rallycu.com/covidresponse/
141.193.213.21301 Moved Permanently 162 B URL HTTP/1.1 rallycu.com/covidresponse/
IP 141.193.213.21:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS Severity Alert suricata medium ET HUNTING Suspicious GET Request with Possible COVID-19 URI M1
GET /covidresponse/ HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 09 Feb 2023 15:32:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://rallycu.com/covidresponse/
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796da8dd7b1d0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 408d1564e8f59e6626e41be4106ce2e6
4149a1f17e8f7c446e7aa4963f3a49b6a00b6164
46e2e79c7977854058dec9cde88f963dd498dd235c3bb15b39a9e5ce1027d7fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E2E79C7977854058DEC9CDE88F963DD498DD235C3BB15B39A9E5CE1027D7FE"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8303
Expires: Thu, 09 Feb 2023 17:51:09 GMT
Date: Thu, 09 Feb 2023 15:32:46 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2388
Expires: Thu, 09 Feb 2023 16:12:34 GMT
Date: Thu, 09 Feb 2023 15:32:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 14:34:15 GMT
content-type: application/json
age: 3511
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 50a2f8cdbbd1059f5318753155bba7ef
405e63ea4683be44f876feae34b5cb645ff751f2
f6ac743a5a17d64d2858fec5791050d2dc8074ddd823826c93e67bffdb2f0868
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6AC743A5A17D64D2858FEC5791050D2DC8074DDD823826C93E67BFFDB2F0868"
Last-Modified: Thu, 09 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8502
Expires: Thu, 09 Feb 2023 17:54:28 GMT
Date: Thu, 09 Feb 2023 15:32:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Pu7Li3p2pevJ0WSafmjX2alk7Az4tEOC0YHy2lL4XiJPYOWztvah2F8NzhhRqaUvucCWeUAZBXU=
x-amz-request-id: V3QP995XW1XBY3QA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 14:46:26 GMT
age: 2780
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c56418bec578e9125f5132212c351750
90383871ec7459f8d35b2d1646aba6ea1bca516f
32839d1a337017df52c0cdf8819cb26073c6c77a9c3a2f6d7e8cb34296b80976
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6016
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:46 GMT
Last-Modified: Thu, 09 Feb 2023 13:52:30 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 15:32:46 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 07988edcea4d42196745acce6d85b6c6
5ba931eb112d881cea6506fac80b6bb51bf76af2
2a948439a9910bb395b796fff9f498ca6fa9c7ebcd6112a9670abf4045118459
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=130201
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:46 GMT
Etag: "63e46bb7-1d7"
Expires: Sat, 11 Feb 2023 03:42:47 GMT
Last-Modified: Thu, 09 Feb 2023 03:42:47 GMT
Server: nginx
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 15:14:53 GMT
age: 1074
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c56418bec578e9125f5132212c351750
90383871ec7459f8d35b2d1646aba6ea1bca516f
32839d1a337017df52c0cdf8819cb26073c6c77a9c3a2f6d7e8cb34296b80976
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6017
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:47 GMT
Last-Modified: Thu, 09 Feb 2023 13:52:30 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 07988edcea4d42196745acce6d85b6c6
5ba931eb112d881cea6506fac80b6bb51bf76af2
2a948439a9910bb395b796fff9f498ca6fa9c7ebcd6112a9670abf4045118459
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=130201
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:47 GMT
Etag: "63e46bb7-1d7"
Expires: Sat, 11 Feb 2023 03:42:48 GMT
Last-Modified: Thu, 09 Feb 2023 03:42:47 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
rallycu.com/wp-content/uploads/23493_NA_20_New-Website_icons-77.png
141.193.213.20200 OK 822 B URL HTTP/2 rallycu.com/wp-content/uploads/23493_NA_20_New-Website_icons-77.png
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9f01e031b242b780565bf19bc31ccb75
76c8410181bdd325e9102b456af3056aed859c89
45e662d3ca78c38698ad948eb6ef60545a0123d5f93327700763198301b21ce5
GET /wp-content/uploads/23493_NA_20_New-Website_icons-77.png HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: image/webp
content-length: 822
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2886
content-disposition: inline; filename="23493_NA_20_New-Website_icons-77.webp"
etag: "63924cce-b46"
last-modified: Thu, 08 Dec 2022 20:45:02 GMT
vary: Accept
cf-cache-status: HIT
age: 122351
accept-ranges: bytes
server: cloudflare
cf-ray: 796da8e33823b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-content/themes/mdr-emerald-child/images/NCUA.png
141.193.213.20200 OK 9.4 kB URL HTTP/2 rallycu.com/wp-content/themes/mdr-emerald-child/images/NCUA.png
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2e83f55f7bc5dd1ba2f5fd6349e6cdad
3cf464ea2674d39dbe3ae951815ac0cfc83671b2
6277de27cb0de185bb5861de7bd6d3a4093e054adf78f26e3f43340dfb116872
GET /wp-content/themes/mdr-emerald-child/images/NCUA.png HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: image/webp
content-length: 9422
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=19606
content-disposition: inline; filename="NCUA.webp"
etag: "638fc6eb-4c96"
last-modified: Tue, 06 Dec 2022 22:49:15 GMT
vary: Accept
cf-cache-status: HIT
age: 122351
accept-ranges: bytes
server: cloudflare
cf-ray: 796da8e33828b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-content/themes/mdr-emerald-child/images/logo-ehl.png
141.193.213.20200 OK 1.1 kB URL HTTP/2 rallycu.com/wp-content/themes/mdr-emerald-child/images/logo-ehl.png
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
File type RIFF (little-endian) data, Web/P image\012- data
Hash a777024edeb10b319d4844e5c7de7af8
cc57c0d3333db8eee535963f4eae0c4320baa272
97f3e330ee66086fccfbd30d06e67811438d33d6c6148f271122835959721098
GET /wp-content/themes/mdr-emerald-child/images/logo-ehl.png HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: image/webp
content-length: 1128
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2844
content-disposition: inline; filename="logo-ehl.webp"
etag: "638fc6dd-b1c"
last-modified: Tue, 06 Dec 2022 22:49:01 GMT
vary: Accept
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 796da8e3382ab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8ba328ca1dafc69ce7b7537cdc89616d
7ff4ddc85601ddb20d852b3b70e152ebb63e439d
27a975bedc82774262e4da67a21436afb618fc1ba3a9a29ca78401e812266929
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1157
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:47 GMT
Last-Modified: Thu, 09 Feb 2023 15:13:31 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
rallycu.com/wp-includes/js/dist/token-list.min.js?ver=f2cf0bb3ae80de227e43
141.193.213.20200 OK 888 B URL HTTP/2 rallycu.com/wp-includes/js/dist/token-list.min.js?ver=f2cf0bb3ae80de227e43
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (1482)
Hash 555d656aa3ac9e385bfce3c2b0a3f132
b1079c24a1fe27ac0f815bad3d2b78e4dd35eea8
d318b78c876fc79277ef5ceb950e6fc8cdb3503a478ef6f7700340e39681015f
GET /wp-includes/js/dist/token-list.min.js?ver=f2cf0bb3ae80de227e43 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
etag: W/"6329dfa1-5ed"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e31ff4b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
141.193.213.20200 OK 3.0 kB URL HTTP/2 rallycu.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (6475), with no line terminators
Hash 90fe9a644c3ce5ec5626bea9b7c59264
74238a05027fa7d1a138cc8667baa4c8d1318be7
eb6adc898cc0cc834d9af27735702673df94c9baa75ea3145cd1aa30e90ffee9
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-194b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e2cf7fb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rallycu.com/wp-content/themes/mdr-emerald/js/theme.js?ver=6.1.1
141.193.213.20200 OK 4.7 kB URL HTTP/2 rallycu.com/wp-content/themes/mdr-emerald/js/theme.js?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (1281)
Hash 01f654bf9e76887a03e3eb7cac11fb87
db451e7d78d2c6c170da474db66cd6994319d2f5
5c8c12bc9ab8ba804f49af3fc43b855f735375d5c4b5a1cc28c3ee18901ffecc
GET /wp-content/themes/mdr-emerald/js/theme.js?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 19:59:56 GMT
etag: W/"638e4dbc-2f96"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e3381fb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.typekit.net/lis2nas.css?ver=6.1.1
23.33.119.19200 OK 590 B URL HTTP/2 use.typekit.net/lis2nas.css?ver=6.1.1
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (516)
Hash 73d789c5cac4d573044183fb6a590827
9e780d2b95e30243f0fc1a6faccab53e96fdff82
244d63f30509d88d38fed43f39ca1ea4e5d5b454928c503a688d16340dc251a0
GET /lis2nas.css?ver=6.1.1 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 590
date: Thu, 09 Feb 2023 15:32:47 GMT
X-Firefox-Spdy: h2
rallycu.com/wp-content/themes/mdr-emerald/js/holder.js?ver=6.1.1
141.193.213.20200 OK 24 kB URL HTTP/2 rallycu.com/wp-content/themes/mdr-emerald/js/holder.js?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
Hash 433b755654617cd72ec22cd8c2086772
bb8d62a73abf05d1760d1560683af5c1e2633c74
d9e0b70d9609f970c6109f207483936672fa655320ab510f66514995be80ae08
GET /wp-content/themes/mdr-emerald/js/holder.js?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 19:59:56 GMT
etag: W/"638e4dbc-15766"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e37886b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/canvas-confetti@1.5.1/dist/confetti.browser.min.js?ver=6.1.1
151.101.1.229200 OK 3.2 kB URL HTTP/2 cdn.jsdelivr.net/npm/canvas-confetti@1.5.1/dist/confetti.browser.min.js?ver=6.1.1
IP 151.101.1.229:0
File type Unicode text, UTF-8 text, with very long lines (7300)
Hash 8c7bb3cd43546a1017cead21943bc570
99041d81fccb262f608e763f822ccfb0d8827d5a
5b7628255b5e0ebfad3f0a860e54b22aebfde9f38a052e702841c58b4adf1c53
GET /npm/canvas-confetti@1.5.1/dist/confetti.browser.min.js?ver=6.1.1 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.5.1
x-jsd-version-type: version
etag: W/"1de0-UIAA/uYa9lVGoI0bAGaN5RkevyY"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 09 Feb 2023 15:32:47 GMT
age: 6084643
x-served-by: cache-fra-eddf8230059-FRA, cache-bma1675-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3240
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8ba328ca1dafc69ce7b7537cdc89616d
7ff4ddc85601ddb20d852b3b70e152ebb63e439d
27a975bedc82774262e4da67a21436afb618fc1ba3a9a29ca78401e812266929
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1157
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:47 GMT
Last-Modified: Thu, 09 Feb 2023 15:13:31 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rallycu.com/wp-content/themes/mdr-emerald/js/jquery.countTo.js?ver=6.1.1
141.193.213.20200 OK 2.6 kB URL HTTP/2 rallycu.com/wp-content/themes/mdr-emerald/js/jquery.countTo.js?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
Hash 47c90b2bfafcfda98b9d2b0d9faa7360
c3e32b12b82b1fe241226f3f17865a794de114ea
cf08246abd029766d1077f0dbbae2136051feada197058eb5b2dd3dfee37c65c
GET /wp-content/themes/mdr-emerald/js/jquery.countTo.js?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 19:59:56 GMT
etag: W/"638e4dbc-eb0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e36864b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 6cf793feda8320c5a8e50261f3fecf9f
9237734a85dd812ece2a5c08f2905878851480df
3082e88516650a9b4d0c03879ca46d22187bd1a743f0670803726c5c58390155
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2577
Cache-Control: max-age=163021
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:47 GMT
Etag: "63e4e1db-118"
Expires: Sat, 11 Feb 2023 12:49:48 GMT
Last-Modified: Thu, 09 Feb 2023 12:06:51 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280
rallycu.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.2
141.193.213.20200 OK 7.2 kB URL HTTP/2 rallycu.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.2
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (15446)
Hash 14a3aaddf69561e3d5b8d67c813b5303
dea3273ddb864a292cd816232e07d927896583d7
db7bbba5f40a21636d30bb376649e0550f34e6f5b91c09290265bb424778e853
GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.13.2 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
etag: W/"632e0f32-43ba"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e36863b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
p.typekit.net/p.css?s=1&k=ghk6jve&ht=tk&f=169.170&a=87754449&app=typekit&e=css
23.36.76.184200 OK 2.0 kB URL HTTP/2 p.typekit.net/p.css?s=1&k=ghk6jve&ht=tk&f=169.170&a=87754449&app=typekit&e=css
IP 23.36.76.184:0
ASN #20940 Akamai International B.V.
