r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5533
Expires: Tue, 15 Nov 2022 04:44:52 GMT
Date: Tue, 15 Nov 2022 03:12:39 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 832aecaba9f06ee2d39d4d4bea65f13c
7195d6ffadfdbc6fc8e92c63ae28d4a3038a72dc
a437509314a97065de6c7b9e5e2b4b61f0234b45f5f5bf2649cbdf499577bfd3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5362
Cache-Control: max-age=118080
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:12:39 GMT
Etag: "637218f5-1d7"
Expires: Wed, 16 Nov 2022 12:00:39 GMT
Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8c15cef160d1514fc977ed4c4e97086c
ffe4ce3199658a1fc7a45d1607df40ef3911621d
db1a82d8a2bacc0257b87efec0c365c1b769700fa27ce928321e082505f1d72a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB1A82D8A2BACC0257B87EFEC0C365C1B769700FA27CE928321E082505F1D72A"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14801
Expires: Tue, 15 Nov 2022 07:19:20 GMT
Date: Tue, 15 Nov 2022 03:12:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 15 Nov 2022 02:44:20 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1699
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: g0P8X6y5AxEESD6N9cJs1kJGl10/ERShWvXJCQTmCVetJ47XMzDwmIhhe5nSE3cKHETkZbv2xdo=
x-amz-request-id: HB341133ZKHFR06T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 15 Nov 2022 02:14:05 GMT
age: 3514
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
echo4.bluehornet.com/ct/101642012:TbyxP3VN9:m:1:3536553594:9815645E8E6CE58FE3F4F7D464A3B260:r
54.149.14.76302 Found 177 B URL HTTP/1.1 echo4.bluehornet.com/ct/101642012:TbyxP3VN9:m:1:3536553594:9815645E8E6CE58FE3F4F7D464A3B260:r
IP 54.149.14.76:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash cbd6ad545660e36f61d2c2b6015b4bb9
4ac421d5e42c636d71819ae90ec0b63dcd72d40a
0e858c8bce5e2e2ea39ee82a9751ff77fc16b4734e298f28bcaa675e66c7817a
GET /ct/101642012:TbyxP3VN9:m:1:3536553594:9815645E8E6CE58FE3F4F7D464A3B260:r HTTP/1.1
Host: echo4.bluehornet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 15 Nov 2022 03:12:39 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 177
Connection: keep-alive
Set-Cookie: AWSALB=p7N+6KJB5KJSdtExnMaDFTMJL9XX2q4PTfh52GEItktEmgyvlK3xfqGTvwtNE6vJ68SfCsifmUZoAWnq7DhVs/Ih6gX46XmlIWixIquU0q4gES13JKvqxxrhlGf2; Expires=Tue, 22 Nov 2022 03:12:39 GMT; Path=/
AWSALBCORS=p7N+6KJB5KJSdtExnMaDFTMJL9XX2q4PTfh52GEItktEmgyvlK3xfqGTvwtNE6vJ68SfCsifmUZoAWnq7DhVs/Ih6gX46XmlIWixIquU0q4gES13JKvqxxrhlGf2; Expires=Tue, 22 Nov 2022 03:12:39 GMT; Path=/; SameSite=None
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
AMFplus-Ver: 1.4.0.0
Cache-Control: no-cache
Pragma: no-cache
Location: https://tr4ckme.com/?a=44&c=63&p=r&s1=BH
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 03:12:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 15 Nov 2022 02:44:48 GMT
cache-control: public,max-age=3600
age: 1672
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3200044057cb585f1a435c0efece61c8
8305d5b5891288aa9996b4b4ca6fce2265413194
df45704534a24928e7659a6d8cd1b5ac9ffa9b224b02b34a2d6aed5ef69fd586
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2913
Cache-Control: max-age=110574
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:12:40 GMT
Etag: "63720535-1d7"
Expires: Wed, 16 Nov 2022 09:55:34 GMT
Last-Modified: Mon, 14 Nov 2022 09:07:01 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 044f5dffdd8fa85cc44df77c268eb283
9b6bfcad975785791f6ef044e85bb2bd5aee79c9
2ec8a7bca2967699754efb0f869267db942dbed5ec0aed25978546f1aee6bcda
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 03:12:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 19 Nov 2022 03:12:39 GMT
ETag: "9b6bfcad975785791f6ef044e85bb2bd5aee79c9"
Last-Modified: Tue, 15 Nov 2022 03:12:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a4ce7b1b3b1c0a-OSL
push.services.mozilla.com/
54.148.190.4101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.190.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ziW33bxFWdLoIOPebvdVAg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +68UkqsHjR9Zk8FRDEzjoRarVKE=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11199
Expires: Tue, 15 Nov 2022 06:19:19 GMT
Date: Tue, 15 Nov 2022 03:12:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11199
Expires: Tue, 15 Nov 2022 06:19:19 GMT
Date: Tue, 15 Nov 2022 03:12:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11199
Expires: Tue, 15 Nov 2022 06:19:19 GMT
Date: Tue, 15 Nov 2022 03:12:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11199
Expires: Tue, 15 Nov 2022 06:19:19 GMT
Date: Tue, 15 Nov 2022 03:12:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdf53960-f239-44a8-b66a-ca2ce9268f98.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdf53960-f239-44a8-b66a-ca2ce9268f98.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 962f43862a852bfa6766b9a2d8bfb99d
a5283e68020826f085fb4f06e3dcd36cef9eb067
7eee8aa0f5c6bce04a86fa16fb5d3e632d54792d79c550b044a40a6f070b89d4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdf53960-f239-44a8-b66a-ca2ce9268f98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15206
x-amzn-requestid: a04dc971-de49-4dc4-8bc2-2d3244d33ace
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bnEhpEJkoAMFV9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6372b470-632efaa725c2b959692e9e77;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 21:34:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ucLWmapHlWoKDoeb_ff2qbZOKGJLLQuq6RoP9mpFWOCVAJ70t13yw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:45:53 GMT
age: 19607
etag: "a5283e68020826f085fb4f06e3dcd36cef9eb067"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f047d91-bab3-43d1-86ce-a778be041877.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f047d91-bab3-43d1-86ce-a778be041877.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 44c3cfa4f4a4580bdca406de6f5a6714
6c8c93c6e73aa3a8473b6b5f0bae92f09f46b0dd
660faaadae34008977bb7efcc0ed42c6c2b542dbbefe9608942b8f6e1f357cca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f047d91-bab3-43d1-86ce-a778be041877.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9616
