Overview

URL link.1kday.com/r/1/eyJsaW5rX2lkIjoiNjJJM211NWloalZXeHhucUFQbFoiLCJjb250YWN0X2lkIjoiNmxsQ1cxRDJDcWl6ek9QZ2ZnZVQiLCJtZXNzYWdlVHlwZSI6InNtcyIsIm1lc3NhZ2VJZCI6Ikp0eEc0UEQ4MkxIN05YYkFLTTkwIiwid29ya2Zsb3dfc3RhdHVzX2lkIjoiZWFlZDMzNGItMGIzMC00OWUwLTllOTEtZDEyYmFkMzdjOTVmIn0=
IP34.70.111.192
ASNGOOGLE
Location United States
Report completed2022-10-03 17:17:32 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-03 2 link.1kday.com/r/1/eyJsaW5rX2lkIjoiNjJJM211NWloalZXeHhucUFQbFoiLCJjb250YWN0 (...) Phishing
2022-10-03 2 link.1kday.com/r/1/eyJsaW5rX2lkIjoiNjJJM211NWloalZXeHhucUFQbFoiLCJjb250YWN0 (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (27)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS renderer-assets.typeform.com (7) 46243 2020-10-28 09:45:33 UTC 2022-10-03 08:18:09 UTC 143.204.55.76
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-03 14:54:54 UTC 143.204.55.115
mnemonic passive DNS go.1kday.com (1) 0 2022-04-12 20:52:48 UTC 2022-10-03 15:35:06 UTC 34.68.234.4 Unknown ranking
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-03 14:22:39 UTC 142.250.74.10
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-03 13:17:20 UTC 93.184.220.29
mnemonic passive DNS services.msgsndr.com (3) 90440 2020-05-21 19:41:22 UTC 2022-10-03 13:19:16 UTC 34.98.115.9
mnemonic passive DNS form.typeform.com (1) 72651 2020-06-16 11:44:05 UTC 2022-10-03 09:01:53 UTC 104.18.41.163
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.39
mnemonic passive DNS rudderstack.cdp.prod.data.typeform.com (4) 78304 2022-02-16 08:13:15 UTC 2022-10-03 08:18:17 UTC 3.213.216.220
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-03 09:28:24 UTC 44.228.207.167
mnemonic passive DNS stcdn.leadconnectorhq.com (14) 0 2022-07-18 20:27:12 UTC 2022-10-03 07:25:00 UTC 35.244.153.18 Domain (leadconnectorhq.com) ranked at: 85002
mnemonic passive DNS 1kday.com (1) 0 2017-05-09 20:45:32 UTC 2022-10-02 13:50:49 UTC 104.21.68.48 Unknown ranking
mnemonic passive DNS fresnel.vimeocdn.com (1) 3128 2014-12-13 09:04:00 UTC 2022-10-03 05:26:04 UTC 34.120.202.204
mnemonic passive DNS rudderstack-control-plane.cdp.prod.data.typeform.com (2) 84166 2022-02-15 17:37:23 UTC 2022-10-03 08:18:12 UTC 18.209.217.52
mnemonic passive DNS ocsp.pki.goog (20) 175 2017-06-14 07:23:31 UTC 2022-10-03 07:14:52 UTC 142.250.74.3
mnemonic passive DNS assets.cdn.msgsndr.com (2) 248076 2021-11-30 07:47:05 UTC 2022-10-02 19:25:08 UTC 35.244.153.18
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-03 08:07:24 UTC 143.204.55.49
mnemonic passive DNS use.fontawesome.com (3) 942 2017-01-30 04:43:25 UTC 2022-10-03 09:29:26 UTC 172.64.133.15
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-10-03 07:33:36 UTC 23.36.77.32
mnemonic passive DNS fonts.gstatic.com (4) 0 2014-08-29 13:43:22 UTC 2022-10-03 14:22:41 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS cdn.rudderlabs.com (1) 19160 2020-11-19 22:24:42 UTC 2022-10-03 07:28:48 UTC 54.230.111.127
mnemonic passive DNS f.vimeocdn.com (3) 3234 2014-04-09 18:24:34 UTC 2022-10-03 05:22:35 UTC 151.101.86.109
mnemonic passive DNS i.vimeocdn.com (2) 3126 2014-03-27 22:24:57 UTC 2022-10-03 05:22:35 UTC 151.101.86.109
mnemonic passive DNS link.1kday.com (2) 0 2021-07-21 22:10:31 UTC 2022-10-03 15:34:59 UTC 34.70.111.192 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-03 09:28:24 UTC 34.117.237.239
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-03 14:02:45 UTC 34.120.237.76
mnemonic passive DNS embed.typeform.com (2) 30985 2019-06-21 14:28:23 UTC 2022-10-03 07:23:50 UTC 54.230.111.51


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 34.70.111.192

Date UQ / IDS / BL URL IP
2022-12-05 19:16:23 +0000
0 - 0 - 2 link.1kday.com/r/1/eyJsaW5rX2lkIjoiNjJJM211NW (...) 34.70.111.192
2022-12-03 10:17:26 +0000
1 - 0 - 0 link.klinks.in/r/1/eyJsaW5rX2lkIjoibTRBT2VHU3 (...) 34.70.111.192
2022-12-01 21:15:49 +0000
0 - 0 - 3 link.1kday.com/l/H0w5POsCs 34.70.111.192
2022-11-21 21:21:07 +0000
0 - 0 - 2 link.leadific.io/r/1/eyJsaW5rX2lkIjoiWU9WczNq (...) 34.70.111.192
2022-11-16 13:24:39 +0000
0 - 0 - 3 link.thirdentry.com/l/CKK7PKTZEh 34.70.111.192

Last 5 reports on ASN: GOOGLE

Date UQ / IDS / BL URL IP
2022-12-09 05:39:00 +0000
0 - 0 - 4 ow5dirasuek.com/255/790.html 35.205.61.67
2022-12-09 05:38:51 +0000
0 - 0 - 1 nnsclub.blogspot.ru/2012/06/kuchiyose-sanju-r (...) 172.217.21.161
2022-12-09 05:38:17 +0000
0 - 0 - 3 akirayannes.blogspot.ca/search/label/Two 172.217.21.161
2022-12-09 05:34:51 +0000
0 - 0 - 3 49celcius.blogspot.de/search/label/Cindy 142.250.74.33
2022-12-09 05:27:03 +0000
0 - 0 - 1 barthsdoggypottypads.com/ 34.98.99.30

Last 5 reports on domain: 1kday.com

Date UQ / IDS / BL URL IP
2022-12-05 19:16:23 +0000
0 - 0 - 2 link.1kday.com/r/1/eyJsaW5rX2lkIjoiNjJJM211NW (...) 34.70.111.192
2022-12-01 21:15:49 +0000
0 - 0 - 3 link.1kday.com/l/H0w5POsCs 34.70.111.192
2022-10-21 15:13:23 +0000
0 - 0 - 2 link.1kday.com/r/1/eyJsaW5rX2lkIjoiV3I5U1pPbE (...) 34.70.111.192
2022-10-20 19:15:36 +0000
0 - 0 - 2 link.1kday.com/r/1/eyJsaW5rX2lkIjoiNjJJM211NW (...) 34.70.111.192
2022-10-05 20:45:25 +0000
0 - 0 - 3 link.1kday.com/l/1HJGa9YIX 34.70.111.192