Hash 0e196878265f499c1775cfdd273fad46
29b06f374aaf66a78bbe550e6ba0295e368d7aa7
dc0f61b9437766234960292d6ff20845c28b5c452d30ae78a957e0560ae751b0
GET /p.css?s=1&k=ghk6jve&ht=tk&f=169.170&a=87754449&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Thu, 28 Jul 2022 22:24:50 GMT
etag: "62e30cb2-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Thu, 09 Feb 2023 15:32:47 GMT
X-Firefox-Spdy: h2
rallycu.com/wp-content/themes/mdr-emerald/lib/owl-carousel/owl.carousel.min.js?ver=6.1.1
141.193.213.20200 OK 12 kB URL HTTP/2 rallycu.com/wp-content/themes/mdr-emerald/lib/owl-carousel/owl.carousel.min.js?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (32000)
Hash 8c6262ef37865e2f649b1946edf88d46
271cfef8158843d62f95cd448c20addd495da9fb
1014c6cbb0c70e4679bb5c2d87a357fe00075f43049ff0b6ad5e2c53c416d930
GET /wp-content/themes/mdr-emerald/lib/owl-carousel/owl.carousel.min.js?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 19:59:56 GMT
etag: W/"638e4dbc-a70e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122351
server: cloudflare
cf-ray: 796da8e37887b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.glia.com/salemove_integration.js
54.230.111.39200 OK 8.8 kB URL HTTP/2 api.glia.com/salemove_integration.js
IP 54.230.111.39:0
File type ASCII text, with very long lines (8817), with no line terminators
Hash 8fbf3720d25bde79ccad301ab0a57770
284c0580081d07ce07cb228a426b282d1c23ef50
4996a669924fcb34708faf10f65ed249873a10eaf1270391ac0d426477d1a391
GET /salemove_integration.js HTTP/1.1
Host: api.glia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 8817
last-modified: Wed, 08 Feb 2023 20:48:34 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
date: Thu, 09 Feb 2023 15:30:01 GMT
etag: "8fbf3720d25bde79ccad301ab0a57770"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bDvyuVbsZnx09tmYeNEiEqi7fH7r7EsuoxbsrFOSRXx_Oj4_AuNn1g==
age: 193
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/jquery/ui/checkboxradio.min.js?ver=1.13.2
141.193.213.20200 OK 1.9 kB URL HTTP/2 rallycu.com/wp-includes/js/jquery/ui/checkboxradio.min.js?ver=1.13.2
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (4123)
Hash d06c20b16a91551256fcf7f53e77f9b3
a997b3191bec1a9218657a8f7832999b71c47ab9
c4851c95903d7f489397faa43f9050298cce00026257f9af016481813a6786cc
GET /wp-includes/js/jquery/ui/checkboxradio.min.js?ver=1.13.2 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
etag: W/"632e0f32-10d5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e34845b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.165.197.103101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.197.103:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: J4HL17SKwB71BB9U4Ihgwg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8VIJiyCZL6TAROoYJ0uuu/Pb1PM=
rallycu.com/wp-content/plugins/wp-post-author/assets/dist/blocks.style.build.css?ver=6.1.1
141.193.213.20200 OK 34 kB URL HTTP/2 rallycu.com/wp-content/plugins/wp-post-author/assets/dist/blocks.style.build.css?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (22405)
Hash 807772a2b1ec7e3bbf68b2bde7e1b0fb
9bcca899c39e3c0ff1fbf470b1ae99e81048a69e
4ad3f2f592f43bedad7cb0c576302a0b4f69a2325221fcef1fa23b58f8291f8c
GET /wp-content/plugins/wp-post-author/assets/dist/blocks.style.build.css?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 20:00:04 GMT
etag: W/"638e4dc4-7a3f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e29f23b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/preferences.min.js?ver=5e6c91c252c0e040f379
141.193.213.20200 OK 1.7 kB URL HTTP/2 rallycu.com/wp-includes/js/dist/preferences.min.js?ver=5e6c91c252c0e040f379
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (2873)
Hash 33ac374a62fdf411e2f4c7ee01d7f836
ca3108a9172e4a88827f67afdd87d1df6bd00697
5b3692a9cba85dcb191a2fb1746110802817c690122547892e00bf9eec9c1bc2
GET /wp-includes/js/dist/preferences.min.js?ver=5e6c91c252c0e040f379 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 15 Sep 2022 16:45:40 GMT
etag: W/"632356b4-b5c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e32804b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/core-data.min.js?ver=d8d458b31912f858bcdf
141.193.213.20200 OK 16 kB URL HTTP/2 rallycu.com/wp-includes/js/dist/core-data.min.js?ver=d8d458b31912f858bcdf
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (54209)
Hash 0f0b8f8959ee6aa0d99c23cc31880741
cd85627d5dfb3811d37fcbdde8341a7f682b27a4
3e41b7f3f36ac1702f5445a608db9fe435116ca89d0444c8674f7a933376df0f
GET /wp-includes/js/dist/core-data.min.js?ver=d8d458b31912f858bcdf HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 23 Sep 2022 20:04:13 GMT
etag: W/"632e113d-d3e4"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e31ffeb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
141.193.213.20200 OK 13 kB URL HTTP/2 rallycu.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (47826)
Hash e2471545c7ac3ca3bfd5a7fdb7814318
fd255cf32e0c24a3131d9b6cf38a34da9749fc5a
aaa52369939d84c2c339cb8eb7ed4ea6569fadfe0b9094bb37f1c3cea1833008
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
etag: W/"636e62ad-172a9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
server: cloudflare
cf-ray: 796da8e29f25b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.iCxGNTE3Tqc.L.F4.O/d=0/rs=AN8SPfqhvHUlOSBSG-4xrkKOTAVZqlAYTA/m=el_main_css
216.58.211.3200 OK 4.3 kB URL HTTP/2 www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.iCxGNTE3Tqc.L.F4.O/d=0/rs=AN8SPfqhvHUlOSBSG-4xrkKOTAVZqlAYTA/m=el_main_css
IP 216.58.211.3:0
File type ASCII text, with very long lines (23413), with no line terminators
Hash c41e5d33c01691d96d76486b1544004b
20b040a572de3003c9977df33e2d631efb9cb68c
f063d4dbe944940b190b4da3716cc71fca549b9fd46d4b30ecf8e0c4a651593c
GET /_/translate_http/_/ss/k=translate_http.tr.iCxGNTE3Tqc.L.F4.O/d=0/rs=AN8SPfqhvHUlOSBSG-4xrkKOTAVZqlAYTA/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 4259
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 18:28:28 GMT
expires: Fri, 02 Feb 2024 18:28:28 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 06:11:41 GMT
content-type: text/css; charset=UTF-8
age: 594260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-KDJ6BZH
142.250.74.168200 OK 72 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KDJ6BZH
IP 142.250.74.168:0
File type ASCII text, with very long lines (37434)
Hash fb9c1750a5aca486b1b2f04ab0ab185f
91ab0a3d71d86c61c388dcc6f30dba125e8a99bd
d45b300f83723ddbed78f5525c317860c05e0c72531a662dba7209ba84fa60ea
GET /gtm.js?id=GTM-KDJ6BZH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 15:32:48 GMT
expires: Thu, 09 Feb 2023 15:32:48 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 Feb 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71502
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2
142.250.74.163200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 20960, version 1.0\012- data
Hash d312d179276a175029c56c50e9bc9d0b
aa9285dd6183c696fc39ec31c221581e2d4959c1
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
GET /s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rallycu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Feb 2023 10:06:04 GMT
expires: Fri, 09 Feb 2024 10:06:04 GMT
cache-control: public, max-age=31536000
age: 19604
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
142.250.74.163200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 21144, version 1.0\012- data
Hash 2bc7630144496092dc786ce63109e560
723df3658078cfed03c85e47f15fc439eb4331be
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
GET /s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rallycu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Feb 2023 04:30:14 GMT
expires: Fri, 09 Feb 2024 04:30:14 GMT
cache-control: public, max-age=31536000
age: 39754
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rallycu.com/wp-content/plugins/wp-post-author/assets/css/awpa-frontend-style.css?ver=6.1.1
141.193.213.20200 OK 23 kB URL HTTP/2 rallycu.com/wp-content/plugins/wp-post-author/assets/css/awpa-frontend-style.css?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
Hash c9073f027ee67ef091d4f96367853d54
4e7ecb55edae0bbbf0cbc062d8df8dbbc0048924
257c958e427f125e753f3153ab807ec95f7332a778fc8dd53b0d291a5efc923b
GET /wp-content/plugins/wp-post-author/assets/css/awpa-frontend-style.css?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 20:00:04 GMT
etag: W/"638e4dc4-2d88"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e29f2cb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/api-fetch.min.js?ver=bc0029ca2c943aec5311
141.193.213.20200 OK 12 kB URL HTTP/2 rallycu.com/wp-includes/js/dist/api-fetch.min.js?ver=bc0029ca2c943aec5311
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (5290)
Hash 7dd386f35c32b388881d04d9239f4f90
ca4c46dc290e0a48fe1339e799ef5268a8a42392
d6fbb28faa228c3dde75716e0642f4313904b74376492676081fa2359f09d317
GET /wp-includes/js/dist/api-fetch.min.js?ver=bc0029ca2c943aec5311 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 12 Apr 2022 15:12:47 GMT
etag: W/"625596ef-14cd"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e31feeb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/rich-text.min.js?ver=c704284bebe26cf1dd51
141.193.213.20200 OK 33 kB URL HTTP/2 rallycu.com/wp-includes/js/dist/rich-text.min.js?ver=c704284bebe26cf1dd51
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
File type Unicode text, UTF-8 text, with very long lines (33409)
Hash 5ef9c5b6e3b9bdb8b07ca881b26bafc1
b3d63bbb8f9a06c7b818622f8d090dbc71acc5fa
ebd211de82aca84d50b464afc85ec525ebf66eb22cb135f330b8104529db3f04
GET /wp-includes/js/dist/rich-text.min.js?ver=c704284bebe26cf1dd51 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
etag: W/"632e0f32-82aa"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e30fd8b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-content/themes/mdr-emerald-child/slick/slick.css?ver=6.1.1
141.193.213.20200 OK 25 kB URL HTTP/2 rallycu.com/wp-content/themes/mdr-emerald-child/slick/slick.css?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
Hash 7e44fab32d286c991ba75576bf897961
d9e6d748ad04a71b399e19ee89fb770584f5e8a6
d66b94d1af2157e2b6b08341aa0fbf05c76c072a041a002aa406e2279787a899
GET /wp-content/themes/mdr-emerald-child/slick/slick.css?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 06 Dec 2022 22:49:34 GMT
etag: W/"638fc6fe-130d"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e29f33b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-content/plugins/awsm-team-pro/css/team.min.css?ver=1.10.2
141.193.213.20200 OK 36 kB URL HTTP/2 rallycu.com/wp-content/plugins/awsm-team-pro/css/team.min.css?ver=1.10.2
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash 40e6f22aff5f8300b8324807bcaadce2
25ada640387e420ab82a9f9465e13498f02769e7
1286a17468285a4638e55ce64ba7fcfbf503b347a22504365a3d27f43c3246d5
GET /wp-content/plugins/awsm-team-pro/css/team.min.css?ver=1.10.2 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 20:00:12 GMT
etag: W/"638e4dcc-208dd"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e29f27b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rallycu.com/wp-includes/js/dist/keyboard-shortcuts.min.js?ver=b696c16720133edfc065
141.193.213.20200 OK 81 kB URL HTTP/2 rallycu.com/wp-includes/js/dist/keyboard-shortcuts.min.js?ver=b696c16720133edfc065
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (4454)
Hash a9da7efedb747a236f4c5062db493e36
6a7025923a13bd2372cf503eecd5ba8320ad93d8
b71e1349578ebfef9da505bc0d9ffcba7c4596c1a18aa704d9276775ae2fdeaa
GET /wp-includes/js/dist/keyboard-shortcuts.min.js?ver=b696c16720133edfc065 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
etag: W/"6329dfa1-1189"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
server: cloudflare
cf-ray: 796da8e31ff0b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source+Sans+Pro&ver=1.0.0
142.250.74.74200 OK 77 kB URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro&ver=1.0.0
IP 142.250.74.74:0
Hash 908f448caf2c1b462340208488b154a9
0ea6f81f1053a92935660b027fa7a847c90efa6d
19fa3fcc3a7e000c3e492cf6242295df0ba5d4eca643d23fe9c3704a6eff15af
GET /css?family=Source+Sans+Pro&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 09 Feb 2023 15:32:47 GMT
date: Thu, 09 Feb 2023 15:32:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.glia.com/visitor_config?referrer=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F&
54.230.111.39200 OK 11 kB URL HTTP/2 api.glia.com/visitor_config?referrer=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F&
IP 54.230.111.39:0
File type JSON data\012- , ASCII text, with very long lines (11270), with no line terminators