x-amzn-requestid: e041b4a7-ccd8-4517-b58a-cb8d111916f4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bd8heFPxoAMF0uQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f0e09-286cf1ce28c1b9851b40fd7f;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 03:07:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Db4Ssf23epKK93EKnA3iqEYggGom2pTkDiTTEMRcF7WLbE9hPawTjw==
via: 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 08:30:23 GMT
age: 67337
etag: "6c8c93c6e73aa3a8473b6b5f0bae92f09f46b0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lp5eW92D8SbFtcQLk-LRSaSKNMNFYCW7XTALdNdrJxN6ebgdH8_1Dw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:52:43 GMT
age: 19197
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c6daffa-b6ce-4709-8faf-5c9d010efd87.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c6daffa-b6ce-4709-8faf-5c9d010efd87.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 32c2a360d4897787f15b26d4a4cbfb00
18e1aa8e48e835336709e6f29dfc1b050867ed70
c6865753db8e92a8ed28b22dd6ada4d17a18035a850cbee1272fb8019c9ad8d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c6daffa-b6ce-4709-8faf-5c9d010efd87.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10330
x-amzn-requestid: cf1ae48b-2202-4f8f-aace-1502854159ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhQZ8EtVIAMF6sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6370610c-731fe2271954c26130f700f2;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:14:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: PAEqTK7ePU0kPfZmKq0y04XyWXW7oAkIkdiIoV2YCSwuCJoIfeGw1w==
via: 1.1 94f8839a97f73584e70cc07d9f704d62.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 04:17:31 GMT
age: 82509
etag: "18e1aa8e48e835336709e6f29dfc1b050867ed70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefdb26c1-8eff-4c41-9245-7fc53604cb29.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefdb26c1-8eff-4c41-9245-7fc53604cb29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 08bd66bbd19e46a42ef8acb8bce6388d
b4b7e3421eb3f1c434c65cb468ec46ba1ff54afa
b7dc233e1415accc4e2eab0784255f250bb188e381721f76d4ced3eaf86d0184
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefdb26c1-8eff-4c41-9245-7fc53604cb29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6118
x-amzn-requestid: af3049d8-11b3-42d4-816f-bcdf7af4bb24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bnEi5GwVoAMFYQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6372b478-37caf4ec59319ee72aa531af;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UV3QdB_Va1exUDMMzwJGDyOKDrlMadPQLnOk1rtCjhTp1USncQFRCw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:50:45 GMT
age: 19315
etag: "b4b7e3421eb3f1c434c65cb468ec46ba1ff54afa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49fc9477e5982c76b5205fe284f50848
2ca4915631ddcda64c1cb70674f4b1379e288050
496e4e4317538bd34bc6bc28f0c772b7afaf0edac6d2a8686f5e6c4f44331bb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11290
x-amzn-requestid: e56e4731-696e-4c63-9b48-1be184b32098
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPzMHOEoAMFVJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63706014-22c49f066ed90cf35d5bba3d;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4GdlXHpFADt-b7aq-JhGnU4derYUx0ta39dEXO3ywma3_J0L3D1fug==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 04:13:15 GMT
age: 82765
etag: "2ca4915631ddcda64c1cb70674f4b1379e288050"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tr4ckme.com/?a=44&c=63&p=r&s1=BH
52.88.195.185302 Found 162 B URL HTTP/1.1 tr4ckme.com/?a=44&c=63&p=r&s1=BH
IP 52.88.195.185:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f629b08b9dad4ad9416ea7dfc8030dc3
03622c3328161b56c9cd5f00094fd923a7663e21
1165a175ac4f889decd17bbff9865f37f1cff8de4519b924884d49c8363f73fa
GET /?a=44&c=63&p=r&s1=BH HTTP/1.1
Host: tr4ckme.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 162
Content-Type: text/html; charset=utf-8
Date: Tue, 15 Nov 2022 03:12:40 GMT
Location: https://allsolarincentives.com/?reqid=2804482
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=i/8sQLccm/hTHe0t9eBeaZG3hps1ntGtiv0jBQyCkauiJbHpv+HPGw==; domain=.tr4ckme.com; path=/; HttpOnly
trk=Pbsu9Y5X3BlTHe0t9eBeaZG3hps1ntGtiv0jBQyCkauiJbHpv+HPGw==; domain=.tr4ckme.com; expires=Fri, 15-Nov-2024 03:12:40 GMT; path=/; HttpOnly
c61=i/8sQLccm/jTINcHsoRE24Vkl6e/3ltPQfFVBVnqOIE=; domain=.tr4ckme.com; expires=Thu, 15-Dec-2022 03:12:40 GMT; path=/; HttpOnly
Connection: close
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash bf76cd6bfdaf57a3271dc91f69c190f4
fa61906ed668563f985d2e48d95489f537127099
099aca0910f13bbcd97c44e7a3faafa7de21d3ffec3d68b8e81093f5776aeb91
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 03:12:41 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 02:32:15 GMT
Expires: Sun, 20 Nov 2022 02:32:14 GMT
Etag: "fa61906ed668563f985d2e48d95489f537127099"
Cache-Control: max-age=428972,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a4ce820cfeb51e-OSL
allsolarincentives.com/?reqid=2804482
66.29.146.34200 OK 4.9 kB URL HTTP/2 allsolarincentives.com/?reqid=2804482
IP 66.29.146.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (378)
Hash 41222b81fa01b496a93fb025d4f396a5
a10163a8f2ec786551de3a1961223bd2ac6ceeac
682cb94a63f188e1249aca96496ce084cce06be7fd040219f6042b8b69a03e00
GET /?reqid=2804482 HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 4860
content-encoding: br
vary: Accept-Encoding
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b2d6aeeb303eaefc4cc6900e30da3b1b
4c3c027013211aa1b987006d0eb6c72f18c6a657
f542eab7c032d6c5f59710ee8993a01537e0fa2bf3882a6a699de85bba020999
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:12:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto
142.250.74.10200 OK 983 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto
IP 142.250.74.10:0
Hash 3ad505eae6672c882f2467cebbd7a408
610f8f399cbbd608d441fadce3e926befa056979
4eb521ff3644c30173bcc8adecf9022fe441c13471fdcfe529e465728d0f4ff4
GET /css?family=Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 15 Nov 2022 03:12:41 GMT