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-05 19:16:23 +0000
0 - 0 - 2 link.1kday.com/r/1/eyJsaW5rX2lkIjoiNjJJM211NW (...) 34.70.111.192
2022-12-01 21:15:49 +0000
0 - 0 - 3 link.1kday.com/l/H0w5POsCs 34.70.111.192
2022-10-20 19:15:36 +0000
0 - 0 - 2 link.1kday.com/r/1/eyJsaW5rX2lkIjoiNjJJM211NW (...) 34.70.111.192
2022-10-05 20:45:19 +0000
0 - 0 - 3 link.1kday.com/l/ToNAZuIPM5 34.70.111.192
2022-10-04 09:21:16 +0000
0 - 0 - 3 link.1kday.com/l/5M7harrFYl 34.70.111.192


JavaScript

Executed Scripts (30)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (92)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 17:16:55 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: e06ru_dc_jUk0bPVIZu_97DnF16k0e28dSFdho7FJl6NjuHRt9hX6w==
Age: 26


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /r/1/eyJsaW5rX2lkIjoiNjJJM211NWloalZXeHhucUFQbFoiLCJjb250YWN0X2lkIjoiNmxsQ1cxRDJDcWl6ek9QZ2ZnZVQiLCJtZXNzYWdlVHlwZSI6InNtcyIsIm1lc3NhZ2VJZCI6Ikp0eEc0UEQ4MkxIN05YYkFLTTkwIiwid29ya2Zsb3dfc3RhdHVzX2lkIjoiZWFlZDMzNGItMGIzMC00OWUwLTllOTEtZDEyYmFkMzdjOTVmIn0= HTTP/1.1 
Host: link.1kday.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         34.70.111.192
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: openresty
Date: Mon, 03 Oct 2022 17:17:21 GMT
Content-Length: 166
Connection: keep-alive
Location: https://link.1kday.com/r/1/eyJsaW5rX2lkIjoiNjJJM211NWloalZXeHhucUFQbFoiLCJjb250YWN0X2lkIjoiNmxsQ1cxRDJDcWl6ek9QZ2ZnZVQiLCJtZXNzYWdlVHlwZSI6InNtcyIsIm1lc3NhZ2VJZCI6Ikp0eEc0UEQ4MkxIN05YYkFLTTkwIiwid29ya2Zsb3dfc3RhdHVzX2lkIjoiZWFlZDMzNGItMGIzMC00OWUwLTllOTEtZDEyYmFkMzdjOTVmIn0=


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   166
Md5:    3ea1c8d079b38532a6e01a96216ba5e2
Sha1:   598d3ff91d3e252f1e13df8cf0348b270ff2da3f
Sha256: 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7869
Expires: Mon, 03 Oct 2022 19:28:30 GMT
Date: Mon, 03 Oct 2022 17:17:21 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hpZ93erarhENLtkPmYyfgR1b-UCl-m8Ys2MwPMpH0If2GQMouVY53w==
age: 42534
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 03 Oct 2022 17:17:22 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 03 Oct 2022 16:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 03 Oct 2022 16:58:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: deSKX2k0toyPMPCGTOfkYOox-w4sG9Qc886R0j70KM8feNiUvIKzcw==
Age: 2869


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4189
Cache-Control: 'max-age=158059'
Date: Mon, 03 Oct 2022 17:17:22 GMT
Last-Modified: Mon, 03 Oct 2022 16:07:34 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: E//5acYF7dpUq8Rg3W/fUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         44.228.207.167
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LgE+/v632vdNtBdZzdi/Dqwgqhg=

                                        
                                            GET /r/1/eyJsaW5rX2lkIjoiNjJJM211NWloalZXeHhucUFQbFoiLCJjb250YWN0X2lkIjoiNmxsQ1cxRDJDcWl6ek9QZ2ZnZVQiLCJtZXNzYWdlVHlwZSI6InNtcyIsIm1lc3NhZ2VJZCI6Ikp0eEc0UEQ4MkxIN05YYkFLTTkwIiwid29ya2Zsb3dfc3RhdHVzX2lkIjoiZWFlZDMzNGItMGIzMC00OWUwLTllOTEtZDEyYmFkMzdjOTVmIn0= HTTP/1.1 
Host: link.1kday.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         34.70.111.192
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
server: openresty
date: Mon, 03 Oct 2022 17:17:23 GMT
content-length: 294
location: https://go.1kday.com/1-landing-page-2813?sessionId=fce827a0-06a2-4e9f-9760-0e7880960785&trigger_link=62I3mu5ihjVWxxnqAPlZ
x-powered-by: Express
access-control-allow-origin: *
vary: Accept
x-cloud-trace-context: b09cf1644dd970cc4e44bfa578aac0bd
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with no line terminators
Size:   294
Md5:    345aae164b43fe63b1619d01291672a2
Sha1:   6e6daa3fa6f06ba26db7d1d27b24bd1527f79679
Sha256: 9c4200c840e6abeba217f801019f5a40b45f9fec509e2aedf046572fd56e9a79

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /1-landing-page-2813?sessionId=fce827a0-06a2-4e9f-9760-0e7880960785&trigger_link=62I3mu5ihjVWxxnqAPlZ HTTP/1.1 
Host: go.1kday.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         34.68.234.4
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: openresty
date: Mon, 03 Oct 2022 17:17:23 GMT
content-length: 23774
x-powered-by: Express
content-encoding: gzip
cache-control: public, max-age=60, s-maxage=120
etag: W/"5cde-9efhLJaPYZTe5Akf9gS6SOMHANU"
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14053)
Size:   23774
Md5:    c355353d3162911f0a4091f8d64dadb2
Sha1:   f5e7e12c968f6194dee4091ff604ba48e30700d5
Sha256: a0ee5d0fe47aa9289dbfac4398319808b743224d2468c12ae18b85728b2002cf
                                        
                                            POST /s/gts1d4/SLmdkGPlh-s HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:17:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1d4/SLmdkGPlh-s HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:17:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1d4/SLmdkGPlh-s HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:17:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1d4/SLmdkGPlh-s HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:17:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /_preview/calendar.d9f2ca87.css HTTP/1.1 
Host: stcdn.leadconnectorhq.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.244.153.18
HTTP/2 200 OK
content-type: text/css
                                        
x-guploader-uploadid: ADPycdsfAWgcFfulz7nE-wWuaCePgcOgg2JJYEeERapvpr7LYKl8dsbAJPjLF03wz54XymcJ1HcQbKwsQcLHiNWcZk05pw
x-goog-generation: 1662737216324866
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 279
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=Sb4yNw==, md5=/+LxJoNZZFtRURjKo7833A==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 279
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
server: UploadServer
date: Sun, 11 Sep 2022 07:18:42 GMT
expires: Mon, 11 Sep 2023 07:18:42 GMT
cache-control: public, no-transform, immutable, max-age=31536000
last-modified: Fri, 09 Sep 2022 15:26:56 GMT
etag: "ffe2f1268359645b515118caa3bf37dc"
age: 1936721
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (775)
Size:   279
Md5:    ffe2f1268359645b515118caa3bf37dc
Sha1:   bf9201c1afc95b39a53e98b677975fea5da5de62
Sha256: 8c7c5e0999e89fb6d794bdcb3d69e40462c8cfa31f4cf08488258b6b7f00d3d2
                                        