Hash 9404c350baff80e22e47f9da3a2fd647
fbcdeff7f817e4279bb38002c02bd344e77d02cb
fc26751c8140d67603ebdbf8abb35b1c4e3bc7017b046a916ad8bd5f905a5dc7
POST /visitor_config?referrer=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F& HTTP/1.1
Host: api.glia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
Origin: https://rallycu.com
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 11270
date: Thu, 09 Feb 2023 15:32:48 GMT
access-control-allow-origin: https://rallycu.com
access-control-allow-methods: ["GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE"]
access-control-expose-headers:
access-control-max-age: 7200
access-control-allow-headers: Content-Type, Accept, Authorization
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-site-visitor-config: true
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, max-age=0
set-cookie: visitor_session=eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE2NzU5NTY3NjgsInZpc2l0b3JfaWQiOiIxYjYwMTNkNi1kYTU5LTRkYTItODc5Mi02MWViOWY3NWI4ODEiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiI1ODRhNzJlNy1mZTI0LTQyMjAtODMzMi00NjBjNmU0MzhkZjEifQ.dOYdxTU95Q_V2icI2rMVV5ehw8m4rJSU74qLeminpvToJuPg4AXpAG-72LtHkJgdLphRLvs9AKb2rf-U_ZBbdQ; path=/; expires=Fri, 09 Feb 2024 15:32:48 -0000; secure; HttpOnly; SameSite=None
incompat_visitor_session=eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE2NzU5NTY3NjgsInZpc2l0b3JfaWQiOiIxYjYwMTNkNi1kYTU5LTRkYTItODc5Mi02MWViOWY3NWI4ODEiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiI1ODRhNzJlNy1mZTI0LTQyMjAtODMzMi00NjBjNmU0MzhkZjEifQ.dOYdxTU95Q_V2icI2rMVV5ehw8m4rJSU74qLeminpvToJuPg4AXpAG-72LtHkJgdLphRLvs9AKb2rf-U_ZBbdQ; path=/; expires=Fri, 09 Feb 2024 15:32:48 -0000; secure; HttpOnly
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pOZ6JK7KjrK5d4ETON40c87eolWl9dwtSgwJw8VZYEKnfXZFoxqCTw==
X-Firefox-Spdy: h2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.zFHgxfF9Y10.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrp1ixLvmhBpuZEliy9AM0pLRV6KA/m=el_main
142.250.74.10200 OK 76 kB URL HTTP/2 translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.zFHgxfF9Y10.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrp1ixLvmhBpuZEliy9AM0pLRV6KA/m=el_main
IP 142.250.74.10:0
File type ASCII text, with very long lines (2052)
Hash 3c5d33cd6e6ebc1421ffb58b84a4960a
444f395f38bc7412ff5d968bb2021e9e6d6ae451
e7100ba6ba0f776389ea3d8761c0d0aaea12a42f729e0fc81bbde2c91c251123
GET /_/translate_http/_/js/k=translate_http.tr.no.zFHgxfF9Y10.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrp1ixLvmhBpuZEliy9AM0pLRV6KA/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 75956
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 Feb 2023 21:31:26 GMT
expires: Thu, 08 Feb 2024 21:31:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 Feb 2023 12:12:52 GMT
content-type: text/javascript; charset=UTF-8
age: 64882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 566d08591068500ab5203e5a85ebbff2
f92b5adcde8f9be6b21104306d78808df4445243
89013f60a000ae80233554e01420794cbfda830899a6a9030eb9cedb282d6908
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "89013F60A000AE80233554E01420794CBFDA830899A6A9030EB9CEDB282D6908"
Last-Modified: Wed, 08 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7727
Expires: Thu, 09 Feb 2023 17:41:35 GMT
Date: Thu, 09 Feb 2023 15:32:48 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash f30ebb7855430e77d7f7e78185824905
f833d3fbb268c2d0b289b8af527a13ea6ab3535d
ecf61ddf953eab9c7889a0b5e697364bed9f8fee9f7be3c3d13258542c858354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
6414188.fls.doubleclick.net/activityi;src=6414188;type=retar0;cat=rtptv0;ord=9388628159184;gtm=45He3280;auiddc=1651250514.1675956828;~oref=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F?
142.250.74.70200 OK 241 B URL HTTP/2 6414188.fls.doubleclick.net/activityi;src=6414188;type=retar0;cat=rtptv0;ord=9388628159184;gtm=45He3280;auiddc=1651250514.1675956828;~oref=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (460), with no line terminators
Hash 7d2aeb2b53a8a61e6d26afac93b17cdf
6c9b852f80c3d894b29a46ca48aad5a96203edde
5352a5fc6bb92283bc4f0863e6df57a41496d1a40d9e98f0e59f2ce5a5fa8864
GET /activityi;src=6414188;type=retar0;cat=rtptv0;ord=9388628159184;gtm=45He3280;auiddc=1651250514.1675956828;~oref=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F? HTTP/1.1
Host: 6414188.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 15:32:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 241
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 09-Feb-2023 15:47:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash f30ebb7855430e77d7f7e78185824905
f833d3fbb268c2d0b289b8af527a13ea6ab3535d
ecf61ddf953eab9c7889a0b5e697364bed9f8fee9f7be3c3d13258542c858354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
prism.app-us1.com/?a=26286730&u=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F
104.17.146.91200 OK 0 B URL HTTP/2 prism.app-us1.com/?a=26286730&u=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F
IP 104.17.146.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?a=26286730&u=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:48 GMT
content-type: application/javascript
content-length: 0
cache-control: no-cache, private
set-cookie: prism_26286730=5b4dfdf1-bec8-4eb3-8481-a406421c48dc; expires=Sat, 11-Mar-2023 15:32:48 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 37
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796da8eb8cc90b39-OSL
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=6414188;type=retar0;cat=rtptv0;ord=9388628159184;gtm=45He3280;auiddc=1651250514.1675956828;~oref=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F
142.250.74.34200 OK 242 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=6414188;type=retar0;cat=rtptv0;ord=9388628159184;gtm=45He3280;auiddc=1651250514.1675956828;~oref=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (459), with no line terminators
Hash 1f902e3f6dda7065858fc6bc91ff258d
b4e546ca3749295d9d87f02611b3ef936f2d8029
72b322fb9ae8c4e847849cc792256f9b690e399c03ff1e5c91baba95af8645c6
GET /ddm/fls/i/src=6414188;type=retar0;cat=rtptv0;ord=9388628159184;gtm=45He3280;auiddc=1651250514.1675956828;~oref=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6414188.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 15:32:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 242
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 3065eee91a066f7f2b24bc3c22ec932e
11e0860a08fd32fd5ec8b40781fe096ca4e2f8bf
e5c2bc773a479f0677e92fc619a69a5fd85731684bb64e2cf8c5337355baa258
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136477
Date: Thu, 09 Feb 2023 15:32:48 GMT
Etag: "63e46bad-1d7"
Expires: Sat, 11 Feb 2023 05:27:25 GMT
Last-Modified: Thu, 09 Feb 2023 03:42:37 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tASm9-bBS5dy1ZEqX4MqMzK-iMyRivxpNS0rCsKwm0Op-hciBpuKIw==
Age: 6288
adservice.google.no/ddm/fls/i/src=6414188;type=retar0;cat=rtptv0;ord=9388628159184;gtm=45He3280;auiddc=1651250514.1675956828;~oref=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F
172.217.21.162302 Found 0 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=6414188;type=retar0;cat=rtptv0;ord=9388628159184;gtm=45He3280;auiddc=1651250514.1675956828;~oref=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/i/src=6414188;type=retar0;cat=rtptv0;ord=9388628159184;gtm=45He3280;auiddc=1651250514.1675956828;~oref=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 15:32:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://6414188.fls.doubleclick.net/ddm/fls/r/src=6414188;type=retar0;cat=rtptv0;ord=9388628159184;gtm=45He3280;auiddc=1651250514.1675956828;~oref=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6d5882eafc87e0fd208339050fb4a553
11505fa91a1395b6639120faef4d4350087af794
bed94db046ef3d739b6e1f8f63c9cdc1e42d8e2cb59606fb93902942c1cf8c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4777
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:49 GMT
Last-Modified: Thu, 09 Feb 2023 14:13:13 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
216.239.32.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.32.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 09 Feb 2023 13:44:09 GMT
expires: Thu, 09 Feb 2023 15:44:09 GMT
cache-control: public, max-age=7200
age: 6520
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c81b231b8160dcc57cb6b3f5c3e4beb8
8f489177ca2ef48a1e0026c9d0ccff2015a01dbc
370c76e922a83edf1f5159c9088417a8cac44eb7c1322082d487f6d540fce88f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
collector-29065.us.tvsquared.com/tv2track.js
3.18.94.176200 OK 8.5 kB URL HTTP/1.1 collector-29065.us.tvsquared.com/tv2track.js
IP 3.18.94.176:0
File type ASCII text, with very long lines (1162)
Hash a1d5aaba1e098f2b60458ac1332a30db
c6079ba8025310193ca60a4b9c1f6d3d1f196ba4
5f1dad4b49b8c410c183fe3ffb1abed1c5d2b316aebee9d752fc859acf9b2c62
GET /tv2track.js HTTP/1.1
Host: collector-29065.us.tvsquared.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=600
Content-Encoding: gzip
Content-Type: application/javascript
Date: Thu, 09 Feb 2023 15:32:48 GMT
ETag: "639c4b07-2133"
Expires: Thu, 09 Feb 2023 15:42:48 GMT
Last-Modified: Fri, 16 Dec 2022 10:40:07 GMT
Server: nginx
X-Robots-Tag: noindex
Content-Length: 8499
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 84889b914548f7820766f27a40699cfa
bc674cdb5819759b5ecd5aabfde47f56127f5d89
e2a69fe4edd028d00a8a744b62ef51dada2aff144da0cd9813efc887a11f70a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/674084073/?random=1675956828136&cv=11&fst=1675956828136&bg=ffffff&guid=ON&async=1>m=45He3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F&tiba=COVID-19%20Response%20%7C%20Rally%20Credit%20Union&auid=1651250514.1675956828&rfmt=3&fmt=4
142.250.74.130200 OK 882 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/674084073/?random=1675956828136&cv=11&fst=1675956828136&bg=ffffff&guid=ON&async=1>m=45He3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F&tiba=COVID-19%20Response%20%7C%20Rally%20Credit%20Union&auid=1651250514.1675956828&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (1865), with no line terminators
Hash e9b87d3815ec8dfce4dc022950c8de9b
15a9533ae5088ae1403f677e5cdf07c2c29262ec
3d9b738025d94ef1f3627603dd5cdfa2c0a4dfb80a2bd38d2cec5db4944fda01
GET /pagead/viewthroughconversion/674084073/?random=1675956828136&cv=11&fst=1675956828136&bg=ffffff&guid=ON&async=1>m=45He3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F&tiba=COVID-19%20Response%20%7C%20Rally%20Credit%20Union&auid=1651250514.1675956828&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 15:32:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 882
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 09-Feb-2023 15:47:49 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/images/cleardot.gif
142.250.74.164200 OK 43 B URL HTTP/2 www.google.com/images/cleardot.gif
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Thu, 09 Feb 2023 15:32:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.205.11200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: pVkhWnJ1bS3eODQjA/VxSLG/38dMPjQsb70Jh49xllK6+6PQdKfd83HQInGlKpJABgYedzwrOsx3yCldPYr6/g==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1679558926
date: Thu, 09 Feb 2023 15:32:49 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
libs.salemove.com/visitor/webcomponents_es5-0f6d3ee71.js
54.230.111.104200 OK 936 B URL HTTP/2 libs.salemove.com/visitor/webcomponents_es5-0f6d3ee71.js
IP 54.230.111.104:0
File type ASCII text, with very long lines (390)
Hash f86098c5208655efb405300993461936
a0a5b6aea7bbb6a51940f8c874aee109477c7b56
832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db
GET /visitor/webcomponents_es5-0f6d3ee71.js HTTP/1.1
Host: libs.salemove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 936
date: Wed, 01 Feb 2023 05:19:23 GMT
last-modified: Tue, 31 Jan 2023 12:10:48 GMT
etag: "f86098c5208655efb405300993461936"
x-amz-meta-s3cmd-attrs: md5:f86098c5208655efb405300993461936
cache-control: max-age=31536000
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: m5hV7Fy-0z_rLfNbqveKnduQe_fM58V0vdYNkSApxv0K1NiPjWdUow==
age: 728007
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10892851063/?random=1675956828145&cv=11&fst=1675956828145&bg=ffffff&guid=ON&async=1>m=45He3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F&tiba=COVID-19%20Response%20%7C%20Rally%20Credit%20Union&auid=1651250514.1675956828&rfmt=3&fmt=4