date: Tue, 15 Nov 2022 03:12:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
allsolarincentives.com/assets/css/style-top.css
66.29.146.34200 OK 265 B URL HTTP/2 allsolarincentives.com/assets/css/style-top.css
IP 66.29.146.34:0
Hash 555f3966c8e153a3420ec24c31723735
7f9236f0025cf15258dd1de9f84369ba33dcd710
fc276e693ceb537573d9769ddb2fdadf922b215dce48013aafaca988691d5a39
GET /assets/css/style-top.css HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: text/css
last-modified: Thu, 10 Jun 2021 22:17:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 265
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
allsolarincentives.com/assets/form/bootstrap.min.css
66.29.146.34200 OK 21 kB URL HTTP/2 allsolarincentives.com/assets/form/bootstrap.min.css
IP 66.29.146.34:0
File type ASCII text, with very long lines (65324)
Hash 5934a8d43b72e42a3b7cee2576433c8d
00f3e15c7dd2506f7b8094f4a6fc10c42adeeea0
be4fe5fb8981c681b615d7328f949d20b22ff4344d473ad8f96e0883f868deca
GET /assets/form/bootstrap.min.css HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: text/css
last-modified: Thu, 10 Jun 2021 22:17:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20694
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
allsolarincentives.com/assets/form/bootstrap-modal-ios.css
66.29.146.34200 OK 277 B URL HTTP/2 allsolarincentives.com/assets/form/bootstrap-modal-ios.css
IP 66.29.146.34:0
Hash 9591038e0025898cc7816767860fdbc1
15fa886da46d62af3a4411d065f0291110ec6e19
20b890c3b0e6047589d61196dcf6fee1593aaf2f20b34d3c4070847af01fb002
GET /assets/form/bootstrap-modal-ios.css HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: text/css
last-modified: Thu, 10 Jun 2021 22:17:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 277
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
allsolarincentives.com/assets/form/new.css
66.29.146.34200 OK 2.7 kB URL HTTP/2 allsolarincentives.com/assets/form/new.css
IP 66.29.146.34:0
Hash 5f4984fda4dbc7199e4c6427709237aa
e9f1b6a3d0b9baa1e8d64f9e068dc93af5a516b5
c009d1a3cd4a5d927aa6a623dfc535bd33eeb4d4cdffbef2c2ab036cab1bdb52
GET /assets/form/new.css HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: text/css
last-modified: Mon, 14 Jun 2021 21:25:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2675
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
allsolarincentives.com/assets/css/style-bottom.css
66.29.146.34200 OK 3.4 kB URL HTTP/2 allsolarincentives.com/assets/css/style-bottom.css
IP 66.29.146.34:0
Hash 2522713bb68abcece7f00f5187206b13
0f014d43144cb36f64feb528d2498d8cd007fde7
dc34e65e141f6c34514a09fe767529f5d507ee770436dda7599063f369fbded8
GET /assets/css/style-bottom.css HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: text/css
last-modified: Wed, 14 Jul 2021 22:32:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3426
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
allsolarincentives.com/assets/images/cropped-logo.png
66.29.146.34200 OK 6.7 kB URL HTTP/2 allsolarincentives.com/assets/images/cropped-logo.png
IP 66.29.146.34:0
File type PNG image data, 240 x 61, 8-bit/color RGBA, non-interlaced\012- data
Hash ecf5cd152a75ef25812bd215e6b8a015
b49043b0b2570ce79d0cde6787cb57316426dec9
dd1cbb5bbf1158e9f5d0212e0d1dfbde3c8c3e64c2499415992154df0de55fad
GET /assets/images/cropped-logo.png HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: image/png
last-modified: Thu, 10 Jun 2021 22:18:12 GMT
accept-ranges: bytes
content-length: 6727
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
allsolarincentives.com/assets/images/roof-1.png
66.29.146.34200 OK 17 kB URL HTTP/2 allsolarincentives.com/assets/images/roof-1.png
IP 66.29.146.34:0
File type PNG image data, 161 x 161, 8-bit/color RGB, non-interlaced\012- data
Hash 31da4638b549918f0628edceaea5e621
d585b21098f25ca441cb38763cbccc9ad2dbb8e4
c0f3ad1e6d1b6cd736bed7e3818e6c74f8c9da0d8b04844a089d6e044503405c
GET /assets/images/roof-1.png HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: image/png
last-modified: Thu, 10 Jun 2021 22:18:26 GMT
accept-ranges: bytes
content-length: 17258
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9cb459dbd26861c56bf637277b464094
8818bf4a985268875eaa7e8260c62663e9ac3559
aa2a0512e4a1686a690dbd219c977a79149478efaa17796dec84fb64281c87db
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AA2A0512E4A1686A690DBD219C977A79149478EFAA17796DEC84FB64281C87DB"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19313
Expires: Tue, 15 Nov 2022 08:34:35 GMT
Date: Tue, 15 Nov 2022 03:12:42 GMT
Connection: keep-alive
allsolarincentives.com/assets/images/roof-2.png
66.29.146.34200 OK 21 kB URL HTTP/2 allsolarincentives.com/assets/images/roof-2.png
IP 66.29.146.34:0
File type PNG image data, 161 x 161, 8-bit/color RGB, non-interlaced\012- data
Hash b76be140ead06173b2e5bf4524dd6062
b6bb0a28bbaf91736de6385543ca716c19b75558
b327f19e8b130fb2a69481d2fbeb5d9fd70b04f1ee0590fae7f4252d44b1a44c
GET /assets/images/roof-2.png HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: image/png
last-modified: Thu, 10 Jun 2021 22:18:30 GMT
accept-ranges: bytes
content-length: 21352
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
allsolarincentives.com/assets/images/roof-3.png
66.29.146.34200 OK 23 kB URL HTTP/2 allsolarincentives.com/assets/images/roof-3.png
IP 66.29.146.34:0
File type PNG image data, 161 x 161, 8-bit/color RGB, non-interlaced\012- data
Hash 8d769804d9e22071a3eef6eab7be78be
5edb2bb99a3d48b395fedf033f07d046b3f2a444
e7b570a45c96b82165e4d47007cf5ca7037b8adaaca0220c1ba18e2cbe4fbd63
GET /assets/images/roof-3.png HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: image/png
last-modified: Thu, 10 Jun 2021 22:18:30 GMT
accept-ranges: bytes
content-length: 22879
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
allsolarincentives.com/assets/images/patner-2.jpg
66.29.146.34200 OK 8.4 kB URL HTTP/2 allsolarincentives.com/assets/images/patner-2.jpg
IP 66.29.146.34:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 216x56, components 3\012- data
Hash 5af08e760f249ec0d47ea4d968f92730