                                            GET /_preview/default.f5865b9f.css HTTP/1.1 
Host: stcdn.leadconnectorhq.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.244.153.18
HTTP/2 200 OK
content-type: text/css
                                        
x-guploader-uploadid: ADPycdtp3_3i16ARIixeiWUSYl4Lu6Ofozqmh8W3Ig86jgt66Eyab4QDM9WGIB6t9NnLONHJhz_ee8nPsRTtiJDhzqe58HeoxD8d
x-goog-generation: 1662737208175326
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 281
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=13+VkA==, md5=iBu2HiedSfUHnh88yDjpzA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 281
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
server: UploadServer
date: Sun, 11 Sep 2022 07:18:42 GMT
expires: Mon, 11 Sep 2023 07:18:42 GMT
cache-control: public, no-transform, immutable, max-age=31536000
last-modified: Fri, 09 Sep 2022 15:26:48 GMT
etag: "881bb61e279d49f5079e1f3cc838e9cc"
age: 1936721
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (443)
Size:   281
Md5:    881bb61e279d49f5079e1f3cc838e9cc
Sha1:   34a3ef29c59c581ee9aa01b57b5389e615b5225e
Sha256: a09c4df0619865adfe5fe92f91f190ed54f5807136cdea883098201e30540bed
                                        
                                            GET /_preview/entry.23c14065.css HTTP/1.1 
Host: stcdn.leadconnectorhq.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.244.153.18
HTTP/2 200 OK
content-type: text/css
                                        
x-guploader-uploadid: ADPycdvM3vA2Z532jiylQlyc2Haqdeuo9yhea200A2XL0gpWYgxy_6CdE0kAwhgj1p6QtVxNlc3Gyj-9TeeqXWtqo8XnHV8K9ZIT
x-goog-generation: 1664355179097705
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 26544
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=kWxAIg==, md5=7G/WLKLDRsp2JQyie6wKEg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 26544
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
server: UploadServer
date: Wed, 28 Sep 2022 08:56:31 GMT
expires: Thu, 28 Sep 2023 08:56:31 GMT
cache-control: public, no-transform, immutable, max-age=31536000
age: 462052
last-modified: Wed, 28 Sep 2022 08:52:59 GMT
etag: "ec6fd62ca2c346ca76250ca27bac0a12"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   26544
Md5:    ec6fd62ca2c346ca76250ca27bac0a12
Sha1:   74b4aee1e1380794654b039cd66a70334d927f32
Sha256: ea1ab3d44e3a92afb2e72526976a64f83a1dcad086f656559502e0a30bfeee42
                                        
                                            GET /_preview/form.d931b5a1.css HTTP/1.1 
Host: stcdn.leadconnectorhq.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.244.153.18
HTTP/2 200 OK
content-type: text/css
                                        
x-guploader-uploadid: ADPycdsOcJ15wi0EH2JTX6SF_LPaO2AZj6nMP88d6cN8zXP_ES7x8Bdp09a-5Tj9ZHJLQewBPdYr60ny7EPLKlxinkvPQF850UDY
x-goog-generation: 1662737215161705
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 94
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=xrIpzg==, md5=BCn/vASMP45myy1egKWi1w==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 94
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
server: UploadServer
date: Sun, 11 Sep 2022 07:18:42 GMT
expires: Mon, 11 Sep 2023 07:18:42 GMT
cache-control: public, no-transform, immutable, max-age=31536000
last-modified: Fri, 09 Sep 2022 15:26:55 GMT
etag: "0429ffbc048c3f8e66cb2d5e80a5a2d7"
age: 1936721
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   94
Md5:    0429ffbc048c3f8e66cb2d5e80a5a2d7
Sha1:   dd180f49896f991625660db10652f7d382630bf4
Sha256: 95b10e90f827636ab0dabdbc7b69214c66bc0ee1fa2d17a97314b40557afaa20
                                        
                                            GET /_preview/default-16558a3b.mjs HTTP/1.1 
Host: stcdn.leadconnectorhq.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.244.153.18
HTTP/2 200 OK
content-type: application/javascript
                                        
x-guploader-uploadid: ADPycdvST4wcv7KijzrM_sfRuCOrAIT7TZqjUnHQvKeKE-LyD8Ip3FlltyomxK14P80BzZcv9XBNoc-HQRFBq_7YfgX7hwV3cn7g
x-goog-generation: 1664355180342391
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 512
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=K6BZAw==, md5=h+qi6SIGFaYlGOaStxSLvg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 512
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Wed, 28 Sep 2022 09:23:16 GMT
expires: Thu, 28 Sep 2023 09:23:16 GMT
cache-control: public, no-transform, immutable, max-age=31536000
last-modified: Wed, 28 Sep 2022 08:53:00 GMT
etag: "87eaa2e9220615a62518e692b7148bbe"
age: 460447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Java source, ASCII text, with very long lines (838)
Size:   512
Md5:    87eaa2e9220615a62518e692b7148bbe
Sha1:   21ec1f9071b3bf76d97fabb171a1a9a79199c97b
Sha256: 82f25561aa8569ad88ab73a95ad3ca67c221bb8668e8d8b7a1bd4d86134f7d9b
                                        
                                            GET /_preview/index-3584372b.mjs HTTP/1.1 
Host: stcdn.leadconnectorhq.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.244.153.18
HTTP/2 200 OK
content-type: application/javascript
                                        
x-guploader-uploadid: ADPycds5Su_T1WCZ6sotJCo_ArAipVO37KhWI2IikbHz8D2stmZk_Jc2NMmMcvkV3ngE8oOhE5uGgzGLgG3O6_s6AvPd
x-goog-generation: 1664355187722606
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 57260
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=U1gEUA==, md5=JrBKEJeC/Esj6H/vm7tYgQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 57260
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
server: UploadServer
date: Wed, 28 Sep 2022 09:22:30 GMT
expires: Thu, 28 Sep 2023 09:22:30 GMT
cache-control: public, no-transform, immutable, max-age=31536000
age: 460493
last-modified: Wed, 28 Sep 2022 08:53:07 GMT
etag: "26b04a109782fc4b23e87fef9bbb5881"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (41755)
Size:   57260
Md5:    26b04a109782fc4b23e87fef9bbb5881
Sha1:   833188a60ba7a1d553e0192d1b479ec38f77519f
Sha256: a7bccf2e6afb2ef6987ccf6110a9dae2e5e4b2d18fcd684956faf632500c5d79
                                        
                                            GET /_preview/index-0750bd6a.mjs HTTP/1.1 
Host: stcdn.leadconnectorhq.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://stcdn.leadconnectorhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.244.153.18
HTTP/2 200 OK
content-type: application/javascript
                                        
x-guploader-uploadid: ADPycdtUlwOzLNwAJS9nYL6qjZIWYSaQpgHlWGuPn744lN95_MA7HEQCz1KmBoBevtBj-5w_IFqyyL9L88OtUX1_G-1oww
x-goog-generation: 1664355188972023
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 327
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=+K0ubg==, md5=B/yUA5DjKtplgPf6gifCww==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 327
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Wed, 28 Sep 2022 09:03:23 GMT
expires: Thu, 28 Sep 2023 09:03:23 GMT
cache-control: public, no-transform, immutable, max-age=31536000
age: 461640
last-modified: Wed, 28 Sep 2022 08:53:09 GMT
etag: "07fc940390e32ada6580f7fa8227c2c3"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Java source, ASCII text, with very long lines (489)
Size:   327
Md5:    07fc940390e32ada6580f7fa8227c2c3
Sha1:   6aa59998e3c94d4928a750ffb21a8ef51abfaeac
Sha256: 7bfda26e0c23e229dd028941952c39a66846ccc2ee7de7fe5e39db13ec324214
                                        