142.250.74.130200 OK 885 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10892851063/?random=1675956828145&cv=11&fst=1675956828145&bg=ffffff&guid=ON&async=1>m=45He3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F&tiba=COVID-19%20Response%20%7C%20Rally%20Credit%20Union&auid=1651250514.1675956828&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (1869), with no line terminators
Hash 76c26483c1008e47ccff8579a7f618eb
bfd9f6f49be6baf9328bc4ac38ed50b4ddabceb0
a736c86f1ec459f562f68b13c593e1662156f2961093d46455866d7b1d2693b6
GET /pagead/viewthroughconversion/10892851063/?random=1675956828145&cv=11&fst=1675956828145&bg=ffffff&guid=ON&async=1>m=45He3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F&tiba=COVID-19%20Response%20%7C%20Rally%20Credit%20Union&auid=1651250514.1675956828&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 15:32:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 885
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 09-Feb-2023 15:47:49 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6d5882eafc87e0fd208339050fb4a553
11505fa91a1395b6639120faef4d4350087af794
bed94db046ef3d739b6e1f8f63c9cdc1e42d8e2cb59606fb93902942c1cf8c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4777
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:49 GMT
Last-Modified: Thu, 09 Feb 2023 14:13:13 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c81b231b8160dcc57cb6b3f5c3e4beb8
8f489177ca2ef48a1e0026c9d0ccff2015a01dbc
370c76e922a83edf1f5159c9088417a8cac44eb7c1322082d487f6d540fce88f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/674084073/?random=1675956828136&cv=11&fst=1675954800000&bg=ffffff&guid=ON&async=1>m=45He3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F&tiba=COVID-19%20Response%20%7C%20Rally%20Credit%20Union&fmt=3&is_vtc=1&random=1112480067&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/674084073/?random=1675956828136&cv=11&fst=1675954800000&bg=ffffff&guid=ON&async=1>m=45He3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F&tiba=COVID-19%20Response%20%7C%20Rally%20Credit%20Union&fmt=3&is_vtc=1&random=1112480067&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/674084073/?random=1675956828136&cv=11&fst=1675954800000&bg=ffffff&guid=ON&async=1>m=45He3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F&tiba=COVID-19%20Response%20%7C%20Rally%20Credit%20Union&fmt=3&is_vtc=1&random=1112480067&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 15:32:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
collector-29065.us.tvsquared.com/tv2track.php?action_name=COVID-19%20Response%20%7C%20Rally%20Credit%20Union&idsite=TV-7209903645-1&rec=1&r=657125&h=15&m=33&s=48&url=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F&_id=025f88cfe703037d&_idts=1675956829&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024>_ms=171
3.18.94.176200 OK 42 B URL HTTP/1.1 collector-29065.us.tvsquared.com/tv2track.php?action_name=COVID-19%20Response%20%7C%20Rally%20Credit%20Union&idsite=TV-7209903645-1&rec=1&r=657125&h=15&m=33&s=48&url=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F&_id=025f88cfe703037d&_idts=1675956829&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024>_ms=171
IP 3.18.94.176:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 00657dd79637a8daf5e6196ca17f1887
3e064855d1fe7c6eac52981a646ec5840ba7efb5
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
GET /tv2track.php?action_name=COVID-19%20Response%20%7C%20Rally%20Credit%20Union&idsite=TV-7209903645-1&rec=1&r=657125&h=15&m=33&s=48&url=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F&_id=025f88cfe703037d&_idts=1675956829&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024>_ms=171 HTTP/1.1
Host: collector-29065.us.tvsquared.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Thu, 09 Feb 2023 15:32:49 GMT
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Request-Id: ecb114d9-8810-49c0-b4cd-66f37ce72ec3
Server: nginx
Content-Length: 42
Connection: keep-alive
up.pixel.ad/assets/up.js?um=1
178.79.242.16200 OK 1.6 kB URL HTTP/2 up.pixel.ad/assets/up.js?um=1
IP 178.79.242.16:0
File type ASCII text, with very long lines (3275)
Hash 745340d954663bbef59f3e65c8aa728b
0af5bfef26b3eeec2000086014638c4d11821220
71bfd4fead77b57be5c1ffa6a3c49e4c5defba58cbcabf255a1757a4579c53e6
GET /assets/up.js?um=1 HTTP/1.1
Host: up.pixel.ad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6414188.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/javascript
content-encoding: gzip
vary: Accept-Encoding
server: AC1.1
x-llid: bb1af5f3d7d15462adf707bec45019f7
age: 162952
date: Thu, 09 Feb 2023 15:32:49 GMT
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
content-length: 1550
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fa3b80f6c5e48935acba628afd26f4ce
f69397ac7d88fc285d79b1a17ec28340c8a5c564
6019b3d5a40f38c020b87c2bc5d25b3646b7cccd3bf005f835cb74b46869100d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6019B3D5A40F38C020B87C2BC5D25B3646B7CCCD3BF005F835CB74B46869100D"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16985
Expires: Thu, 09 Feb 2023 20:15:54 GMT
Date: Thu, 09 Feb 2023 15:32:49 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fa3b80f6c5e48935acba628afd26f4ce
f69397ac7d88fc285d79b1a17ec28340c8a5c564
6019b3d5a40f38c020b87c2bc5d25b3646b7cccd3bf005f835cb74b46869100d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6019B3D5A40F38C020B87C2BC5D25B3646B7CCCD3BF005F835CB74B46869100D"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16985
Expires: Thu, 09 Feb 2023 20:15:54 GMT
Date: Thu, 09 Feb 2023 15:32:49 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fa3b80f6c5e48935acba628afd26f4ce
f69397ac7d88fc285d79b1a17ec28340c8a5c564
6019b3d5a40f38c020b87c2bc5d25b3646b7cccd3bf005f835cb74b46869100d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6019B3D5A40F38C020B87C2BC5D25B3646B7CCCD3BF005F835CB74B46869100D"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16985
Expires: Thu, 09 Feb 2023 20:15:54 GMT
Date: Thu, 09 Feb 2023 15:32:49 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fa3b80f6c5e48935acba628afd26f4ce
f69397ac7d88fc285d79b1a17ec28340c8a5c564
6019b3d5a40f38c020b87c2bc5d25b3646b7cccd3bf005f835cb74b46869100d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6019B3D5A40F38C020B87C2BC5D25B3646B7CCCD3BF005F835CB74B46869100D"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16985
Expires: Thu, 09 Feb 2023 20:15:54 GMT
Date: Thu, 09 Feb 2023 15:32:49 GMT
Connection: keep-alive
libs.salemove.com/visitor/bootstrapper-0f6d3ee71.js
54.230.111.104200 OK 175 kB URL HTTP/2 libs.salemove.com/visitor/bootstrapper-0f6d3ee71.js
IP 54.230.111.104:0
Size 175 kB (175123 bytes)
Hash 8f29a0f5f6919aa12e9b636b460f7071
84e2839506cab436b604c9a2b8e9d69c331410c1
ba84c718a906424ead32883f7045c7803504aa46b2bb3a5ca8b48107fa3bf983
GET /visitor/bootstrapper-0f6d3ee71.js HTTP/1.1
Host: libs.salemove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 01 Feb 2023 05:19:20 GMT
last-modified: Tue, 31 Jan 2023 12:10:47 GMT
etag: W/"2e1fcdf36b54b6609527460526604e1e"
x-amz-meta-s3cmd-attrs: md5:2e1fcdf36b54b6609527460526604e1e
cache-control: max-age=31536000
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iIvHbplloNW7BP5uM5m-8t1MpZhaRiMT_1bsds49PgP0rwEvc41law==
age: 728008
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03326d1-bbfd-4654-a9db-ac431757b9f6.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03326d1-bbfd-4654-a9db-ac431757b9f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 764b732e88dd1e9c1824529b24b3dffc
2ba954a51c2972b267ae0536e343e608aa9aa7f4
a1efdf03b14bb05cf8e407b92476592c35fa2d27c5e66705322abdb4c6412a06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03326d1-bbfd-4654-a9db-ac431757b9f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8150
x-amzn-requestid: 3834493a-4162-4cc9-b67c-541cc9be895b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwD8IH0TIAMFWqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb380-3746ff7b0a6894366efa848e;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:10:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HNuUU4SaVvuPbW0clgJa6UZ-0zefgWJWfIJEsz_yCfKiCrx2wsu6vA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 09:31:09 GMT
age: 21700
etag: "2ba954a51c2972b267ae0536e343e608aa9aa7f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec996f6-8867-41f0-9850-ad04d05e22e6.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec996f6-8867-41f0-9850-ad04d05e22e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 464812429ec9f5c766def4ac26e86e4f
170a5d6fcaa69c78896ed8a37442a27c6309c09a
1248df6127626b254420b6ddabba6fba12066c9b7f314386c25ac51781f59060
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec996f6-8867-41f0-9850-ad04d05e22e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10472
x-amzn-requestid: f43c32c6-0bb3-4154-934d-cd0ad1e3edf7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fv73mHmooAMFRFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dca696-700ab104674033036aba0878;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 06:15:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2kp0tBfU8v-pe5Tft8WnSQKV5deSlUbRVEGthGejjT4uXlbbv1IiAg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 19:00:11 GMT
age: 73958
etag: "170a5d6fcaa69c78896ed8a37442a27c6309c09a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F844d5320-b850-4dd9-87c4-2b4f17eb895e.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F844d5320-b850-4dd9-87c4-2b4f17eb895e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82ed633b05ccadc8b87e83413641f1ef
aafed39990cf6a3391d53355085d816167a500fa
c9202e36b231d0a9a9cba1ff8f570e5b0fbba215eb6b28e3989fd442ee7f5835
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F844d5320-b850-4dd9-87c4-2b4f17eb895e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8717
x-amzn-requestid: dbb8b5a2-d3f6-42e2-8778-da19de081cb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f2c0LHaiIAMF5cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63df41b4-309b6b1f651f68453dd52f55;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 05:42:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hBfl0rPzn_iOD9xRlc236_IEvyGlK5WteH1y4cd0aYxlFzd3RVfgkQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:42:47 GMT
age: 64202
etag: "aafed39990cf6a3391d53355085d816167a500fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rallycu.com/wp-content/themes/mdr-emerald/js/jquery.matchHeight.js?ver=6.1.1
141.193.213.20200 OK 15 kB URL HTTP/2 rallycu.com/wp-content/themes/mdr-emerald/js/jquery.matchHeight.js?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
Hash 66d4ef9f1c87a288382ae983d266f565
3ce614a932fe80532729a5663674220eedbeafe9
a5cc257cf7b8dd4a3662ff72e13d32e945e8458ca055758e5ce305e41e74b91c
GET /wp-content/themes/mdr-emerald/js/jquery.matchHeight.js?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 19:59:56 GMT
etag: W/"638e4dbc-2e01"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e37888b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb92005b3-7a69-411c-9afb-60b86ab8c5da.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb92005b3-7a69-411c-9afb-60b86ab8c5da.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0c5e12696e3ee13041d043084828210
c48927fb23f59e0949d388086c197699c8f19d1b
47838e958555ff6799d4d1d3994913943726daba5294cd89afe9036628ef6fdb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb92005b3-7a69-411c-9afb-60b86ab8c5da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: fa797448-32c3-4438-a192-5291c48b1d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChJKFq9oAMFgog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4156d-46ff32923a2763b45a5194f4;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2olwTLHKbCas7GcQiRz22bk_I646VcTxN3Yv_ObBVgeGC0l73GNh8A==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:42:27 GMT
age: 64222
etag: "c48927fb23f59e0949d388086c197699c8f19d1b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-HFRVY7RBB3>m=45je3280&_p=81190057&cid=1233324466.1675956828&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675956828&sct=1&seg=0&dl=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F&dt=COVID-19%20Response%20%7C%20Rally%20Credit%20Union&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-HFRVY7RBB3>m=45je3280&_p=81190057&cid=1233324466.1675956828&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675956828&sct=1&seg=0&dl=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F&dt=COVID-19%20Response%20%7C%20Rally%20Credit%20Union&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HFRVY7RBB3>m=45je3280&_p=81190057&cid=1233324466.1675956828&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675956828&sct=1&seg=0&dl=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F&dt=COVID-19%20Response%20%7C%20Rally%20Credit%20Union&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rallycu.com