a6c87372ae9e8f05a3a44ad9e77d2106a1c620dc
5543541017a9411fda32aff2515bdc566908318fb4f04f5d861f47a780b5ec93
GET /assets/images/patner-2.jpg HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: image/jpeg
last-modified: Thu, 10 Jun 2021 22:18:22 GMT
accept-ranges: bytes
content-length: 8381
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
allsolarincentives.com/assets/images/patner-3.jpg
66.29.146.34200 OK 11 kB URL HTTP/2 allsolarincentives.com/assets/images/patner-3.jpg
IP 66.29.146.34:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 216x56, components 3\012- data
Hash 1bd12ea43b64450f2c8c321217ea2c36
f1293ad4e0c43fd05ae0b6eac62f169bd0b2ddc0
3438c64ce188c5d4f2b5d33de91161b4b7d12a8780f69abdaa0d82941a0c31ce
GET /assets/images/patner-3.jpg HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: image/jpeg
last-modified: Thu, 10 Jun 2021 22:18:26 GMT
accept-ranges: bytes
content-length: 11340
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
allsolarincentives.com/assets/images/patner-4.jpg
66.29.146.34200 OK 11 kB URL HTTP/2 allsolarincentives.com/assets/images/patner-4.jpg
IP 66.29.146.34:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 216x56, components 3\012- data
Hash 3a2a271f4e7bd94e0a6f0d67d5ed9209
c024d6506c2327f840aaddc5bb7fe3ab5772f5ca
6a0ed5e5d1c6686958d0c14ec53d2862aac4b213f8b2086cc335b4c077df2ab3
GET /assets/images/patner-4.jpg HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: image/jpeg
last-modified: Thu, 10 Jun 2021 22:18:26 GMT
accept-ranges: bytes
content-length: 11350
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
allsolarincentives.com/assets/images/patner-5.jpg
66.29.146.34200 OK 8.1 kB URL HTTP/2 allsolarincentives.com/assets/images/patner-5.jpg
IP 66.29.146.34:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 216x56, components 3\012- data
Hash 61e90b9af1369912a03138ef82f9be26
c70b34cf42ac41a02a429a67a985658cded5756c
eb291a6c9a2662657fe6f90ed9e1da8908334c7a878839261397bcbdbb6452c8
GET /assets/images/patner-5.jpg HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: image/jpeg
last-modified: Thu, 10 Jun 2021 22:18:26 GMT
accept-ranges: bytes
content-length: 8073
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
allsolarincentives.com/assets/images/patner-1.jpg
66.29.146.34200 OK 9.5 kB URL HTTP/2 allsolarincentives.com/assets/images/patner-1.jpg
IP 66.29.146.34:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 216x56, components 3\012- data
Hash 9eb88a6fc34c17d1585d6c363b1b21ff
7586ac76617f1325f632c6ce560c7b291224c7b8
b1226072d8321954731801a8d20fb22cc1eb73718724c66354a043bf9b22ef7e
GET /assets/images/patner-1.jpg HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: image/jpeg
last-modified: Thu, 10 Jun 2021 22:18:22 GMT
accept-ranges: bytes
content-length: 9502
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
allsolarincentives.com/assets/images/ficon.png
66.29.146.34200 OK 3.6 kB URL HTTP/2 allsolarincentives.com/assets/images/ficon.png
IP 66.29.146.34:0
File type PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c6f090ac18f8b1381be7d4a38575929
f1ad72f8060d2b6b46d8dd71c731df8fce33c074
57d784eeddb3e5baa0e8e1add4fce2abe87e74a12dedba11def8ae4b6a0add40
GET /assets/images/ficon.png HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: image/png
last-modified: Thu, 10 Jun 2021 22:18:12 GMT
accept-ranges: bytes
content-length: 3586
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
allsolarincentives.com/assets/images/sicon.png
66.29.146.34200 OK 2.2 kB URL HTTP/2 allsolarincentives.com/assets/images/sicon.png
IP 66.29.146.34:0
File type PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash c88aa5bae8f109ac105899b7b7923eca
da8e04827bba4d4f3f2499dd555de409befa19bb
422ffd9f8d6441e2d990c594c803432b98e10a05caaca520164861915ac197e3
GET /assets/images/sicon.png HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: image/png
last-modified: Thu, 10 Jun 2021 22:18:32 GMT
accept-ranges: bytes
content-length: 2201
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
allsolarincentives.com/assets/js/bootstrap.min.js
66.29.146.34200 OK 14 kB URL HTTP/2 allsolarincentives.com/assets/js/bootstrap.min.js
IP 66.29.146.34:0
File type ASCII text, with very long lines (59895)
Hash 794d41c91c335425af557dd64d85b3d5
0412c5076a39eaf56200e560751e00d32e344f8e
3c5b97ff1a55efa7dd01be8ba08b98169903eab02f6ba1a7e3ff4ea86379cc78
Analyzer Verdict Alert fortinet Malware
GET /assets/js/bootstrap.min.js HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: application/javascript
last-modified: Thu, 10 Jun 2021 22:18:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14245
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9cb459dbd26861c56bf637277b464094
8818bf4a985268875eaa7e8260c62663e9ac3559
aa2a0512e4a1686a690dbd219c977a79149478efaa17796dec84fb64281c87db
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AA2A0512E4A1686A690DBD219C977A79149478EFAA17796DEC84FB64281C87DB"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19313
Expires: Tue, 15 Nov 2022 08:34:35 GMT
Date: Tue, 15 Nov 2022 03:12:42 GMT
Connection: keep-alive
allsolarincentives.com/assets/js/jquery.validate.min.js
66.29.146.34200 OK 6.5 kB URL HTTP/2 allsolarincentives.com/assets/js/jquery.validate.min.js
IP 66.29.146.34:0
File type Unicode text, UTF-8 text, with very long lines (20952)
Hash b64e76f99d74d19f9fc755b4f19a0141
8f7d328986f13d9700fa2e676306e3952c31b36f
39bcf6ec0c7b9ff847fc220cb9bb10b2e7d326eb816916e83462dd80a586564e
Analyzer Verdict Alert fortinet Malware
GET /assets/js/jquery.validate.min.js HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: application/javascript
last-modified: Thu, 10 Jun 2021 22:18:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6547
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
allsolarincentives.com/assets/js/additional-methods.min.js
66.29.146.34200 OK 5.2 kB URL HTTP/2 allsolarincentives.com/assets/js/additional-methods.min.js
IP 66.29.146.34:0
File type Unicode text, UTF-8 text, with very long lines (17654)
Hash fd1c3af9125934e4777da94567b82194
4704df75bb22aab0fc112c40b6db369ae563d888