                                            POST /s/gts1d4/SLmdkGPlh-s HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:17:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1d4/XD8U8fpFv8M HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:17:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /muBKRmyiIz7rQZKHHloS/media/38fb046c-4a4f-4c50-966d-8da0d831b12b.gif HTTP/1.1 
Host: assets.cdn.msgsndr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.244.153.18
HTTP/2 200 OK
content-type: image/gif
                                        
x-guploader-uploadid: ADPycdtXzZzRUBEfa-eTbyJHUsszCoFGXk15t_P9ekvqRf_qdYeXtKlUuL_98oC98nn1N8hoIAj90-oYWV1Noo7bz-i7
x-goog-generation: 1649454180638844
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 14050
x-goog-meta-custom: metadata
x-goog-hash: crc32c=gDnKqQ==, md5=FgkHAsBNsttiEOMeqVbJqw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 14050
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
server: UploadServer
date: Sun, 02 Oct 2022 13:50:37 GMT
cache-control: public,max-age=31622400
last-modified: Fri, 08 Apr 2022 21:43:00 GMT
etag: "16090702c04db2db6210e31ea956c9ab"
age: 98807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 850 x 49\012- data
Size:   14050
Md5:    16090702c04db2db6210e31ea956c9ab
Sha1:   d432e8702bb72fb4ae7ac0bad0d094151d3b1b0a
Sha256: 3c82987bb6b7f8c9d0c8c6b659b248b607ff7b996ef0fb58c389c5c0dab15d8b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:17:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /_preview/index-3747b7dc.mjs HTTP/1.1 
Host: stcdn.leadconnectorhq.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://stcdn.leadconnectorhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.244.153.18
HTTP/2 200 OK
content-type: application/javascript
                                        
x-guploader-uploadid: ADPycdskcWQKm0r42motWChuTPaP1mG7WJicPxTnCGcofum1Oq8asZlMEXq1hYtwez5JEQQyNNNN7e_BEOEIDn9ja1qu
x-goog-generation: 1664355185956065
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 14069
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=V0LDyw==, md5=LQv6yVPIae8yfaHIQ0dGiA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 14069
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Wed, 28 Sep 2022 09:03:23 GMT
expires: Thu, 28 Sep 2023 09:03:23 GMT
cache-control: public, no-transform, immutable, max-age=31536000
age: 461641
last-modified: Wed, 28 Sep 2022 08:53:05 GMT
etag: "2d0bfac953c869ef327da1c843474688"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (43194)
Size:   14069
Md5:    2d0bfac953c869ef327da1c843474688
Sha1:   2e3485f791fa6fdf6011999a5ef296f40e840248
Sha256: 8e536e5f3035fd8f7f5667c1f61f0f659139f56dbf92cc7bd53384ff3b2ab1b6
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:17:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /releases/v5.15.4/css/regular.css HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.133.15
HTTP/2 200 OK
content-type: text/css
                                        
date: Mon, 03 Oct 2022 17:17:23 GMT
x-amz-id-2: 7QHwgDPdawJJ6qkB0unQ/zQe+xJspgRcYT+DXAOd3UAnLk7ITBI5cdoPIxTBJX4dc2biwUeSrjc=
x-amz-request-id: HHYXGHX4M304WSGJ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"49c10bd7921f287bbd5b1180cb008e10"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2527405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7cpIbbOpA7bEgnIcy8DxNoyqkjU4peQS%2B4so4rQBLNee2ZfHzebHHdLVnvKn7DCx837VrBGDJFHR5HTvspwk04wmnFvvPVAs0Lue2NaI%2F0xbsNvhcJWIR%2Fm8KOsW1%2By5GgXaoUE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754754c01dbe73ef-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (491)
Size:   12496
Md5:    8382f97d81acee8e0c352d2208c34563
Sha1:   15b4e8d34125767182e8a457f04c1db70403e152
Sha256: 0b32e85b273a9e04b8f69eef82bc1c1daddea5a4a096aa854196aebb9a888535
                                        
                                            GET /_preview/HLConst-8876f720.mjs HTTP/1.1 
Host: stcdn.leadconnectorhq.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://stcdn.leadconnectorhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.244.153.18
HTTP/2 200 OK
content-type: application/javascript
                                        
x-guploader-uploadid: ADPycduiwwWBy7MaHcm3cB5PY-L5DU6XycxJi8J7V2HCJ7Xr-CRjM3QNejPzIZtsFLIvHVg_B7xYZluVPyb_46IGcSLyxY9SThiM
x-goog-generation: 1663241943307807
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 614
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=jwT+Fw==, md5=1xcKbm7bWr9bY0TlVjR16A==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 614
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Thu, 15 Sep 2022 16:23:24 GMT
expires: Fri, 15 Sep 2023 16:23:24 GMT
cache-control: public, no-transform, immutable, max-age=31536000
last-modified: Thu, 15 Sep 2022 11:39:03 GMT
etag: "d7170a6e6edb5abf5b6344e5563475e8"
age: 1558440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1046)
Size:   614
Md5:    d7170a6e6edb5abf5b6344e5563475e8
Sha1:   5616cf55805bbb7369727a399ef17269676d998e
Sha256: b8507ab46ac956c313f77c65170b2f5da3e1eaea5de916d44348671cef890ed3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:17:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /_preview/TextElement-15a05a68.mjs HTTP/1.1 
Host: stcdn.leadconnectorhq.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://stcdn.leadconnectorhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.244.153.18
HTTP/2 200 OK
content-type: application/javascript
                                        
x-guploader-uploadid: ADPycdujewqU3d6NQ-w7VsGPXdnVQ8tnLZOhwsNhvtuVLGNdICe6BunhF-byAJ4oSId79p0N_9Hml4U7hFCZOdxfCyylLg
x-goog-generation: 1664355183889128
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 20050
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=TMTqnw==, md5=5LeZufolLxYqOg34DwIPpA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 20050
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Wed, 28 Sep 2022 08:56:31 GMT
expires: Thu, 28 Sep 2023 08:56:31 GMT
cache-control: public, no-transform, immutable, max-age=31536000
age: 462053
last-modified: Wed, 28 Sep 2022 08:53:03 GMT
etag: "e4b799b9fa252f162a3a0df80f020fa4"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57874)
Size:   20050
Md5:    e4b799b9fa252f162a3a0df80f020fa4
Sha1:   d832adcb3181305860dbbfdaddb4e4f504a3a390
Sha256: be941f3d3090792fd87350113514a7b71ea5c0c1bfef8913dfde1c32ed828af3
                                        