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://rallycu.com
date: Thu, 09 Feb 2023 15:32:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pubsub.salemove.com/notifications/websocket?access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImJiODg1M2MxLWU5N2QtNDU2Yi04ZWI0LTQ1YWQ5ZWE4MjcxNiJ9.eyJpYXQiOjE2NzU5NTY3NjgsImV4cCI6MTY3NzE2NjM2OCwiaXNzIjoiR2xpYSBTaXRlIFZpc2l0b3IgQ29uZmlnIiwic3ViIjoidmlzaXRvcjoxYjYwMTNkNi1kYTU5LTRkYTItODc5Mi02MWViOWY3NWI4ODEiLCJyb2xlcyI6W3sidHlwZSI6InZpc2l0b3IiLCJ2aXNpdG9yX2lkIjoiMWI2MDEzZDYtZGE1OS00ZGEyLTg3OTItNjFlYjlmNzViODgxIn0seyJ0eXBlIjoic2l0ZV92aXNpdG9yIiwic2l0ZV9pZCI6IjE1NTA3ZGQ4LTY2YTMtNDQ5OC05NjRmLTM2MTZmNmMzMDIwNiIsImVuZ2FnZW1lbnRfc2l0ZV9pZHMiOlsiMTU1MDdkZDgtNjZhMy00NDk4LTk2NGYtMzYxNmY2YzMwMjA2Il19XX0.ZAULFpRJCwzWTB3z6aOLe6t8M0xCKqReVPkNdwFcXkVKoYkmxodKcU8Ua-FozrLN_GD7vPthaKGtY9nXUXEFeQ&priority=low&vsn=2.0.0
52.44.110.202101 Switching Protocols 0 B URL HTTP/1.1 pubsub.salemove.com/notifications/websocket?access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImJiODg1M2MxLWU5N2QtNDU2Yi04ZWI0LTQ1YWQ5ZWE4MjcxNiJ9.eyJpYXQiOjE2NzU5NTY3NjgsImV4cCI6MTY3NzE2NjM2OCwiaXNzIjoiR2xpYSBTaXRlIFZpc2l0b3IgQ29uZmlnIiwic3ViIjoidmlzaXRvcjoxYjYwMTNkNi1kYTU5LTRkYTItODc5Mi02MWViOWY3NWI4ODEiLCJyb2xlcyI6W3sidHlwZSI6InZpc2l0b3IiLCJ2aXNpdG9yX2lkIjoiMWI2MDEzZDYtZGE1OS00ZGEyLTg3OTItNjFlYjlmNzViODgxIn0seyJ0eXBlIjoic2l0ZV92aXNpdG9yIiwic2l0ZV9pZCI6IjE1NTA3ZGQ4LTY2YTMtNDQ5OC05NjRmLTM2MTZmNmMzMDIwNiIsImVuZ2FnZW1lbnRfc2l0ZV9pZHMiOlsiMTU1MDdkZDgtNjZhMy00NDk4LTk2NGYtMzYxNmY2YzMwMjA2Il19XX0.ZAULFpRJCwzWTB3z6aOLe6t8M0xCKqReVPkNdwFcXkVKoYkmxodKcU8Ua-FozrLN_GD7vPthaKGtY9nXUXEFeQ&priority=low&vsn=2.0.0
IP 52.44.110.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /notifications/websocket?access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImJiODg1M2MxLWU5N2QtNDU2Yi04ZWI0LTQ1YWQ5ZWE4MjcxNiJ9.eyJpYXQiOjE2NzU5NTY3NjgsImV4cCI6MTY3NzE2NjM2OCwiaXNzIjoiR2xpYSBTaXRlIFZpc2l0b3IgQ29uZmlnIiwic3ViIjoidmlzaXRvcjoxYjYwMTNkNi1kYTU5LTRkYTItODc5Mi02MWViOWY3NWI4ODEiLCJyb2xlcyI6W3sidHlwZSI6InZpc2l0b3IiLCJ2aXNpdG9yX2lkIjoiMWI2MDEzZDYtZGE1OS00ZGEyLTg3OTItNjFlYjlmNzViODgxIn0seyJ0eXBlIjoic2l0ZV92aXNpdG9yIiwic2l0ZV9pZCI6IjE1NTA3ZGQ4LTY2YTMtNDQ5OC05NjRmLTM2MTZmNmMzMDIwNiIsImVuZ2FnZW1lbnRfc2l0ZV9pZHMiOlsiMTU1MDdkZDgtNjZhMy00NDk4LTk2NGYtMzYxNmY2YzMwMjA2Il19XX0.ZAULFpRJCwzWTB3z6aOLe6t8M0xCKqReVPkNdwFcXkVKoYkmxodKcU8Ua-FozrLN_GD7vPthaKGtY9nXUXEFeQ&priority=low&vsn=2.0.0 HTTP/1.1
Host: pubsub.salemove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://rallycu.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HLE6Q33RgG0N5S426y0H+g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
cache-control: max-age=0, private, must-revalidate
connection: Upgrade
date: Thu, 09 Feb 2023 15:32:48 GMT
sec-websocket-accept: 8IZRI73G4ZGu4S914BeQJQT+tqk=
server: envoy
upgrade: websocket
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a746d459d4fbc7da99072462ed09b456
6ca7c899101b7ddcc1228f148cdcf16113a805f7
cbed8854f94d225ec82298e5039b9c163f58f9fede0db72510d22867003cb4a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-50588131-1&cid=1233324466.1675956828&jid=381986499&gjid=817399350&_gid=1281419919.1675956829&_u=YADAAEAAAAAAACAAI~&z=414163078
64.233.165.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-50588131-1&cid=1233324466.1675956828&jid=381986499&gjid=817399350&_gid=1281419919.1675956829&_u=YADAAEAAAAAAACAAI~&z=414163078
IP 64.233.165.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-50588131-1&cid=1233324466.1675956828&jid=381986499&gjid=817399350&_gid=1281419919.1675956829&_u=YADAAEAAAAAAACAAI~&z=414163078 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://rallycu.com
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://rallycu.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 09 Feb 2023 15:32:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=303610679994578&ev=PageView&dl=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F&rl=&if=false&ts=1675956829154&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1675956829153.723628336&it=1675956828741&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=303610679994578&ev=PageView&dl=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F&rl=&if=false&ts=1675956829154&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1675956829153.723628336&it=1675956828741&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=303610679994578&ev=PageView&dl=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F&rl=&if=false&ts=1675956829154&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1675956829153.723628336&it=1675956828741&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 09 Feb 2023 15:32:49 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a746d459d4fbc7da99072462ed09b456
6ca7c899101b7ddcc1228f148cdcf16113a805f7
cbed8854f94d225ec82298e5039b9c163f58f9fede0db72510d22867003cb4a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 640f754b6010aa111e4732cebedde8c8
3663d2e7ee523a02adb62cc74835fa790725b7d6
e6e471c0c9847bd76f0905ffe7da921ce8994db2ea42b990fc205e213d643d83
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3768
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:49 GMT
Last-Modified: Thu, 09 Feb 2023 14:30:01 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 727
centro.pixel.ad/iap/9393fb14c46cfd8b
207.198.113.205301 Moved Permanently 0 B URL HTTP/2 centro.pixel.ad/iap/9393fb14c46cfd8b
IP 207.198.113.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iap/9393fb14c46cfd8b HTTP/1.1
Host: centro.pixel.ad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6414188.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-length: 0
location: https://pixel.sitescout.com/iap/9393fb14c46cfd8b
X-Firefox-Spdy: h2
centro.pixel.ad/iap/489b3ec6be4c065c
207.198.113.205301 Moved Permanently 0 B URL HTTP/2 centro.pixel.ad/iap/489b3ec6be4c065c
IP 207.198.113.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iap/489b3ec6be4c065c HTTP/1.1
Host: centro.pixel.ad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6414188.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-length: 0
location: https://pixel.sitescout.com/iap/489b3ec6be4c065c
X-Firefox-Spdy: h2
pixel.sitescout.com/up/00c10b2111adcd25?url=rtview&cntr_revenue=&cntr_transactionId=9388628159184&u1=&u2=&u3=&u4=&u5=&src=6414188&cat=rtptv0&type=retar0&cntr_url=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F
98.98.134.241302 Found 0 B URL HTTP/2 pixel.sitescout.com/up/00c10b2111adcd25?url=rtview&cntr_revenue=&cntr_transactionId=9388628159184&u1=&u2=&u3=&u4=&u5=&src=6414188&cat=rtptv0&type=retar0&cntr_url=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F
IP 98.98.134.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /up/00c10b2111adcd25?url=rtview&cntr_revenue=&cntr_transactionId=9388628159184&u1=&u2=&u3=&u4=&u5=&src=6414188&cat=rtptv0&type=retar0&cntr_url=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F HTTP/1.1
Host: pixel.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6414188.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
set-cookie: ssi=eb0abecd-ed5e-433a-8aa9-aa4cadaa2cac#1675956769772; Domain=.sitescout.com; Expires=Fri, 09-Feb-2024 15:32:49 GMT; Path=/; Secure; SameSite=None
location: https://pixel.sitescout.com/up/00c10b2111adcd25?cookieQ=1&url=rtview&cntr_revenue=&cntr_transactionId=9388628159184&u1=&u2=&u3=&u4=&u5=&src=6414188&cat=rtptv0&type=retar0&cntr_url=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F
content-length: 0
date: Thu, 09 Feb 2023 15:32:48 GMT
server: AC1.1
X-Firefox-Spdy: h2
pixel.sitescout.com/iap/489b3ec6be4c065c
98.98.134.241302 Found 0 B URL HTTP/2 pixel.sitescout.com/iap/489b3ec6be4c065c
IP 98.98.134.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iap/489b3ec6be4c065c HTTP/1.1
Host: pixel.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6414188.fls.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
set-cookie: ssi=b88317cb-6487-46d9-ba40-cca03a23cda0#1675956769802; Domain=.sitescout.com; Expires=Fri, 09-Feb-2024 15:32:49 GMT; Path=/; Secure; SameSite=None
location: https://pixel.sitescout.com/iap/489b3ec6be4c065c?cookieQ=1
content-length: 0
date: Thu, 09 Feb 2023 15:32:49 GMT
server: AC1.1
X-Firefox-Spdy: h2
pixel.sitescout.com/iap/9393fb14c46cfd8b
98.98.134.241302 Found 0 B URL HTTP/2 pixel.sitescout.com/iap/9393fb14c46cfd8b
IP 98.98.134.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iap/9393fb14c46cfd8b HTTP/1.1
Host: pixel.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6414188.fls.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
set-cookie: ssi=68e8dc94-344c-4739-bfe7-91cf1a4b60be#1675956769800; Domain=.sitescout.com; Expires=Fri, 09-Feb-2024 15:32:49 GMT; Path=/; Secure; SameSite=None
location: https://pixel.sitescout.com/iap/9393fb14c46cfd8b?cookieQ=1
content-length: 0
date: Thu, 09 Feb 2023 15:32:49 GMT
server: AC1.1
X-Firefox-Spdy: h2
pixel.sitescout.com/up/00c10b2111adcd25?cookieQ=1&url=rtview&cntr_revenue=&cntr_transactionId=9388628159184&u1=&u2=&u3=&u4=&u5=&src=6414188&cat=rtptv0&type=retar0&cntr_url=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F
98.98.134.241200 OK 43 B URL HTTP/2 pixel.sitescout.com/up/00c10b2111adcd25?cookieQ=1&url=rtview&cntr_revenue=&cntr_transactionId=9388628159184&u1=&u2=&u3=&u4=&u5=&src=6414188&cat=rtptv0&type=retar0&cntr_url=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F
IP 98.98.134.241:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /up/00c10b2111adcd25?cookieQ=1&url=rtview&cntr_revenue=&cntr_transactionId=9388628159184&u1=&u2=&u3=&u4=&u5=&src=6414188&cat=rtptv0&type=retar0&cntr_url=https%3A%2F%2Frallycu.com%2Fcovidresponse%2F HTTP/1.1
Host: pixel.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6414188.fls.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
content-type: image/gif
content-length: 43
date: Thu, 09 Feb 2023 15:32:49 GMT
server: AC1.1
X-Firefox-Spdy: h2
pixel.sitescout.com/iap/489b3ec6be4c065c?cookieQ=1
98.98.134.241204 No Content 0 B URL HTTP/2 pixel.sitescout.com/iap/489b3ec6be4c065c?cookieQ=1
IP 98.98.134.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iap/489b3ec6be4c065c?cookieQ=1 HTTP/1.1
Host: pixel.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6414188.fls.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Thu, 09 Feb 2023 15:32:49 GMT
server: AC1.1
X-Firefox-Spdy: h2
pixel.sitescout.com/iap/9393fb14c46cfd8b?cookieQ=1
98.98.134.241204 No Content 0 B URL HTTP/2 pixel.sitescout.com/iap/9393fb14c46cfd8b?cookieQ=1
IP 98.98.134.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iap/9393fb14c46cfd8b?cookieQ=1 HTTP/1.1
Host: pixel.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6414188.fls.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Thu, 09 Feb 2023 15:32:49 GMT
server: AC1.1
X-Firefox-Spdy: h2
pixel.sitescout.com/dmp/asyncPixelSync
98.98.134.241302 Found 0 B URL HTTP/2 pixel.sitescout.com/dmp/asyncPixelSync
IP 98.98.134.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dmp/asyncPixelSync HTTP/1.1
Host: pixel.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6414188.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
set-cookie: ssi=a2c4a4d1-6cf6-412e-882d-b25c9f36e04c#1675956769854; Domain=.sitescout.com; Expires=Fri, 09-Feb-2024 15:32:49 GMT; Path=/; Secure; SameSite=None
location: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
content-length: 0
date: Thu, 09 Feb 2023 15:32:48 GMT
server: AC1.1
X-Firefox-Spdy: h2
pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
98.98.134.241204 No Content 0 B URL HTTP/2 pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
IP 98.98.134.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dmp/asyncPixelSync?cookieQ=1 HTTP/1.1
Host: pixel.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6414188.fls.doubleclick.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Thu, 09 Feb 2023 15:32:49 GMT
server: AC1.1
X-Firefox-Spdy: h2
js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
54.230.111.108200 OK 200 B URL HTTP/2 js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
IP 54.230.111.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 93afeeb17bc37e711759584dbfc50d47
bbbc9e5d68854172c90b993064df560996a2a433
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
GET /v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 200
last-modified: Mon, 06 Feb 2023 18:41:51 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Thu, 09 Feb 2023 15:17:35 GMT
cache-control: max-age=31536000
etag: "93afeeb17bc37e711759584dbfc50d47"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: al8oaADHNznOpKfKPJN5xc7JlZKqLJGFAWDLskoT1z1bLsT8OGv7ow==