f7f11307ed51bab10893095c162b47dd76dcaf39cbbd118220cfcf323b86dfff
Analyzer Verdict Alert fortinet Malware
GET /assets/js/additional-methods.min.js HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: application/javascript
last-modified: Thu, 10 Jun 2021 22:18:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5158
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
allsolarincentives.com/assets/js/form.js
66.29.146.34200 OK 648 B URL HTTP/2 allsolarincentives.com/assets/js/form.js
IP 66.29.146.34:0
File type ASCII text, with CRLF line terminators
Hash 137f964f984e0dc2d24065d428f3eaa8
7f5d68e5cc377d9867be6322095378a1f05faaf4
8921255daab7f2e8e519441b40b6b368c31a0291f792c73621cb34db9b0fa1ae
Analyzer Verdict Alert fortinet Malware
GET /assets/js/form.js HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: application/javascript
last-modified: Tue, 25 Oct 2022 12:20:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 648
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
allsolarincentives.com/assets/js/jquery.min.js
66.29.146.34200 OK 24 kB URL HTTP/2 allsolarincentives.com/assets/js/jquery.min.js
IP 66.29.146.34:0
File type ASCII text, with very long lines (65245)
Hash 10e9fb124ae79240559c555c4f5ad003
78a665be9dc0584d9fffd4b3666ad763653d6320
06be215c7cec84ae63d4a745aa979c940ec92c83f958f09f8c69b2579d8bf237
Analyzer Verdict Alert fortinet Malware
GET /assets/js/jquery.min.js HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: application/javascript
last-modified: Thu, 10 Jun 2021 22:18:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 24162
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
allsolarincentives.com/assets/js/jquery.inputmask.bundle.js
66.29.146.34200 OK 25 kB URL HTTP/2 allsolarincentives.com/assets/js/jquery.inputmask.bundle.js
IP 66.29.146.34:0
File type ASCII text, with very long lines (400)
Hash 5c608c2ce3ddafffc0cc4e19b7041f15
92a74d091e4b29a8ea69bdc5860943730ccb2dc6
8d75a0e8d04d80b18c5801ac8d88bc151fb0b588a759f5f0acffe1ced271d44e
Analyzer Verdict Alert fortinet Malware
GET /assets/js/jquery.inputmask.bundle.js HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/?reqid=2804482
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:41 GMT
content-type: application/javascript
last-modified: Thu, 10 Jun 2021 22:18:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 24791
date: Tue, 15 Nov 2022 03:12:41 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
allsolarincentives.com/assets/images/arrow_right.png
66.29.146.34200 OK 233 B URL HTTP/2 allsolarincentives.com/assets/images/arrow_right.png
IP 66.29.146.34:0
File type PNG image data, 17 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 9fb5ca6fbd2f9949fb5d68e5c8966ea9
7e4ec4275d47cea2801513e43826fc6c12325e05
bcbbec70db90a7e20c1142c535c5be0c3db1934a8efa45a6d1510093644c15f0
GET /assets/images/arrow_right.png HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/assets/css/style-bottom.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:42 GMT
content-type: image/png
last-modified: Thu, 10 Jun 2021 22:18:04 GMT
accept-ranges: bytes
content-length: 233
date: Tue, 15 Nov 2022 03:12:42 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f23c4f49929a851c61fb254701f7759c
49316a5558324db5961b0e74c789872c6a553f10
14a538833b713aca18a453b1cd9f0b9128980332b030bcef2694bacd12f65f98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=147263
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:12:42 GMT
Etag: "63729fe9-117"
Expires: Wed, 16 Nov 2022 20:07:05 GMT
Last-Modified: Mon, 14 Nov 2022 20:07:05 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f23c4f49929a851c61fb254701f7759c
49316a5558324db5961b0e74c789872c6a553f10
14a538833b713aca18a453b1cd9f0b9128980332b030bcef2694bacd12f65f98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4715
Cache-Control: max-age=151977
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:12:42 GMT
Etag: "63729fe9-117"
Expires: Wed, 16 Nov 2022 21:25:39 GMT
Last-Modified: Mon, 14 Nov 2022 20:07:05 GMT
Server: ECS (amb/6BB6)
X-Cache: HIT
Content-Length: 279
allsolarincentives.com/assets/images/banner.v2.jpg
66.29.146.34200 OK 210 kB URL HTTP/2 allsolarincentives.com/assets/images/banner.v2.jpg
IP 66.29.146.34:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1280, components 3\012- data
Size 210 kB (210342 bytes)
Hash 4b11f1626dddcb4a6b47eacf3b2a5766
2b24b3d70069492411a7aaa24f7a0c679deb8f2e
2e08e8101b4758a905961741a383b0a54cd8feaa9abe08291c5bda54e99f1865
GET /assets/images/banner.v2.jpg HTTP/1.1
Host: allsolarincentives.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/assets/css/style-bottom.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 03:12:42 GMT
content-type: image/jpeg
last-modified: Thu, 10 Jun 2021 22:18:08 GMT
accept-ranges: bytes
content-length: 210342
date: Tue, 15 Nov 2022 03:12:42 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
trk-keingent.com/scripts/push/script/l3e4o5mdvy?url=allsolarincentives.com&alturl=/
172.64.194.23200 OK 3.4 kB URL HTTP/2 trk-keingent.com/scripts/push/script/l3e4o5mdvy?url=allsolarincentives.com&alturl=/
IP 172.64.194.23:0
File type ASCII text, with very long lines (6940)
Hash d31135455c06fb280b4565a2cb120274
2e371ae87d9d24d84da22e77083aa79e5268841a
6f90718d3ff99ba19dd427ab6f8b0be5318353e899267a61fb435d1d15bf312c
GET /scripts/push/script/l3e4o5mdvy?url=allsolarincentives.com&alturl=/ HTTP/1.1
Host: trk-keingent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 03:12:42 GMT
content-type: application/javascript;charset=UTF-8
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dWLqkldGisRsbH5DEIHP2q9JQZNES8%2BmTLKpGMuHfOYoZaZNjLHpj2vOxEjFLKHpfPkWM0mWsh38yDpwzyEnlKRbk%2FHkdEnlklq619vh3S7Vfk0cbBPTJYTzfXdMheSd0CSA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a4ce888e8c770d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash a0b544ec357b1e602b3d99d648055cd0
fd3eda212f7084b999d68774c57fa78d40295a83
0c81115970e983f26a047024ee9f90c827eaabb116e4b2359c8ce987faebbde0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154422