                                            GET /_preview/CalendarComponentv3-c7bfda78.mjs HTTP/1.1 
Host: stcdn.leadconnectorhq.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://stcdn.leadconnectorhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.244.153.18
HTTP/2 200 OK
content-type: application/javascript
                                        
x-guploader-uploadid: ADPycdtdA2IFs3psOugPTtB15q3aZwA6_bs5HPrTrp_XaVvofcjtcONqinCAgf3QuOoQfdaBHVJ9HZJWyWUOTInHEyhOIH4ab3WP
x-goog-generation: 1664355175726252
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 13462
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=V/mKqg==, md5=NmZ/djJ1OnbVF+czmVvnTg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 13462
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Wed, 28 Sep 2022 09:23:16 GMT
expires: Thu, 28 Sep 2023 09:23:16 GMT
cache-control: public, no-transform, immutable, max-age=31536000
last-modified: Wed, 28 Sep 2022 08:52:55 GMT
etag: "36667f7632753a76d517e733995be74e"
age: 460448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (41362)
Size:   13462
Md5:    36667f7632753a76d517e733995be74e
Sha1:   88d4f82a55c5268a5f6c1e45dcd292cc33163010
Sha256: ae71f0621de5be1c4f9ae4646a4fa070a250b12814b123ec02c0aface3adf4d4
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 423796
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /_preview/CalendarComponent-88577a4b.mjs HTTP/1.1 
Host: stcdn.leadconnectorhq.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://stcdn.leadconnectorhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.244.153.18
HTTP/2 200 OK
content-type: application/javascript
                                        
x-guploader-uploadid: ADPycdsDoydT2e-RXv6BGGrTk7bS6rrWO5882uojyvydlAnRPgCOkK9reZGj9ADOIIUetbd6s5bN3Z06cTMQ9dUAVWp0eQ
x-goog-generation: 1664355190138346
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 10482
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=ZgE6tA==, md5=lpEcaQBEAtMNhPGOOqGtNg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 10482
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Wed, 28 Sep 2022 09:23:16 GMT
expires: Thu, 28 Sep 2023 09:23:16 GMT
cache-control: public, no-transform, immutable, max-age=31536000
last-modified: Wed, 28 Sep 2022 08:53:10 GMT
etag: "96911c69004402d30d84f18e3aa1ad36"
age: 460448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32404)
Size:   10482
Md5:    96911c69004402d30d84f18e3aa1ad36
Sha1:   bd25284a72f65fe6137215244461c2b090fa66ae
Sha256: 7d05af5059ecf62bc04c4e350c4f40c9d39aea250c58c5fc1e554d0ca0add5d5
                                        
                                            GET /_preview/surveyComponent-89a5f850.mjs HTTP/1.1 
Host: stcdn.leadconnectorhq.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://stcdn.leadconnectorhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.244.153.18
HTTP/2 200 OK
content-type: application/javascript
                                        
x-guploader-uploadid: ADPycdspLgm_Jk8TppI_laEJti6gkHDRF5riLweqMvqdy9CLLdObE6aegfZYj-ehJADVTAv0ajfdXuy8xb95uffEHwzl
x-goog-generation: 1664355184523445
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 11208
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=tpq5tQ==, md5=J4F0xiuGWjLu3IjOBLdGKg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 11208
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Wed, 28 Sep 2022 09:23:16 GMT
expires: Thu, 28 Sep 2023 09:23:16 GMT
cache-control: public, no-transform, immutable, max-age=31536000
last-modified: Wed, 28 Sep 2022 08:53:04 GMT
etag: "278174c62b865a32eedc88ce04b7462a"
age: 460448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (40288)
Size:   11208
Md5:    278174c62b865a32eedc88ce04b7462a
Sha1:   1b4a0111e7536b0757ea473bc216d3c63b4c55ec
Sha256: 674af2e6c000e1bbe64b982c3e6e832f137568b797f36b6c54c219eddf2bde56
                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 03:08:55 GMT
expires: Sun, 01 Oct 2023 03:08:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
age: 223709
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:17:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1d4/XD8U8fpFv8M HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:17:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:17:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 423796
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:13:12 GMT
expires: Tue, 26 Sep 2023 21:13:12 GMT
cache-control: public, max-age=31536000
age: 590652
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Size:   46524
Md5:    c1fd378f54921c75e4ae1821e7b8fff6
Sha1:   2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
Sha256: 405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:17:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9852
Expires: Mon, 03 Oct 2022 20:01:36 GMT
Date: Mon, 03 Oct 2022 17:17:24 GMT
Connection: keep-alive

                                        
                                            GET /muBKRmyiIz7rQZKHHloS/media/62505a0040dc5d00cad3fcd3.png HTTP/1.1 
Host: assets.cdn.msgsndr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.244.153.18
HTTP/2 200 OK
content-type: image/png
                                        
x-guploader-uploadid: ADPycdsDXRuebRWcvW6lWZZcRblQhLohPh0odIZ_amnJe_XnaxJIXw-V8Kl2YlgYcpQF078qQWlu-61ioFXtgnlaGkC4
x-goog-generation: 1649433091565869
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 136803
x-goog-hash: crc32c=0OWL/Q==, md5=6VhsrdtIFkVMPOe9ycBWLQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 136803
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
server: UploadServer
date: Sun, 02 Oct 2022 13:50:37 GMT
cache-control: public,max-age=31622400
last-modified: Fri, 08 Apr 2022 15:51:31 GMT
etag: "e9586caddb4816454c3ce7bdc9c0562d"
age: 98807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9852
Expires: Mon, 03 Oct 2022 20:01:36 GMT
Date: Mon, 03 Oct 2022 17:17:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9852
Expires: Mon, 03 Oct 2022 20:01:36 GMT
Date: Mon, 03 Oct 2022 17:17:24 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BobS2JU-TqDuL8q31SVlerM15cRoMhL1oM5MkL7MVhY9RZG_Ukp5yA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 70248
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9083
Md5:    523edd86af4757d0bc5fa5b3b8a3596a
Sha1:   8118ee462077c291b9d6f1402b85b55a9ceba8c2
Sha256: c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 45273
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8158
x-amzn-requestid: 424c8c6c-7075-4ace-97e6-2b0a609d1b7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXDxGRlIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-046d963a345c15e81dc74e4d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aFBTRAsXhi4io7fSc02hftf9hRQ-J5yaBgU4Wgwijyir30xjTjdMLQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 70248
etag: "3fc3aeae907a0ce0db21753c67c1000681e48b8e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8158
Md5:    721a8d8f94c3796abf021978fcdbc831
Sha1:   3fc3aeae907a0ce0db21753c67c1000681e48b8e
Sha256: cb497b15e7c2e49930b99f8d6659f0394acefb7b11613ca04397ee782dac759d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8277
x-amzn-requestid: a7d76241-7da1-4c84-9c73-2e3a71b81b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZTMfEGHiIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63378df9-3727a65235e4dbc60cc11cf0;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 00:46:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8n1l3bN8ykztmC-wGNH_w7xASHFplZa2LvHs8psQ146XILdvEHLWgw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 16:41:17 GMT
age: 2167
etag: "43a66cd291d1413d7147a29b2a7b27277a443f0b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8277
Md5:    6a90e53b55500427aed06efa3a9baa8c
Sha1:   43a66cd291d1413d7147a29b2a7b27277a443f0b
Sha256: 2cf5790e81140bc56b46163787f84c54a07f58e90001837624f426aafa8031c5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10839
x-amzn-requestid: 67718257-ee21-44f0-80bd-f15cea37ac5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWcKFD0IAMFV7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044d-09a45a242bf4bdfe0f4608e4;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pS33yyA441ZNn2dtNy6mVDnm-rmd_Vi_M0q9ZN2AKGMUT7l-nEuEvw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:58:18 GMT
age: 69546
etag: "b105f7bf041365d644c98c7e11ffa75e4656d29d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10839
Md5:    36debc920b17e124779c01af9101a59e
Sha1:   b105f7bf041365d644c98c7e11ffa75e4656d29d
Sha256: f518ccd094d0e187b91cfd36dfb282566c0d088ce13501157dc97c702211d938
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F954ddf3b-951c-46b3-a8ce-00e3bd3ef239.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10490
x-amzn-requestid: a7e4d6b4-be77-41a9-94dd-83167d5b002e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5tUrE72oAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d5c1d-1ba0805b629e657b60ff1b85;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 07:11:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DZ6ZMlje50ktV6_cABRx3fr4Dke7Z2UhNhBDi1aCK00kRPTlnG691A==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 03:36:14 GMT
age: 49270
etag: "36458cca636c4ffc873df8acd254ff726b1a9544"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10490
Md5:    bed17699f6b123b33b8df416b23c4cac
Sha1:   36458cca636c4ffc873df8acd254ff726b1a9544
Sha256: 65dac85ddf2d9918696ea270a5a3d034e07e43ca5714f169747feee09fc4b897
                                        