age: 1954
X-Firefox-Spdy: h2
rallycu.com/wp-content/themes/mdr-emerald/lib/owl-carousel/owl.carousel.css?ver=6.1.1
141.193.213.20200 OK 1.7 kB URL HTTP/2 rallycu.com/wp-content/themes/mdr-emerald/lib/owl-carousel/owl.carousel.css?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
Hash bf052439bdc8934938fbbc1078193f09
8dc968c08300f36fa725bb66e39aa19a064341c2
3a3e55f1cb46671ac252c9a65cbf9ad90294a7c18d480e2fc646dafddd06b894
GET /wp-content/themes/mdr-emerald/lib/owl-carousel/owl.carousel.css?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 19:59:56 GMT
etag: W/"638e4dbc-fbc"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
server: cloudflare
cf-ray: 796da8e2af44b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
m.stripe.network/inner.html
151.101.0.176200 OK 527 B URL HTTP/2 m.stripe.network/inner.html
IP 151.101.0.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (930), with no line terminators
Hash e02352ef72e8a9563463c07174b0e50f
7a41613f7eae0819d1a4785eae3617fdbb33b9b3
2275fff71f8cbf1f25a1af7f7bbe5ecbc868ed0b16d345a8ce31770f66fc8ea5
GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Thu, 09 Feb 2023 15:32:50 GMT
via: 1.1 varnish
age: 264
x-request-id: c27b51a8-3974-42df-84a4-9dde176e78a6
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 150
x-timer: S1675956770.038567,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 527
X-Firefox-Spdy: h2
m.stripe.network/out-4.5.42.js
151.101.0.176200 OK 16 kB URL HTTP/2 m.stripe.network/out-4.5.42.js
IP 151.101.0.176:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 0b880c6e7a381ef1f81263cf34c54e79
af46e0111cb22576b07084f4b49be7b41b5fc3ca
115ea79f002c0c2e3405178f66ce92ecb5173e7678f692ab65d6bbf526880b7b
GET /out-4.5.42.js HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.stripe.network/inner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Thu, 09 Feb 2023 15:32:50 GMT
via: 1.1 varnish
age: 236
x-request-id: 3c3ab87f-6612-43ae-9216-00594e9a7e4c
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 131
x-timer: S1675956770.064559,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 16031
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b615892d69ce9f752dcca3508b3dcd31
a3c56f05c10e84577cbe9f76270da9152a0111dd
06c730945d4ad5c065b4b10f33deea59669a5651af737a94bb099ebd28b9a15c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2599
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 15:32:50 GMT
Last-Modified: Thu, 09 Feb 2023 14:49:31 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
m.stripe.com/6
54.68.161.103200 OK 156 B IP 54.68.161.103:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bf732cfaa1c149184e9761d8f8288973
16390f2e228ad5bb55ce05fe53e6f62248a368e1
16da434feb7ce9d236a8fea414d717f8d4bc4c5cdd2742238d0091e5fbf33840
POST /6 HTTP/1.1
Host: m.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2300
Origin: https://m.stripe.network
Connection: keep-alive
Referer: https://m.stripe.network/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 15:32:50 GMT
content-length: 156
set-cookie: m=126f50f6-7473-4493-b081-f10516651f11f5e008;Expires=Sat, 08-Feb-2025 15:32:50 GMT;Secure;HttpOnly; SameSite=None
x-content-type-options: nosniff
x-stripe-bg-intended-route-color: blue
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
X-Firefox-Spdy: h2
client-logger.salemove.com/
44.197.252.129204 No Content 0 B URL HTTP/1.1 client-logger.salemove.com/
IP 44.197.252.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: client-logger.salemove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rallycu.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://rallycu.com
Content-Length: 9239
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-expose-headers:
access-control-max-age: 7200
strict-transport-security: max-age=31536000
vary: Origin
x-envoy-upstream-service-time: 1
date: Thu, 09 Feb 2023 15:32:52 GMT
server: envoy
rallycu.com/wp-includes/js/jquery/ui/controlgroup.min.js?ver=1.13.2
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/jquery/ui/controlgroup.min.js?ver=1.13.2
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/jquery/ui/controlgroup.min.js?ver=1.13.2 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
etag: W/"632e0f32-1126"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e34844b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/jquery/ui/dialog.min.js?ver=1.13.2
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/jquery/ui/dialog.min.js?ver=1.13.2
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/jquery/ui/dialog.min.js?ver=1.13.2 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
etag: W/"632e0f32-329f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e36861b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.2
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.2
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.2 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
etag: W/"632e0f32-4794"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e34842b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.stripe.com/v3
54.230.111.108200 OK 0 B IP 54.230.111.108:0
GET /v3 HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Wed, 08 Feb 2023 19:42:05 GMT
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-encoding: br
date: Thu, 09 Feb 2023 15:32:26 GMT
cache-control: max-age=60
etag: W/"ef2dfb45a4703b191e939bfee2c103ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: a8uFsOUhLbEDvU9KYpt18POLcWW82t4hhEH_i3nKp7jFvZhilNTDGA==
age: 45
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/dom.min.js?ver=133a042fbbef48f38107
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/dom.min.js?ver=133a042fbbef48f38107
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/dom.min.js?ver=133a042fbbef48f38107 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
etag: W/"6329dfa1-331c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e2df9cb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/is-shallow-equal.min.js?ver=20c2b06ecf04afb14fee
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/is-shallow-equal.min.js?ver=20c2b06ecf04afb14fee
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/is-shallow-equal.min.js?ver=20c2b06ecf04afb14fee HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-449"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122351
server: cloudflare
cf-ray: 796da8e2efa5b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/date.min.js?ver=ce7daf24092d87ff18be
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/date.min.js?ver=ce7daf24092d87ff18be
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/date.min.js?ver=ce7daf24092d87ff18be HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 19 Oct 2022 11:30:32 GMT
etag: W/"634fdfd8-cee0e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e30fd3b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/compose.min.js?ver=37228270687b2a94e518
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/compose.min.js?ver=37228270687b2a94e518
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/compose.min.js?ver=37228270687b2a94e518 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 04 Oct 2022 15:55:23 GMT
etag: W/"633c576b-8f94"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
server: cloudflare
cf-ray: 796da8e2efaab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
etag: W/"5fb4e3fe-2bd8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e2cf76b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.2
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.2
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.2 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
etag: W/"632e0f32-4911"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e34841b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
etag: W/"632e0f32-27f6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
server: cloudflare
cf-ray: 796da8e2efa6b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/media-utils.min.js?ver=17f6455b0630582352a4
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/media-utils.min.js?ver=17f6455b0630582352a4
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/media-utils.min.js?ver=17f6455b0630582352a4 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
etag: W/"6329dfa1-1d2c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e31800b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
last-modified: Thu, 09 Feb 2023 12:46:50 GMT
etag: W/"63e4eb3a-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 796da8e33824b511-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 11 Feb 2023 15:32:47 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/reusable-blocks.min.js?ver=3fb4b31e589a583a362e
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/reusable-blocks.min.js?ver=3fb4b31e589a583a362e
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/reusable-blocks.min.js?ver=3fb4b31e589a583a362e HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
etag: W/"6329dfa1-166c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e32806b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/notices.min.js?ver=9c1575b7a31659f45a45
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/notices.min.js?ver=9c1575b7a31659f45a45
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/notices.min.js?ver=9c1575b7a31659f45a45 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
etag: W/"6329dfa1-979"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e31ff1b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-content/themes/mdr-emerald/js/jquery.waypoints.min.js?ver=6.1.1
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-content/themes/mdr-emerald/js/jquery.waypoints.min.js?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-content/themes/mdr-emerald/js/jquery.waypoints.min.js?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 19:59:56 GMT
etag: W/"638e4dbc-2281"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e33822b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-content/themes/mdr-emerald/style.css?ver=2.0.1
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-content/themes/mdr-emerald/style.css?ver=2.0.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-content/themes/mdr-emerald/style.css?ver=2.0.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 19:59:56 GMT
etag: W/"638e4dbc-927a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e29f35b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/element.min.js?ver=47162ff4492c7ec4956b
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/element.min.js?ver=47162ff4492c7ec4956b
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/element.min.js?ver=47162ff4492c7ec4956b HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
etag: W/"6329dfa1-2fd6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e2efa4b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css?ver=6.1.1
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css?ver=6.1.1
IP 104.18.10.207:0
GET /bootstrap/4.4.1/css/bootstrap.min.css?ver=6.1.1 HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"7cc40c199d128af6b01e74a28c5900b0"
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 11/11/2022 02:14:16
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1047
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 844c1966c64907be3bb82166423870b0
cdn-cache: HIT
cf-cache-status: HIT
age: 7410670
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 796da8e3f87cb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/block-serialization-default-parser.min.js?ver=eb2cdc8cd7a7975d49d9
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/block-serialization-default-parser.min.js?ver=eb2cdc8cd7a7975d49d9
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/block-serialization-default-parser.min.js?ver=eb2cdc8cd7a7975d49d9 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
etag: W/"6329dfa1-975"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e2cf84b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-1f2"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e30fceb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
etag: W/"632e0f32-53c0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e34836b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/primitives.min.js?ver=ae0bece54c0487c976b1
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/primitives.min.js?ver=ae0bece54c0487c976b1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/primitives.min.js?ver=ae0bece54c0487c976b1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