Date: Tue, 15 Nov 2022 03:12:43 GMT
Etag: "6372b947-1d7"
Expires: Wed, 16 Nov 2022 22:06:25 GMT
Last-Modified: Mon, 14 Nov 2022 21:55:19 GMT
Server: ECS (dcb/7EC9)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4erpJKuBwWobOFrR1ZPX54RoevB128JR5O5ZWZW2Yh2HEvsRiSsXhQ==
Age: 666
api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16684819627980.7051223161904879
52.71.143.120301 Moved Permanently 134 B URL HTTP/2 api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16684819627980.7051223161904879
IP 52.71.143.120:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16684819627980.7051223161904879 HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Tue, 15 Nov 2022 03:12:43 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16684819627980.7051223161904879
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 763edc6d8f62602fc3867139d393815f
e0c706f928bd8642b7f46d67649bcb54af82a421
495d1e331201aa9951d6d4e99cd41242567046bf01501f840b5bd034b2d6e02c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=88205
Date: Tue, 15 Nov 2022 03:12:43 GMT
Etag: "6371b938-1d7"
Expires: Wed, 16 Nov 2022 03:42:48 GMT
Last-Modified: Mon, 14 Nov 2022 03:42:48 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vtCZ2NQp_EfHccisYis8MNk-V0mBToliJdlv1kLdGLJhtbroM3yXcA==
event.trk-keingent.com/register/event_log/l4ev5rz2g1
172.64.195.23200 OK 0 B URL HTTP/2 event.trk-keingent.com/register/event_log/l4ev5rz2g1
IP 172.64.195.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /register/event_log/l4ev5rz2g1 HTTP/1.1
Host: event.trk-keingent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://allsolarincentives.com/
Origin: https://allsolarincentives.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 03:12:43 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://allsolarincentives.com
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9FK6H20CgAx2PJn1vOTAp6RvDeKVebsSZ%2FQTv%2F5YSwmb5AsODNVx3JD%2F5IdbtH6VZkLYORRgZ02skmUu07URqSFXcxBk0WZro%2BwINdOfv4VS36vzF1RA75NDgUY0LDZ3JJxtIubqqi4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a4ce8e8ae2888b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash fe1189728d7813e9af88c6d47db306f6
586d5b37118d89faa0345e3418de0c0c13431dff
ca7c41280016424cf43579ad969c7762187f4fcd1dbd49549ca71cfff197d0f9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=121466
Date: Tue, 15 Nov 2022 03:12:43 GMT
Etag: "637230d6-1d7"
Expires: Wed, 16 Nov 2022 12:57:09 GMT
Last-Modified: Mon, 14 Nov 2022 12:13:10 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mJMRQIej4_Krb8g_7hebHDKNMKjP6GPmHseRPA2EPUidAIinFwf2cA==
Age: 2639
event.trk-keingent.com/register/event_log/l4ev5rz2g1
172.64.195.23200 OK 0 B URL HTTP/2 event.trk-keingent.com/register/event_log/l4ev5rz2g1
IP 172.64.195.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /register/event_log/l4ev5rz2g1 HTTP/1.1
Host: event.trk-keingent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allsolarincentives.com/
Content-type: application/json
Origin: https://allsolarincentives.com
Content-Length: 313
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 03:12:43 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params:
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: DENY
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://allsolarincentives.com
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlOF0h1HHX2mT1KF49kCh2ua%2FQQuPAMBwbcfK6180%2F31D07MsQAKVHfkwwe%2FG%2Fv5517%2Fl%2Fxk2edqf3hv0C3K0C%2FId%2FnuOubEtP8ejZB9FXpU6WhoWevHDd3KPvW83BJV5NbE5Jh%2BVOIK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a4ce90bc6a888b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d2m2wsoho8qq12.cloudfront.net/iframe.html?token=BBFDF4B9-0213-3056-163A-511B223069D4&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=AB1E69ED-E8BB-83D1-7ED3-96E3E663C438&lac=F40D8E20-41F1-B4BD-E8A5-306E058A694D
54.230.245.35200 OK 1.4 kB URL HTTP/1.1 d2m2wsoho8qq12.cloudfront.net/iframe.html?token=BBFDF4B9-0213-3056-163A-511B223069D4&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=AB1E69ED-E8BB-83D1-7ED3-96E3E663C438&lac=F40D8E20-41F1-B4BD-E8A5-306E058A694D
IP 54.230.245.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ef825b8a88a51cd76a51d08dfc1d4f99
5bf247bd91a4be0c3b76a70ec8e5e462de0e9f3b
2ac453ec379c3e7b0fa69b810ecf2d6771de3e7611a2599a20f8e8ce9a240af1
GET /iframe.html?token=BBFDF4B9-0213-3056-163A-511B223069D4&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=AB1E69ED-E8BB-83D1-7ED3-96E3E663C438&lac=F40D8E20-41F1-B4BD-E8A5-306E058A694D HTTP/1.1
Host: d2m2wsoho8qq12.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Wed, 12 Oct 2022 20:15:04 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Mon, 14 Nov 2022 04:59:37 GMT
ETag: W/"63472048-dbb"
X-Cache: Hit from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WdmJhcKZ952V-yUnsFn_Sp7caCXq5E5GWhrKIs5rswR_syNXrd4DYg==
Age: 80116
api.trustedform.com/certs
52.71.143.120201 Created 475 B URL HTTP/2 api.trustedform.com/certs
IP 52.71.143.120:0
File type JSON data\012- , ASCII text, with very long lines (475), with no line terminators
Hash 2f6bde756e977452ac19cd5048112917
8d82570618aa1429888306cd64093035408b88fb
1259df93ebc1eccdb0406b517e31e14eaa07fd11c8d1292ea395c376b0e5ff2a
POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 604
Origin: https://allsolarincentives.com
Connection: keep-alive
Referer: https://allsolarincentives.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 201 Created
date: Tue, 15 Nov 2022 03:12:44 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=3&pid=0eb21a8a-e74e-4764-b520-91e1175870f2&token=BBFDF4B9-0213-3056-163A-511B223069D4&_=254199612
54.156.11.63200 OK 1.8 kB URL HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=3&pid=0eb21a8a-e74e-4764-b520-91e1175870f2&token=BBFDF4B9-0213-3056-163A-511B223069D4&_=254199612
IP 54.156.11.63:0
Hash 0b3936b6be9309b880c7435d7c6f8f3b
ffd6879ec7259281f36e1fd11806e94bca3e2897
8ee91f322943c543d7a5547c068daa0d2053f96eed55c7032ae6c0a12be907de
POST /2.11.9/InitFormData?msn=3&pid=0eb21a8a-e74e-4764-b520-91e1175870f2&token=BBFDF4B9-0213-3056-163A-511B223069D4&_=254199612 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 5854
