets/img/logo.png
IP 44.228.143.47:0
File type PNG image data, 825 x 238, 8-bit/color RGBA, non-interlaced\012- data
Hash 4ee24727f9a964f4d6d8b663cdd14cc6
8a079d9e786c7cf9c51e05c8fb8e5b2adc346c12
e11c3616020b1c19f85ab001c4efbe0bb95c4043123a05b2b8bcf189ead00959
GET /assets/img/logo.png HTTP/1.1
Host: www.speedy5kloan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/?rtrcid=503475~e4481a22~1610211&rtrtid=11:FD1TCS59&rtrsid=1&xi_rtrtsrc=1&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=3708&x_psac=3708&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e4481a22~1610211%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2226%22,%22subid%22:%2211:FD1TCS59%22,%22x_offerid%22:%22337%22,%22x_clickid%22:%2210240d519785945e2ebc26262bfb75%22,%22email%22:%22russell.simmons@memphistn.gov%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%223708%22}
Cookie: SCSSESSIONID=8bgm7fhn8k4qg6dgnudjivesfr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:54 GMT
content-type: image/png
content-length: 22540
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Tue, 29 Nov 2022 08:52:58 GMT
etag: "580c-5ee981d5ac394"
accept-ranges: bytes
vary: User-Agent
X-Firefox-Spdy: h2
www.speedy5kloan.com/apple-touch-icon.png?version=1669711978
44.228.143.47200 OK 4.3 kB URL HTTP/2 www.speedy5kloan.com/apple-touch-icon.png?version=1669711978
IP 44.228.143.47:0
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Hash b909a7ef2bc80695b9d009c4b810f124
396ce8a4fd976f8e6207dc47174f2555b213bb19
b052fa185e30520d0df1f8d7e7dc4ebdf6d2046566d67afdac6b296f088431d9
GET /apple-touch-icon.png?version=1669711978 HTTP/1.1
Host: www.speedy5kloan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/?rtrcid=503475~e4481a22~1610211&rtrtid=11:FD1TCS59&rtrsid=1&xi_rtrtsrc=1&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=3708&x_psac=3708&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e4481a22~1610211%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2226%22,%22subid%22:%2211:FD1TCS59%22,%22x_offerid%22:%22337%22,%22x_clickid%22:%2210240d519785945e2ebc26262bfb75%22,%22email%22:%22russell.simmons@memphistn.gov%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%223708%22}
Cookie: SCSSESSIONID=8bgm7fhn8k4qg6dgnudjivesfr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:55 GMT
content-type: image/png
content-length: 4308
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Tue, 29 Nov 2022 08:52:58 GMT
etag: "10d4-5ee981d5a36f3"
accept-ranges: bytes
vary: User-Agent
X-Firefox-Spdy: h2
www.speedy5kloan.com/favicon-16x16.png?version=1669711978
44.228.143.47200 OK 959 B URL HTTP/2 www.speedy5kloan.com/favicon-16x16.png?version=1669711978
IP 44.228.143.47:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash d763d601240bf891240b96004806f23a
8a3b1c9be9c605f12a44ef08d0674a4330a8e93e
3b07527f849bb58c6e60b8c8c9c0122e870221df0431415000616b72e174b217
GET /favicon-16x16.png?version=1669711978 HTTP/1.1
Host: www.speedy5kloan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/?rtrcid=503475~e4481a22~1610211&rtrtid=11:FD1TCS59&rtrsid=1&xi_rtrtsrc=1&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=3708&x_psac=3708&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e4481a22~1610211%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2226%22,%22subid%22:%2211:FD1TCS59%22,%22x_offerid%22:%22337%22,%22x_clickid%22:%2210240d519785945e2ebc26262bfb75%22,%22email%22:%22russell.simmons@memphistn.gov%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%223708%22}
Cookie: SCSSESSIONID=8bgm7fhn8k4qg6dgnudjivesfr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:55 GMT
content-type: image/png
content-length: 959
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Tue, 29 Nov 2022 08:52:58 GMT
etag: "3bf-5ee981d5ac394"
accept-ranges: bytes
vary: User-Agent
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash aad6f4f488fa6f31a62993ecb8a67e6b
d573c1b5d7deda963499f2d63ba027a96d9c9c41
ce5da027aec9682fb7d812965b13eb897eb6f41e14bb36f2637d3b7ae64ba375
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1461
Cache-Control: max-age=100168
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 23:59:55 GMT
Etag: "63857b8e-117"
Expires: Thu, 01 Dec 2022 03:49:23 GMT
Last-Modified: Tue, 29 Nov 2022 03:25:02 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 55 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 55