etag: W/"6329dfa1-968"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
server: cloudflare
cf-ray: 796da8e30fd5b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.13.0/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.13.0/css/all.css
IP 172.64.132.15:0
GET /releases/v5.13.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rallycu.com
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css
x-amz-id-2: vOaJbvnljvPjKl1Aj1xS4bgiXRbRdnteLBTg4Dvn6Ag5Db/KR6QxC9bxAoNQbsurzBuqBVxT75g=
x-amz-request-id: JMYR1TQB6GFBWH11
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:38:38 GMT
etag: W/"76cb46c10b6c0293433b371bae2414b2"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 17202
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqyBH69PrbK8SQsiskVGHh1t4Bc%2BsSvQEidj6jOYIwt2KktMbuPnGdPmibDdfHSZAvdz997JlPBPsDjYrnLVD3bYCnn%2BSsF%2FdbLIT%2BBUppDHluJOynoDEXCd0uoDXzTauvE%2FvzFL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796da8e4fe8e06d9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-content/plugins/wp-post-author/assets/css/react-date-range/default.css?ver=6.1.1
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-content/plugins/wp-post-author/assets/css/react-date-range/default.css?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-content/plugins/wp-post-author/assets/css/react-date-range/default.css?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 20:00:01 GMT
etag: W/"638e4dc1-2665"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e29f31b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/vendor/react.min.js?ver=17.0.1
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/vendor/react.min.js?ver=17.0.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/vendor/react.min.js?ver=17.0.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 12 Apr 2022 15:12:47 GMT
etag: W/"625596ef-2c3c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e2df95b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.13.0/css/v4-shims.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.13.0/css/v4-shims.css
IP 172.64.132.15:0
GET /releases/v5.13.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rallycu.com
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css
x-amz-id-2: zvWnFBQlVV95EbxCO3q740o1VsQQdYIjKhNeDn6qzccQgNN9OUGqk5xKOJd+ylyz4Y7HpF6WmZQ=
x-amz-request-id: JMYXFKYV4G3WMYY0
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:38:38 GMT
etag: W/"fb073a92592d70e5aa6e3cce1cf93a11"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 17202
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yfAO4huZvzdrZ9rpZubW7RKAb%2FWD51OCLj8l9cQv8mkb9FGV%2FmJYvWtxQPxArSlzxOxpNKtGxXDQ%2F%2BWvgOk5bg%2BWgX6RtQRGSVDw5KTpUd%2BS0UXFqlB3XhlVAlY1AmL3%2Ff0F8eY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796da8e4ee7d06d9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/style-engine.min.js?ver=10341d6e6decffab850e
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/style-engine.min.js?ver=10341d6e6decffab850e
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/style-engine.min.js?ver=10341d6e6decffab850e HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 04 Oct 2022 15:06:52 GMT
etag: W/"633c4c0c-14a5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e31ff3b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-content/plugins/wp-post-author/assets/dist/frontend.build.js?ver=6.1.1
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-content/plugins/wp-post-author/assets/dist/frontend.build.js?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-content/plugins/wp-post-author/assets/dist/frontend.build.js?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 20:00:04 GMT
etag: W/"638e4dc4-51bac"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e32813b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/server-side-render.min.js?ver=ba8027ee85d65ae23ec7
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/server-side-render.min.js?ver=ba8027ee85d65ae23ec7
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/server-side-render.min.js?ver=ba8027ee85d65ae23ec7 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
etag: W/"6329dfa1-df9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e32807b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-content/themes/mdr-emerald/css/animate.css?ver=6.1.1
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-content/themes/mdr-emerald/css/animate.css?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-content/themes/mdr-emerald/css/animate.css?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 19:59:56 GMT
etag: W/"638e4dbc-ce35"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e2af42b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-content/plugins/wp-post-author/assets/js/awpa-frontend-scripts.js?ver=6.1.1
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-content/plugins/wp-post-author/assets/js/awpa-frontend-scripts.js?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-content/plugins/wp-post-author/assets/js/awpa-frontend-scripts.js?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 20:00:01 GMT
etag: W/"638e4dc1-2d9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e2cf79b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.1.1
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-content/plugins/cookie-notice/css/front.min.css?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 27 Jan 2023 02:45:12 GMT
etag: W/"63d33ab8-14d6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
server: cloudflare
cf-ray: 796da8e2bf5eb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-content/plugins/awsm-team-pro/js/team.min.js?ver=1.10.2
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-content/plugins/awsm-team-pro/js/team.min.js?ver=1.10.2
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-content/plugins/awsm-team-pro/js/team.min.js?ver=1.10.2 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 20:00:12 GMT
etag: W/"638e4dcc-de40"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122351
server: cloudflare
cf-ray: 796da8e34834b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js?ver=6.1.1
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js?ver=6.1.1
IP 104.18.10.207:0
GET /bootstrap/4.4.1/js/bootstrap.min.js?ver=6.1.1 HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"61f338f870fcd0ff46362ef109d28533"
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 08/18/2022 19:50:46
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: f242ad709ec011a9d3ea214a585d834e
cdn-cache: HIT
cf-cache-status: HIT
age: 7408181
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 796da8e40883b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css?ver=6.1.1
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css?ver=6.1.1
IP 104.18.10.207:0
GET /font-awesome/4.6.1/css/font-awesome.min.css?ver=6.1.1 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"89916fa773ce96569604016ef25cab50"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 08/20/2022 04:26:30
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 863
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 656de820dc0eef756f64448f8715e42f
cdn-cache: HIT
cf-cache-status: HIT
age: 4193416
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 796da8e428acb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/wordcount.min.js?ver=feb9569307aec24292f2
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/wordcount.min.js?ver=feb9569307aec24292f2
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/wordcount.min.js?ver=feb9569307aec24292f2 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
etag: W/"6329dfa1-a44"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e31ff5b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/components.min.js?ver=4b876f1ff2e5c93b8fb1
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/components.min.js?ver=4b876f1ff2e5c93b8fb1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/components.min.js?ver=4b876f1ff2e5c93b8fb1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
etag: W/"636e62ad-9cb97"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e30fdcb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/editor.min.js?ver=c9102d37531f38da0681
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/editor.min.js?ver=c9102d37531f38da0681
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/editor.min.js?ver=c9102d37531f38da0681 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 19 Oct 2022 11:30:32 GMT
etag: W/"634fdfd8-23001"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e32808b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/priority-queue.min.js?ver=99e325da95c5a35c7dc2
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/priority-queue.min.js?ver=99e325da95c5a35c7dc2
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/priority-queue.min.js?ver=99e325da95c5a35c7dc2 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
etag: W/"6329dfa1-e30"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e2efa9b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/keycodes.min.js?ver=6e0aadc0106bd8aadc89
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/keycodes.min.js?ver=6e0aadc0106bd8aadc89
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/keycodes.min.js?ver=6e0aadc0106bd8aadc89 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
etag: W/"6329dfa1-1077"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e2efa8b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
libs.salemove.com/visitor-app.9eff7c18.min.js
54.230.111.104200 OK 0 B URL HTTP/2 libs.salemove.com/visitor-app.9eff7c18.min.js
IP 54.230.111.104:0
GET /visitor-app.9eff7c18.min.js HTTP/1.1
Host: libs.salemove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 07 Feb 2023 08:13:06 GMT
last-modified: Tue, 07 Feb 2023 06:59:15 GMT
etag: W/"2766a25c66d4a9f0cae524d7ce8dcc34"
x-amz-meta-s3cmd-attrs: md5:2766a25c66d4a9f0cae524d7ce8dcc34
cache-control: max-age=31536000
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p1mKwqFBNFDbc9YEWlK-cBE2DkmEY2XXZIR6G9ayQzMiv6vkT5wP1A==
age: 199184
X-Firefox-Spdy: h2
rallycu.com/wp-content/themes/mdr-emerald-child/js/child-theme.js?ver=2.0.1
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-content/themes/mdr-emerald-child/js/child-theme.js?ver=2.0.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-content/themes/mdr-emerald-child/js/child-theme.js?ver=2.0.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 24 Jan 2023 21:45:24 GMT
etag: W/"63d05174-1107"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e3381eb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-content/plugins/wp-timelines/css/font-awesome/css/font-awesome.min.css?ver=6.1.1
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-content/plugins/wp-timelines/css/font-awesome/css/font-awesome.min.css?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-content/plugins/wp-timelines/css/font-awesome/css/font-awesome.min.css?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 19:59:59 GMT
etag: W/"638e4dbf-791c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e29f28b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/vendor/moment.min.js?ver=2.29.4
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/vendor/moment.min.js?ver=2.29.4
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/vendor/moment.min.js?ver=2.29.4 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 06 Oct 2022 18:57:22 GMT
etag: W/"633f2512-e249"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: MISS
server: cloudflare
cf-ray: 796da8e30fd1b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 12 Apr 2022 15:12:47 GMT
etag: W/"625596ef-1ce9e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122351
server: cloudflare
cf-ray: 796da8e2ef9db511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/escape-html.min.js?ver=03e27a7b6ae14f7afaa6
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/escape-html.min.js?ver=03e27a7b6ae14f7afaa6
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/escape-html.min.js?ver=03e27a7b6ae14f7afaa6 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-473"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e2ef9eb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/warning.min.js?ver=4acee5fc2fd9a24cefc2
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/warning.min.js?ver=4acee5fc2fd9a24cefc2
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/warning.min.js?ver=4acee5fc2fd9a24cefc2 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-188"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e30fdab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.2