Origin: https://allsolarincentives.com
Connection: keep-alive
Referer: https://allsolarincentives.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 03:12:44 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Thu, 15-Dec-2022 03:12:44 GMT; Max-Age=2592000; path=/
rguserid=a9307061-81db-4e61-8f12-949abc2bc469; expires=Thu, 15-Dec-2022 03:12:44 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Thu, 15-Dec-2022 03:12:44 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Thu, 15-Dec-2022 03:12:44 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 660002ceb9573e9a328b87b16ac97e0c
117f14d6f1e1dc329b92f65c7c5cd9fb29e3778a
667981a25235914efeb6f620fe1bd639f687aaf47d738fd8e90d56c5e705f5e2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152683
Date: Tue, 15 Nov 2022 03:12:44 GMT
Etag: "6372ac9b-1d7"
Expires: Wed, 16 Nov 2022 21:37:27 GMT
Last-Modified: Mon, 14 Nov 2022 21:01:15 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nXwVP4Yiv0wppGSs0_dLyfAq9BKjafMh3dkFPJSmLNr9Kdbf-BVRQw==
Age: 2172
cdn.trustedform.com/trustedform-1.8.30.js
54.230.111.91200 OK 37 kB URL HTTP/2 cdn.trustedform.com/trustedform-1.8.30.js
IP 54.230.111.91:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 14487f8960e61adf6ea2ea56a2c0fc4b
95c5c211d96b16b85dd2e7e73ea2074181af33a1
1af41182c48fe7c1f3603dafa7c97803ed41b063a7ee84f566a7eaaff374e41d
GET /trustedform-1.8.30.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 17:48:28 GMT
x-amz-version-id: C4KqA2Ml8NtIH1tcFWoBNv3GWDN3hi8K
server: AmazonS3
content-encoding: gzip
date: Tue, 15 Nov 2022 03:12:44 GMT
etag: W/"a5b5dad6197e972a745a719bfccfb334"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dK0x6mCDesZdZsiW1ohrLg4z3ioGHrlfMAnS3S_247eZPPIrpt-Zdw==
age: 21
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/SaveDom?msn=2&pid=0eb21a8a-e74e-4764-b520-91e1175870f2&token=BBFDF4B9-0213-3056-163A-511B223069D4&_=254199611
54.156.11.63200 OK 20 B URL HTTP/2 create.leadid.com/2.11.9/SaveDom?msn=2&pid=0eb21a8a-e74e-4764-b520-91e1175870f2&token=BBFDF4B9-0213-3056-163A-511B223069D4&_=254199611
IP 54.156.11.63:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /2.11.9/SaveDom?msn=2&pid=0eb21a8a-e74e-4764-b520-91e1175870f2&token=BBFDF4B9-0213-3056-163A-511B223069D4&_=254199611 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 512
Origin: https://allsolarincentives.com
Connection: keep-alive
Referer: https://allsolarincentives.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 03:12:44 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Thu, 15-Dec-2022 03:12:44 GMT; Max-Age=2592000; path=/
rguserid=27c5f242-8de7-4a85-86f1-20d5df976c88; expires=Thu, 15-Dec-2022 03:12:44 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Thu, 15-Dec-2022 03:12:44 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Thu, 15-Dec-2022 03:12:44 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 51829e6b1434869de81c68e38e5a4aab
aca26507016e09ad61c529613943664a2d2934cf
841e31b18433970c0b7179c4f0363072a0e7081b209a30a5f525f396ea1f5d93
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107141
Date: Tue, 15 Nov 2022 03:12:45 GMT
Etag: "6371eec9-1d7"
Expires: Wed, 16 Nov 2022 08:58:26 GMT
Last-Modified: Mon, 14 Nov 2022 07:31:21 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CkaqZBSLR10wzpUEOdliGyVVSxD0KNPS5mzyHs0j9_ypVnNOwQQ42A==
Age: 5225
deviceid.trueleadid.com/iframe.html?token=BBFDF4B9-0213-3056-163A-511B223069D4&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=AB1E69ED-E8BB-83D1-7ED3-96E3E663C438&lac=F40D8E20-41F1-B4BD-E8A5-306E058A694D
34.203.181.97200 OK 1.8 kB URL HTTP/2 deviceid.trueleadid.com/iframe.html?token=BBFDF4B9-0213-3056-163A-511B223069D4&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=AB1E69ED-E8BB-83D1-7ED3-96E3E663C438&lac=F40D8E20-41F1-B4BD-E8A5-306E058A694D
IP 34.203.181.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4108)
Hash ddb5ad0198d97f3c166b60bf4295067d
116827155a07e10f1f1da596c3bac1ab7c8d8125
6ec09f3cd81522d2f0990469525a3a7cfd6e112b938344656b4d8e11e4a4eccb
GET /iframe.html?token=BBFDF4B9-0213-3056-163A-511B223069D4&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=AB1E69ED-E8BB-83D1-7ED3-96E3E663C438&lac=F40D8E20-41F1-B4BD-E8A5-306E058A694D HTTP/1.1
Host: deviceid.trueleadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 03:12:44 GMT
content-type: text/html
server: nginx
last-modified: Thu, 22 Sep 2022 15:32:09 GMT
etag: W/"632c7ff9-1049"
expires: Wed, 16 Nov 2022 03:12:44 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: max-age=86400, public
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b12e479-a09c-431c-aecf-6e63c60a01f1.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b12e479-a09c-431c-aecf-6e63c60a01f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe4f5dc12e097182fed4de0161bc5b8a
746804d683bea55f44d5f6456a7e69d0048e4f58
d8a2095cd57455bab301ae68b7478997f3db056039886d85301eb85d7d196cf4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b12e479-a09c-431c-aecf-6e63c60a01f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5882
x-amzn-requestid: a9d913e4-c9c1-4054-a9ff-c5ff5287c854
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhQZ2H2loAMFsmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6370610b-63cf663851f2e04b7f2cb70a;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:14:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 0DjdK2du8K9O1d0rcWaDO6yqWBuHYSSiEJmscryUraTH73vwcwubNg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 03:32:26 GMT
age: 85221
etag: "746804d683bea55f44d5f6456a7e69d0048e4f58"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dd31c5-7b83-42d7-b534-fb8391ac7086.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dd31c5-7b83-42d7-b534-fb8391ac7086.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e02b1cef4506be68e4a6fb309a88698c
7da0425161b8c34ccf9837a56bf77d498cdb65ad