                                            POST /s/gts1d4/8SUWZOKhA0s HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:17:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1d4/8SUWZOKhA0s HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:17:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ch2/assets/ch2-favi-gold.png HTTP/1.1 
Host: 1kday.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         104.21.68.48
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 03 Oct 2022 17:17:24 GMT
content-length: 4489
last-modified: Thu, 27 Jan 2022 16:51:00 GMT
cache-control: max-age=2592000
expires: Mon, 31 Oct 2022 22:18:30 GMT
cf-cache-status: HIT
age: 154734
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8UEgMaeREBfOw8xoazNcc6%2BkWdpUcTB%2FW3lh9H5Y%2Fm7XpSyz%2B9y2cApltxwDqqEQKp0bMtS02gw%2Fc2O6rSWkhpbBKb2%2FL6LISDNiSE2joMPixZBoKN4thnFaxw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754754c32cdbb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 62 x 62, 8-bit/color RGBA, interlaced\012- data
Size:   4489
Md5:    f8b1b47eac8e07c1b010630410d4fe28
Sha1:   ca454406139ca52b4dd92f21cef5b27a46a3b9ad
Sha256: 07f772382dde8d1c491183d7b065efe3395a9e7c88f936dfab699e392a6604b7
                                        
                                            GET /next/css/widget.css HTTP/1.1 
Host: embed.typeform.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.51
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 981
last-modified: Mon, 12 Sep 2022 12:24:55 GMT
x-amz-version-id: S1mhWUq0ZQqr1Tqx1_g8H2_ffHQbIjB9
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 17:13:37 GMT
etag: "dfc358c7c0c906b5489ac372ac302580"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U07xoN_vTzMTId5ynuHhxPGr_g4XBZqiFRoWRoNH0NQhT-120JsarQ==
age: 253
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (980)
Size:   981
Md5:    dfc358c7c0c906b5489ac372ac302580
Sha1:   59fc74cfb37da94c292b166a1e2e3f7764896895
Sha256: 446cb9b3fa173b92d3e0be28ebdf1d8b62a9e13f14281ea46776124e7b60b68d
                                        
                                            OPTIONS /funnels/stats/event HTTP/1.1 
Host: services.msgsndr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: channel,content-type,source,version
Referer: https://go.1kday.com/
Origin: https://go.1kday.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.98.115.9
HTTP/2 204 No Content
                                        
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: channel,content-type,source,version
content-length: 0
date: Mon, 03 Oct 2022 17:17:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST /s/gts1d4/8SUWZOKhA0s HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:17:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /attribution_service/user_session_v3/create_session HTTP/1.1 
Host: services.msgsndr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://go.1kday.com/
Origin: https://go.1kday.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.98.115.9
HTTP/2 200 OK
                                        
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type
content-length: 0
date: Mon, 03 Oct 2022 17:17:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST /funnels/stats/event HTTP/1.1 
Host: services.msgsndr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go.1kday.com/
channel: APP
content-type: application/json
source: WEB_USER
version: 2021-04-15
Origin: https://go.1kday.com
Content-Length: 200
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.98.115.9
HTTP/2 422 Unprocessable Entity
content-type: application/json; charset=utf-8
                                        
x-powered-by: Express
access-control-allow-origin: *
content-length: 137
etag: W/"89-nQJiAYIzWoLLQ0MSYQmoU8e2uKg"
vary: Accept-Encoding
date: Mon, 03 Oct 2022 17:17:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   137
Md5:    7f23757318ead28e7e859a46e2b22dd2
Sha1:   9d02620182335a82cb4343126109a853c7b6b8a8
Sha256: 6022a38622c8346418e25e33b9fb6873d7269d1285d47b112e85d858fefcb1fb
                                        
                                            GET /_preview/entry-741a7702.mjs HTTP/1.1 
Host: stcdn.leadconnectorhq.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.244.153.18
HTTP/2 200 OK
content-type: application/javascript
                                        
x-guploader-uploadid: ADPycduZKBNyh5us_CMK1rmbCEB_6bvPqRK-XxYDZmjqRyZEcd9Vu-EUX3dhf29gzgoDw4GPOtIfMal_mcBiTjHl2P0A6w
x-goog-generation: 1664355176889955
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 106381
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=s0O7wg==, md5=0dCpjFazudIyOD1C9tq/cg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 106381
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Wed, 28 Sep 2022 08:56:31 GMT
expires: Thu, 28 Sep 2023 08:56:31 GMT
cache-control: public, no-transform, immutable, max-age=31536000
age: 462052
last-modified: Wed, 28 Sep 2022 08:52:56 GMT
etag: "d1d0a98c56b3b9d232383d42f6dabf72"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (18094)
Size:   5459
Md5:    a5f197c8979a689bc588152bb8106064
Sha1:   c833c6b7062a867b6fbe4c580487dab7ddc10fdc
Sha256: 799ce364e97e0691df52f18be899800604f25aa177338138affc0c7d437a3e4c
                                        
                                            GET /p/4.11.3/css/player.css HTTP/1.1 
Host: f.vimeocdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.109
HTTP/2 200 OK
content-type: text/css
                                        
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 03 Oct 2022 17:17:24 GMT
age: 2143
x-served-by: cache-iad-kiad7000069-IAD, cache-bma1667-BMA
x-cache: HIT, HIT
x-cache-hits: 41, 625
x-timer: S1664817445.826976,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 20305
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   35969
Md5:    ddc69f62511c9ccdd8f550bc5cc8b4d9
Sha1:   dc27c9c01e6aef88dbd4e085a699e5c29c0d7cf9
Sha256: ba20575fb0ac140e1e5c166b2b4c504da1010fed62bd5f602de91cada643c98b
                                        