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.2
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.2 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
etag: W/"632e0f32-d4a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e34837b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-content/themes/mdr-emerald/lib/owl-carousel/owl.theme.css?ver=6.1.1
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-content/themes/mdr-emerald/lib/owl-carousel/owl.theme.css?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-content/themes/mdr-emerald/lib/owl-carousel/owl.theme.css?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 19:59:56 GMT
etag: W/"638e4dbc-681"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e2af46b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-115ba"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122351
server: cloudflare
cf-ray: 796da8e2cf7bb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-9cc"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122351
server: cloudflare
cf-ray: 796da8e30fcfb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/block-editor.min.js?ver=0c7c9b9a74ceb717d6eb
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/block-editor.min.js?ver=0c7c9b9a74ceb717d6eb
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/block-editor.min.js?ver=0c7c9b9a74ceb717d6eb HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
etag: W/"636e62ad-8c126"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122351
server: cloudflare
cf-ray: 796da8e31ff9b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-content/themes/mdr-emerald-child/slick/slick.min.js?ver=6.1.1
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-content/themes/mdr-emerald-child/slick/slick.min.js?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-content/themes/mdr-emerald-child/slick/slick.min.js?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 06 Dec 2022 22:49:50 GMT
etag: W/"638fc70e-a76f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e3281ab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
216.58.211.14200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 216.58.211.14:0
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Feb 2023 15:32:47 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+645; expires=Sat, 08-Feb-2025 15:32:47 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
etag: W/"6329dfa1-459f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e2cf80b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/html-entities.min.js?ver=36a4a255da7dd2e1bf8e
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/html-entities.min.js?ver=36a4a255da7dd2e1bf8e
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/html-entities.min.js?ver=36a4a255da7dd2e1bf8e HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-345"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e30fcab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/url.min.js?ver=bb0ef862199bcae73aa7
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/url.min.js?ver=bb0ef862199bcae73aa7
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/url.min.js?ver=bb0ef862199bcae73aa7 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 19 Oct 2022 11:30:32 GMT
etag: W/"634fdfd8-23bb"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e30fdfb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/deprecated.min.js?ver=6c963cb9494ba26b77eb
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/deprecated.min.js?ver=6c963cb9494ba26b77eb
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/deprecated.min.js?ver=6c963cb9494ba26b77eb HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-32c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e2df9ab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/redux-routine.min.js?ver=c9ea6c0df793258797e6
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/redux-routine.min.js?ver=c9ea6c0df793258797e6
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/redux-routine.min.js?ver=c9ea6c0df793258797e6 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
etag: W/"6329dfa1-241a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e2efacb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/shortcode.min.js?ver=7539044b04e6bca57f2e
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/shortcode.min.js?ver=7539044b04e6bca57f2e
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/shortcode.min.js?ver=7539044b04e6bca57f2e HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
etag: W/"6329dfa1-cd1"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e30fcbb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/preferences-persistence.min.js?ver=c5543628aa7ff5bd5be4
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/preferences-persistence.min.js?ver=c5543628aa7ff5bd5be4
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/preferences-persistence.min.js?ver=c5543628aa7ff5bd5be4 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 15 Sep 2022 16:45:40 GMT
etag: W/"632356b4-1a3a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e31801b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/covidresponse/
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/covidresponse/
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
NIDS Severity Alert suricata medium ET HUNTING Suspicious GET Request with Possible COVID-19 URI M1
GET /covidresponse/ HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-powered-by: WP Engine
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
link: <https://rallycu.com/wp-json/>; rel="https://api.w.org/", <https://rallycu.com/wp-json/wp/v2/pages/11199>; rel="alternate"; type="application/json", <https://rallycu.com/?p=11199>; rel=shortlink
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 8
x-cache-group: normal
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 796da8e0bc8fb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/css/classic-themes.min.css?ver=1
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/css/classic-themes.min.css?ver=1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
etag: W/"6357e86c-d9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e29f26b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-content/themes/mdr-emerald-child/style.css?ver=6.1.1
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-content/themes/mdr-emerald-child/style.css?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-content/themes/mdr-emerald-child/style.css?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 07 Feb 2023 21:37:25 GMT
etag: W/"63e2c495-f023"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e2bf4eb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
etag: W/"632879b8-15e54"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e2cf70b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Barlow%3Aital%2Cwght%400%2C100%3B0%2C200%3B0%2C300%3B0%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B0%2C800%3B0%2C900%3B1%2C100%3B1%2C400%3B1%2C500%3B1%2C700&display=swap&ver=6.1.1
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Barlow%3Aital%2Cwght%400%2C100%3B0%2C200%3B0%2C300%3B0%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B0%2C800%3B0%2C900%3B1%2C100%3B1%2C400%3B1%2C500%3B1%2C700&display=swap&ver=6.1.1
IP 142.250.74.74:0
GET /css2?family=Barlow%3Aital%2Cwght%400%2C100%3B0%2C200%3B0%2C300%3B0%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B0%2C800%3B0%2C900%3B1%2C100%3B1%2C400%3B1%2C500%3B1%2C700&display=swap&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 09 Feb 2023 15:32:47 GMT
date: Thu, 09 Feb 2023 15:32:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rallycu.com/wp-content/plugins/wp-post-author/assets/fontawesome/css/all.css?ver=6.1.1
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-content/plugins/wp-post-author/assets/fontawesome/css/all.css?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-content/plugins/wp-post-author/assets/fontawesome/css/all.css?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 20:00:01 GMT
etag: W/"638e4dc1-d122"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e28f20b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-132e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e2df97b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/blob.min.js?ver=a078f260190acf405764
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/blob.min.js?ver=a078f260190acf405764
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/blob.min.js?ver=a078f260190acf405764 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-3b8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e2cf82b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/data.min.js?ver=d8cf5b24f99c64ae47d6
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/data.min.js?ver=d8cf5b24f99c64ae47d6
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/data.min.js?ver=d8cf5b24f99c64ae47d6 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
etag: W/"632e0f32-663e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122351
server: cloudflare
cf-ray: 796da8e30fc9b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/blocks.min.js?ver=69022aed79bfd45b3b1d
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/blocks.min.js?ver=69022aed79bfd45b3b1d
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/blocks.min.js?ver=69022aed79bfd45b3b1d HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 19 Oct 2022 11:30:32 GMT
etag: W/"634fdfd8-2913f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
server: cloudflare
cf-ray: 796da8e30fcdb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-content/plugins/wp-post-author/assets/css/react-date-range/styles.css?ver=6.1.1
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-content/plugins/wp-post-author/assets/css/react-date-range/styles.css?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-content/plugins/wp-post-author/assets/css/react-date-range/styles.css?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 20:00:01 GMT
etag: W/"638e4dc1-cb8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e29f2fb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-content/plugins/bwl-advanced-faq-manager-lite/assets/styles/frontend.css?ver=1.0.6
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-content/plugins/bwl-advanced-faq-manager-lite/assets/styles/frontend.css?ver=1.0.6
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-content/plugins/bwl-advanced-faq-manager-lite/assets/styles/frontend.css?ver=1.0.6 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 27 Jan 2023 02:30:31 GMT
etag: W/"63d33747-2f23"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e2bf50b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-includes/js/dist/autop.min.js?ver=43197d709df445ccf849
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-includes/js/dist/autop.min.js?ver=43197d709df445ccf849
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-includes/js/dist/autop.min.js?ver=43197d709df445ccf849 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-166a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122351
server: cloudflare
cf-ray: 796da8e2cf81b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rallycu.com/wp-content/themes/mdr-emerald/css/overrides.css?ver=6.1.1
141.193.213.20200 OK 0 B URL HTTP/2 rallycu.com/wp-content/themes/mdr-emerald/css/overrides.css?ver=6.1.1
IP 141.193.213.20:0
ASN #209242 Cloudflare London, LLC
GET /wp-content/themes/mdr-emerald/css/overrides.css?ver=6.1.1 HTTP/1.1
Host: rallycu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/covidresponse/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 15:32:47 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 19:59:56 GMT
etag: W/"638e4dbc-6ba8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 122352
server: cloudflare
cf-ray: 796da8e2bf4db511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
libs.salemove.com/visitor-app.9eff7c18.default.css
54.230.111.104200 OK 0 B URL HTTP/2 libs.salemove.com/visitor-app.9eff7c18.default.css
IP 54.230.111.104:0
GET /visitor-app.9eff7c18.default.css HTTP/1.1
Host: libs.salemove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rallycu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Tue, 07 Feb 2023 08:13:06 GMT
last-modified: Tue, 07 Feb 2023 06:59:16 GMT
etag: W/"e3c368308d2549c22efd3b5cf7add0ae"
x-amz-meta-s3cmd-attrs: md5:e3c368308d2549c22efd3b5cf7add0ae
cache-control: max-age=31536000
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8NSWc4KXI9JAgWrXgzD3MM6iwryBS6s4tBtixdXp9GopHJ7O9CKkzQ==
age: 199184
X-Firefox-Spdy: h2