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=1209600
Date: Tue, 29 Nov 2022 23:59:56 GMT
Etag: "638651c5-37"
Last-Modified: Tue, 29 Nov 2022 18:39:01 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IZZzWYwXt7_SfQCFS7VMvzvCpWiS23FhpQ1cygxBFnRmoOLpyLpqPA==
Age: 5284
ekr.zdassets.com/compose/045675ec-ff49-47ff-8850-a8e0143537be
104.18.70.113200 OK 306 kB URL HTTP/2 ekr.zdassets.com/compose/045675ec-ff49-47ff-8850-a8e0143537be
IP 104.18.70.113:0
File type JSON data\012- , ASCII text, with very long lines (471), with no line terminators
Size 306 kB (306218 bytes)
Hash 72e944cf46a096c5d14aae1fa0be141d
f6474e1eca50c427e8a1c61d67930604bcc225f2
e98b1cde91bc0b8e330d802417ae7956200403c8f3e03d10bce9ab62cbdbbbd3
GET /compose/045675ec-ff49-47ff-8850-a8e0143537be HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.speedy5kloan.com
Connection: keep-alive
Referer: https://www.speedy5kloan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:55 GMT
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
etag: W/"45f1a3b1117060f8daaf4c37c9263dbe"
x-request-id: 771f4cbdfda2b50f-ARN, 771f4cbdfda2b50f-ARN
x-runtime: 0.002329
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPp%2BlhhIA5Urw%2B1F6DQrYEoY2NcnYpum9v2nJBpvNJcSHgLn4RWmXQDMKSy8IoA6VBg25jI5a5rYyW1SMi%2BGX7VvvfMr%2BkNuGWrnbr%2Bqkc4s2itatbgAoGb4XR2aUR%2FVrdo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 771f4cbdfda2b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-0f381a3.js
104.18.70.113200 OK 20 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-0f381a3.js
IP 104.18.70.113:0
File type ASCII text, with no line terminators
Hash 7ecbeb9fbae3abfe6ebd258f7d0b9ad3
c51d653cfe5d82402b6d029ad66022cc42cbe190
5dc737f70ad8bc7f9aa0e601985b1c5fba3120f71f3bb29387c12b1df54b5059
GET /web_widget/latest/classic/web-widget-chat-incoming-message-notification-0f381a3.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:56 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: ZkG8fyEf031YtEBQIlm+Z3jhcP+Vuv/5sORSmJLNCqKkj5Y+jBiRYgfuM2wWiL1f6oWcWWT+p7k=
x-amz-request-id: RRTR1EY5T2NZJSWQ
x-amz-replication-status: COMPLETED
last-modified: Wed, 23 Nov 2022 06:52:48 GMT
etag: W/"659635f5ad1b6653645380f46aa42236"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 23 Nov 2023 06:52:47 GMT
x-amz-version-id: gjh5e8d0gR1vkm8o3tkIbd_vvALuFJ5H
cf-cache-status: HIT
age: 496434
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baz7sMZqnbV%2F%2BFCH1maosGeM1%2BiqIhxJbB%2FRWr8vB7J79J%2F0fnomC4KC9CODOVxJS1C4DvLmN3Vag8%2FJVwJivQKM7ktFCF5ou%2BsfVGe7%2BlUrTspI%2FyG6ni5RV%2FkDO9u6NNqKlis%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 771f4ccb7d750b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.speedy5kloan.com/common/template/funnel/pvexl42step/L4/DynamicRLA-wCS/scripts.js?version=1669710081
44.228.143.47200 OK 0 B URL HTTP/2 www.speedy5kloan.com/common/template/funnel/pvexl42step/L4/DynamicRLA-wCS/scripts.js?version=1669710081
IP 44.228.143.47:0
Analyzer Verdict Alert fortinet Phishing
GET /common/template/funnel/pvexl42step/L4/DynamicRLA-wCS/scripts.js?version=1669710081 HTTP/1.1
Host: www.speedy5kloan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/?rtrcid=503475~e4481a22~1610211&rtrtid=11:FD1TCS59&rtrsid=1&xi_rtrtsrc=1&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=3708&x_psac=3708&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e4481a22~1610211%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2226%22,%22subid%22:%2211:FD1TCS59%22,%22x_offerid%22:%22337%22,%22x_clickid%22:%2210240d519785945e2ebc26262bfb75%22,%22email%22:%22russell.simmons@memphistn.gov%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%223708%22}
Cookie: SCSSESSIONID=8bgm7fhn8k4qg6dgnudjivesfr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:54 GMT
content-type: application/javascript
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Tue, 29 Nov 2022 08:21:21 GMT
etag: "10c34-5ee97ac471eea-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
static.zdassets.com/ekr/snippet.js?key=045675ec-ff49-47ff-8850-a8e0143537be
104.18.70.113200 OK 0 B URL HTTP/2 static.zdassets.com/ekr/snippet.js?key=045675ec-ff49-47ff-8850-a8e0143537be
IP 104.18.70.113:0
GET /ekr/snippet.js?key=045675ec-ff49-47ff-8850-a8e0143537be HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:53 GMT