                                            GET /js_opt/modules/utils/vuid.min.js HTTP/1.1 
Host: f.vimeocdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.86.109
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
cache-control: public, max-age=2592000
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 03 Oct 2022 17:17:24 GMT
age: 1209605
x-served-by: cache-iad-kiad7000169-IAD, cache-bma1667-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 197680
x-timer: S1664817445.840795,VS0,VE0
vary: Accept-Encoding,x-http-method-override
content-length: 997
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1839)
Size:   997
Md5:    a726e1c270a0429ccce67d981a12ac33
Sha1:   7319cca36fa04ee8d74ea677a0bb5dd113649011
Sha256: 2601818bf89176145a614b0d50b1ef1cd95272a5bc6be5526d54c464f6172dbf
                                        
                                            GET /video/1444651325-045de81e51cc9ebfc0681afd6fab25c995a473dbbbf2ec02418cf3ac09fcb265-d.jpg?mw=80&q=85 HTTP/1.1 
Host: i.vimeocdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.86.109
HTTP/2 200 OK
content-type: image/jpeg
                                        
etag: 6f9e0828ca91fe7d5dd4c9984455e878
x-viewmaster-lossless-format: lossy
viewmaster-server: viewmaster-us-central1-7703
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Mon, 03 Oct 2022 17:17:24 GMT
age: 552537
x-served-by: cache-dfw-kdfw8210066-DFW, cache-bma1667-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 1, 1
x-timer: S1664817445.840912,VS0,VE1
content-length: 1546
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x45, components 3\012- data
Size:   1546
Md5:    6f9e0828ca91fe7d5dd4c9984455e878
Sha1:   4200f30c215461d73e9c82a5e275de6824cb0f3d
Sha256: 06eafec58ee42f8a7db040dfb18014d009e438bd2ecc4d5dc5fc60f7a91630cb
                                        
                                            GET /p/4.11.3/js/player.js HTTP/1.1 
Host: f.vimeocdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.86.109
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 03 Oct 2022 17:17:24 GMT
age: 2142
x-served-by: cache-iad-kiad7000050-IAD, cache-bma1667-BMA
x-cache: HIT, HIT
x-cache-hits: 35, 473
x-timer: S1664817445.840601,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
content-length: 212476
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64649)
Size:   212476
Md5:    1a9158a6f3dbfa9f98a2525d60e4c819
Sha1:   b80d8ca4bd9869c6fce2def33022d35c7d41b3b8
Sha256: 8bad76d74f9f6cfa086dccf378934b2a7b6c07c94c1b279d7dd71974e5c9a782
                                        
                                            GET /video/1444651325-045de81e51cc9ebfc0681afd6fab25c995a473dbbbf2ec02418cf3ac09fcb265-d?mw=600&mh=338 HTTP/1.1 
Host: i.vimeocdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.86.109
HTTP/2 200 OK
content-type: image/avif
                                        
etag: 7284fb59c97a0d93d5c7abb0c5d7f200
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-east1-j5jd
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Mon, 03 Oct 2022 17:17:25 GMT
age: 1817828
x-served-by: cache-dfw-kdfw8210043-DFW, cache-bma1667-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 1, 1
x-timer: S1664817445.317003,VS0,VE1
vary: Accept
content-length: 12391
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, AVIF Image\012- data
Size:   12391
Md5:    7284fb59c97a0d93d5c7abb0c5d7f200
Sha1:   a687bdeeb93147c78e0408e7463edce7952abc1a
Sha256: 7e561265846ab00338363bb12bdb39286e415079d13346692c8ca5879714e203
                                        
                                            GET /v1/rudder-analytics.min.js HTTP/1.1 
Host: cdn.rudderlabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://form.typeform.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.127
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 21 Sep 2022 10:06:48 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 03 Oct 2022 16:31:15 GMT
cache-control: max-age=3600
etag: W/"2ee07f8ec538e6ee7867079365cf34c5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cFlqQVNt247gVaZg1GYC6n7dCKkr4WesoY2rbAZ5zQ4cTJJIkC2LLg==
age: 2787
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   128278
Md5:    09cc76de993fb302add6f1999f59b2de
Sha1:   ad46fecc3e12524d58f4b95c40af87892ebb450e
Sha256: 24f72b4914ba1afc2f9e2069c3e05d5a08a3bc4f0bc196a5503d250a9af2cb55
                                        
                                            POST /s/gts1d4/QNGijQL5IyE HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:17:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /add/player-stats?beacon=1&session-id=75e0a10d7fb6fb7f76d05bc38fe20ce9478d5f8e1664817444 HTTP/1.1 
Host: fresnel.vimeocdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1464
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.202.204
HTTP/2 200 OK
                                        
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Mon, 03 Oct 2022 17:17:26 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /blocks-renderer-short_text.9bdd5fa270afd60bc91a.renderer.js HTTP/1.1 
Host: renderer-assets.typeform.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://form.typeform.com/to/xG6L3P0v?typeform-embed-id=4505856810042018&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next
Connection: keep-alive
Cookie: __cf_bm=DiSKYgJpR8wj7JeEQf5D9L8O.dTZeJeAHzZxvG0zsSQ-1664817444-0-AZY86fy27rhtVhzH4VtJ5uF+ZHm/HM+1lAqJNuD7hGmpehXSCtpS02D17ZvNQK2zGk6/XTDoBTyr/uJWjU83O4o=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.76
HTTP/2 200 OK
content-type: application/x-javascript
                                        
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 29 Sep 2022 14:34:06 GMT
x-amz-version-id: 2UPxIx4o17WPjbgl092lIXz11lHLWoxA
server: AmazonS3
content-encoding: gzip
date: Sun, 02 Oct 2022 18:47:56 GMT
etag: W/"eae9d3765fe3de7be160c0969bd935c3"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pQkDx3JLKNT65fFRZ31wZ1TOmQ1DqtCdrpLf7-rm6hSso0V_wpEgaA==
age: 80975
cache-control: max-age=2419200
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7375)
Size:   2973
Md5:    16ce4f0345c937e08a70bb6707231c42
Sha1:   47e832ea6ba43ee0ba39a6cc143532ab61edd9ac
Sha256: 1c2eba6a9856e7a47a6540cb4148686b11a9d23955761a0e23ae5d95732906ea
                                        
                                            POST /s/gts1d4/QNGijQL5IyE HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 17:17:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 03 Oct 2022 17:17:26 GMT
Last-Modified: Mon, 03 Oct 2022 15:39:00 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Mw5Gym606D_N0ok900yMCamI1eHDRWghBG7cCkgTHMlMa3yjDMSryA==
Age: 5906

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 03 Oct 2022 17:17:26 GMT
Last-Modified: Mon, 03 Oct 2022 15:57:13 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: i5v3YY90RHepDNKKUQbdSci-KNjrUgWPdw_GCxFsB4Gm2_Vw4GHgcA==
Age: 4813

                                        
                                            OPTIONS /sourceConfig/?p=cdn&v=1.16.0 HTTP/1.1 
Host: rudderstack-control-plane.cdp.prod.data.typeform.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://form.typeform.com/to/xG6L3P0v?typeform-embed-id=4505856810042018&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next
Origin: https://form.typeform.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         18.209.217.52
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
date: Mon, 03 Oct 2022 17:17:26 GMT
content-length: 2
server: uvicorn
vary: Origin
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-max-age: 600
access-control-allow-credentials: true
access-control-allow-origin: https://form.typeform.com
access-control-allow-headers: authorization
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    e0aa021e21dddbd6d8cecec71e9cf564
Sha1:   9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
Sha256: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
                                        