c886c7d128895c62a8ecde5202f4383d22555298d78ef91d63b5d3ebedf448a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dd31c5-7b83-42d7-b534-fb8391ac7086.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: 528e9b30-ba34-4aef-b5b0-71cad9580bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bKuo_EXhoAMFtEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63675e39-71222ac908406eeb061848f2;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 07:11:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vjOM-57TBG0yPsmFlS2ch7_ylKWffHpajgmCM7A7dVxQetoKYPXo6w==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:47:57 GMT
age: 19491
etag: "7da0425161b8c34ccf9837a56bf77d498cdb65ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
create.lidstatic.com/campaign/fc0690c0-0564-e295-a5f5-a161835c894f.js?snippet_version=2
104.22.39.182200 OK 0 B URL HTTP/2 create.lidstatic.com/campaign/fc0690c0-0564-e295-a5f5-a161835c894f.js?snippet_version=2
IP 104.22.39.182:0
GET /campaign/fc0690c0-0564-e295-a5f5-a161835c894f.js?snippet_version=2 HTTP/1.1
Host: create.lidstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 03:12:43 GMT
content-type: text/javascript
x-amz-id-2: 9CsvSYtXfpBo+I7zA2U7bR7Mv9EZovHoqHieg3C2aEBcdi7IoLFRaEMJlTti6gXRMRycdQ6MpxU=
x-amz-request-id: 54752Q56P9HM4S82
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Nov 2021 01:29:28 GMT
etag: W/"a6c7ac3853f405ee86360e1e7cae6877"
cache-control: max-age=1800
x-amz-version-id: 9eo3W8._zntZ4j.NDzuhZaRXb.6ja.Q2
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a4ce8c9b9d9906-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16684819627980.7051223161904879
54.230.111.91200 OK 0 B URL HTTP/2 cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16684819627980.7051223161904879
IP 54.230.111.91:0
GET /bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16684819627980.7051223161904879 HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://allsolarincentives.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 03:12:44 GMT
last-modified: Mon, 24 Oct 2022 17:48:28 GMT
x-amz-version-id: zf4ijuzvSsU0Tal.ZZJLDHqE7VqwjEi9
etag: W/"647d5353b63df3b4ed201da87c98cc2d"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uoIGYuST3GsOqpMV_kJO0A2rBiUXeGTGfYuVXxRczrdS32BiwIiEyw==
X-Firefox-Spdy: h2
info.leadid.com/info?msn=5&pid=0eb21a8a-e74e-4764-b520-91e1175870f2&token=BBFDF4B9-0213-3056-163A-511B223069D4&_=254199614
100.24.130.233200 OK 0 B URL HTTP/2 info.leadid.com/info?msn=5&pid=0eb21a8a-e74e-4764-b520-91e1175870f2&token=BBFDF4B9-0213-3056-163A-511B223069D4&_=254199614
IP 100.24.130.233:0
POST /info?msn=5&pid=0eb21a8a-e74e-4764-b520-91e1175870f2&token=BBFDF4B9-0213-3056-163A-511B223069D4&_=254199614 HTTP/1.1
Host: info.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 541
Origin: https://allsolarincentives.com
Connection: keep-alive
Referer: https://allsolarincentives.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 03:12:45 GMT
content-type: text/plain;charset=UTF-8
server: nginx
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=6&pid=0eb21a8a-e74e-4764-b520-91e1175870f2&token=BBFDF4B9-0213-3056-163A-511B223069D4&_=254199616
54.156.11.63200 OK 0 B URL HTTP/2 create.leadid.com/2.11.9/Snap?msn=6&pid=0eb21a8a-e74e-4764-b520-91e1175870f2&token=BBFDF4B9-0213-3056-163A-511B223069D4&_=254199616
IP 54.156.11.63:0
POST /2.11.9/Snap?msn=6&pid=0eb21a8a-e74e-4764-b520-91e1175870f2&token=BBFDF4B9-0213-3056-163A-511B223069D4&_=254199616 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 44299
Origin: https://allsolarincentives.com
Connection: keep-alive
Referer: https://allsolarincentives.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 03:12:45 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Thu, 15-Dec-2022 03:12:45 GMT; Max-Age=2592000; path=/
rguserid=16c476ed-fc2e-44d9-8b17-c6575bd3e6ea; expires=Thu, 15-Dec-2022 03:12:45 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Thu, 15-Dec-2022 03:12:45 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Thu, 15-Dec-2022 03:12:45 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/SaveDeviceId.js?lac=F40D8E20-41F1-B4BD-E8A5-306E058A694D&lck=AB1E69ED-E8BB-83D1-7ED3-96E3E663C438&methods=48&token=BBFDF4B9-0213-3056-163A-511B223069D4&uuid=87dab9c8e67f4f5a87d9e81a228a5fdd
54.156.11.63200 OK 0 B URL HTTP/2 create.leadid.com/2.11.9/SaveDeviceId.js?lac=F40D8E20-41F1-B4BD-E8A5-306E058A694D&lck=AB1E69ED-E8BB-83D1-7ED3-96E3E663C438&methods=48&token=BBFDF4B9-0213-3056-163A-511B223069D4&uuid=87dab9c8e67f4f5a87d9e81a228a5fdd
IP 54.156.11.63:0
GET /2.11.9/SaveDeviceId.js?lac=F40D8E20-41F1-B4BD-E8A5-306E058A694D&lck=AB1E69ED-E8BB-83D1-7ED3-96E3E663C438&methods=48&token=BBFDF4B9-0213-3056-163A-511B223069D4&uuid=87dab9c8e67f4f5a87d9e81a228a5fdd HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deviceid.trueleadid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 03:12:44 GMT
content-type: text/javascript;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Thu, 15-Dec-2022 03:12:44 GMT; Max-Age=2592000; path=/
rguserid=24715ea3-4ba5-4204-bde9-a5a7c102f2ce; expires=Thu, 15-Dec-2022 03:12:44 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Thu, 15-Dec-2022 03:12:44 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Thu, 15-Dec-2022 03:12:44 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.lidstatic.com/campaign/ab1e69ed-e8bb-83d1-7ed3-96e3e663c438.js?snippet_version=2
104.22.39.182200 OK 0 B URL HTTP/2 create.lidstatic.com/campaign/ab1e69ed-e8bb-83d1-7ed3-96e3e663c438.js?snippet_version=2
IP 104.22.39.182:0
GET /campaign/ab1e69ed-e8bb-83d1-7ed3-96e3e663c438.js?snippet_version=2 HTTP/1.1
Host: create.lidstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allsolarincentives.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 03:12:43 GMT
content-type: text/javascript
x-amz-id-2: hJivKAntJk2d2/SwC4VBeS0F2YmXIP23zZjguSSYlONjp/Pn+T0sXuygNiqlyiZTRwkduD8T43Y=
x-amz-request-id: 5472W9V0G9H2C4C6
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Nov 2021 01:04:08 GMT
etag: W/"92009d655f15883690eb08e4789b3fbc"
cache-control: max-age=1800
x-amz-version-id: MP6u_s_mhViOgBnCmvJMe8MBN4AykkRK
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a4ce8c8b9b9906-ARN
content-encoding: gzip
X-Firefox-Spdy: h2