content-type: application/javascript
x-amz-id-2: 2vczt6VEQAujZh2Sn1saK7Q0yPHQMRKRQuuC+kOwLnJ40itjD1HXfy2Id85tVz8wD4O1ArN10VQ=
x-amz-request-id: 4MARQ9YY8PDZ70A8
x-amz-replication-status: PENDING
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
cf-cache-status: HIT
age: 33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csd2WsqC1wCl2dNfGQvIswyB2JxMjA0olohE0aKAOLpl7WxgQ%2FUmUhEgiKDHE9aE7kl1%2FoeGTqlYf9zlAmVfgdEytX7XFpogkxMUPVnrzs4yEePP%2FzSmpyP2WfOy%2Fi1ROk0DCTw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 771f4cb95dd90b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-5324-0f381a3.js
104.18.70.113200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-5324-0f381a3.js
IP 104.18.70.113:0
GET /web_widget/latest/classic/web-widget-5324-0f381a3.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:55 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: ggKiBht96TKm1np6EWaju14m6EIZbgNIuYlcr9cMGRVNKU+O7I2mo0lv/9zeyguWcNFQ9Z/YeWw=
x-amz-request-id: K34ZHE8GKPY13FCH
x-amz-replication-status: COMPLETED
last-modified: Wed, 23 Nov 2022 06:52:48 GMT
etag: W/"dc53ba31534e97fb2671678ae77d8d6f"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 23 Nov 2023 06:52:47 GMT
x-amz-version-id: izxLlm.UBHLmubn8PjkXUCj9KFHKpKTg
cf-cache-status: HIT
age: 496435
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=riZWBHUCDDpQAiRAu6E7tMB37I5lBE2McluY3LDbU7JCRnDAJQMPnYAuGAs1iFuB1QWF34r%2F9dsyMcg4BlbViNJUaXxWa8CG1zgaYc302syMumQDC7vdmKjTdhybFHSxxrCdr1I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 771f4cc5ab120b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_ui_112.js?version=1669710080
44.228.143.47200 OK 0 B URL HTTP/2 www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/lib/js/jquery_ui_112.js?version=1669710080
IP 44.228.143.47:0
GET /common/assets/js/funnel/pvexl42step/final/lib/js/jquery_ui_112.js?version=1669710080 HTTP/1.1
Host: www.speedy5kloan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/?rtrcid=503475~e4481a22~1610211&rtrtid=11:FD1TCS59&rtrsid=1&xi_rtrtsrc=1&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=3708&x_psac=3708&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e4481a22~1610211%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2226%22,%22subid%22:%2211:FD1TCS59%22,%22x_offerid%22:%22337%22,%22x_clickid%22:%2210240d519785945e2ebc26262bfb75%22,%22email%22:%22russell.simmons@memphistn.gov%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%223708%22}
Cookie: SCSSESSIONID=8bgm7fhn8k4qg6dgnudjivesfr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:53 GMT
content-type: application/javascript
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Tue, 29 Nov 2022 08:21:20 GMT
etag: "3ddf1-5ee97ac3f6e1d-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/lib/css/bootstrap_337.css?version=1669710080
44.228.143.47200 OK 0 B URL HTTP/2 www.speedy5kloan.com/common/assets/js/funnel/pvexl42step/final/lib/css/bootstrap_337.css?version=1669710080
IP 44.228.143.47:0
Analyzer Verdict Alert fortinet Phishing
GET /common/assets/js/funnel/pvexl42step/final/lib/css/bootstrap_337.css?version=1669710080 HTTP/1.1
Host: www.speedy5kloan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.speedy5kloan.com/?rtrcid=503475~e4481a22~1610211&rtrtid=11:FD1TCS59&rtrsid=1&xi_rtrtsrc=1&x_offerid=337&x_clickid=10240d519785945e2ebc26262bfb75&email=russell.simmons@memphistn.gov&fname=%7Bfname%7D&lname=%7Blname%7D&xi_tier=1&xi_ac=3708&x_psac=3708&xi_cfg={%22srtr%22:1,%22ertr%22:1,%22psrtr%22:1,%22bcktr%22:1,%22pv%22:[11,13]}&xi_tft={%22rtrcid%22:%22503475~e4481a22~1610211%22,%22xi_tier%22:%221%22}&odata={%22aid%22:%22503475%22,%22acid%22:%2226%22,%22subid%22:%2211:FD1TCS59%22,%22x_offerid%22:%22337%22,%22x_clickid%22:%2210240d519785945e2ebc26262bfb75%22,%22email%22:%22russell.simmons@memphistn.gov%22,%22fname%22:%22{fname}%22,%22lname%22:%22{lname}%22,%22xi_resid%22:%22{resid}%22,%22xi_oclkid%22:%22{kid}%22,%22x_psac%22:%223708%22}
Cookie: SCSSESSIONID=8bgm7fhn8k4qg6dgnudjivesfr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 23:59:53 GMT
content-type: text/css
server: Apache/2.4.54 () mod_fcgid/2.3.9 PHP/7.4.33
last-modified: Tue, 29 Nov 2022 08:21:20 GMT
etag: "1d942-5ee97ac3f1ffc-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2