                                            GET /sourceConfig/?p=cdn&v=1.16.0 HTTP/1.1 
Host: rudderstack-control-plane.cdp.prod.data.typeform.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://form.typeform.com/to/xG6L3P0v?typeform-embed-id=4505856810042018&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
Origin: https://form.typeform.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         18.209.217.52
HTTP/2 200 OK
content-type: application/json
                                        
date: Mon, 03 Oct 2022 17:17:26 GMT
content-length: 610
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (610), with no line terminators
Size:   610
Md5:    b472ddb84e71008d7e128aa58199352f
Sha1:   bb19a929d005eb384268d4e73cd994324ffc5db4
Sha256: 1e1bfbb50209ae8693353623fab7eeeef5ae1c0ca5d128a40c3be54099e59028
                                        
                                            OPTIONS /v1/track HTTP/1.1 
Host: rudderstack.cdp.prod.data.typeform.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: anonymousid,authorization,content-type
Referer: https://form.typeform.com/to/xG6L3P0v?typeform-embed-id=4505856810042018&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next
Origin: https://form.typeform.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         3.213.216.220
HTTP/2 200 OK
                                        
date: Mon, 03 Oct 2022 17:17:26 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://form.typeform.com
access-control-max-age: 900
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2

                                        
                                            POST /v1/track HTTP/1.1 
Host: rudderstack.cdp.prod.data.typeform.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://form.typeform.com/to/xG6L3P0v?typeform-embed-id=4505856810042018&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next
Content-Type: application/json
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
AnonymousId: NDFiZWM0ZmYtOTk1OS00MzM5LWE4ZDctMGIzODc3OTdhYTQ0
Content-Length: 1963
Origin: https://form.typeform.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         3.213.216.220
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
date: Mon, 03 Oct 2022 17:17:26 GMT
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://form.typeform.com
vary: Origin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    e0aa021e21dddbd6d8cecec71e9cf564
Sha1:   9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
Sha256: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
                                        
                                            POST /v1/track HTTP/1.1 
Host: rudderstack.cdp.prod.data.typeform.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://form.typeform.com/to/xG6L3P0v?typeform-embed-id=4505856810042018&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next
Content-Type: application/json
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
AnonymousId: NDFiZWM0ZmYtOTk1OS00MzM5LWE4ZDctMGIzODc3OTdhYTQ0
Content-Length: 2135
Origin: https://form.typeform.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         3.213.216.220
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
date: Mon, 03 Oct 2022 17:17:27 GMT
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://form.typeform.com
vary: Origin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    e0aa021e21dddbd6d8cecec71e9cf564
Sha1:   9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
Sha256: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
                                        
                                            POST /v1/track HTTP/1.1 
Host: rudderstack.cdp.prod.data.typeform.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://form.typeform.com/to/xG6L3P0v?typeform-embed-id=4505856810042018&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next
Content-Type: application/json
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
AnonymousId: NDFiZWM0ZmYtOTk1OS00MzM5LWE4ZDctMGIzODc3OTdhYTQ0
Content-Length: 2464
Origin: https://form.typeform.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         3.213.216.220
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
date: Mon, 03 Oct 2022 17:17:27 GMT
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://form.typeform.com
vary: Origin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    e0aa021e21dddbd6d8cecec71e9cf564
Sha1:   9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
Sha256: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
                                        
                                            GET /vendors~blocks-renderer-contact_info~blocks-renderer-address~blocks-renderer-email~blocks-renderer-phone_number~blocks-renderer-short_text.174462e8491ccd68707c.renderer.js HTTP/1.1 
Host: renderer-assets.typeform.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://form.typeform.com/to/xG6L3P0v?typeform-embed-id=4505856810042018&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next
Connection: keep-alive
Cookie: __cf_bm=DiSKYgJpR8wj7JeEQf5D9L8O.dTZeJeAHzZxvG0zsSQ-1664817444-0-AZY86fy27rhtVhzH4VtJ5uF+ZHm/HM+1lAqJNuD7hGmpehXSCtpS02D17ZvNQK2zGk6/XTDoBTyr/uJWjU83O4o=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.76
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Mon, 03 Oct 2022 08:20:31 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 03 Oct 2022 08:17:15 GMT
etag: W/"3534388e81ae687979c3b8a2b43ab840"
x-amz-version-id: G3MF1bpa5DRTJRkR286PuTWOk9XnhmHu
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _ulDqqh3zD1vSp60GiBgRKQtoxyTaOdj2QQ21c75-BH6niUsVTJDdA==
age: 32215
cache-control: max-age=2419200
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /blocks-renderer-email.3c88bca77ec87b5e4576.renderer.js HTTP/1.1 
Host: renderer-assets.typeform.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://form.typeform.com/to/xG6L3P0v?typeform-embed-id=4505856810042018&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next
Connection: keep-alive
Cookie: __cf_bm=DiSKYgJpR8wj7JeEQf5D9L8O.dTZeJeAHzZxvG0zsSQ-1664817444-0-AZY86fy27rhtVhzH4VtJ5uF+ZHm/HM+1lAqJNuD7hGmpehXSCtpS02D17ZvNQK2zGk6/XTDoBTyr/uJWjU83O4o=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.76
HTTP/2 200 OK
content-type: application/x-javascript
                                        
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 29 Sep 2022 14:34:06 GMT
x-amz-version-id: ACPfufDI9RHNnjj63UBK3T.RpxeuRl1d
server: AmazonS3
content-encoding: gzip
date: Mon, 03 Oct 2022 16:35:03 GMT
etag: W/"8ab4e520c59de7593b86175556eab0a0"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZyvJA3OkkbZGnVckaidA-Oe8DV0SCNoNjwwJRqJuEsFDjJv-66DLfA==
age: 2543
cache-control: max-age=2419200
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /releases/v5.15.4/css/brands.css HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.133.15
HTTP/2 200 OK
content-type: text/css
                                        
date: Mon, 03 Oct 2022 17:17:23 GMT
x-amz-id-2: aurINJCl9YivOtu2jw5UWVDGG89TEdZ19u/GI8nXud3LfgfBp9Yrm4pYtkFlOcI+lkxlz0yTvE0=
x-amz-request-id: KVQJX7HS7H4556QG
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"2c213c9e855a714f04273ad8ddfec94a"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 905476
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdJBm5uaU4a6D3%2FuX8KHFYZMYD8Bwd102RvX%2FmoXmaa4RHIu0i6W549zGfmm75hX%2BKjF%2Fl3MVOhEVjbQbaNAtTKIOwXGVZJnmiqO7vQRcjgSl0GLRcGmuHIEYcny7PIB%2F9E4p5Ms"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754754c00db473ef-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /releases/v5.15.4/css/solid.css HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.1kday.com
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.133.15
HTTP/2 200 OK
content-type: text/css
                                        
date: Mon, 03 Oct 2022 17:17:23 GMT
x-amz-id-2: OWUlT/Y+IQL8pry1R9rNZGDnxItZA2W6uHxZJEgnJ3QYwHLD48p+El5+rcShyLm2ctNPX3i/J9Y=
x-amz-request-id: HHYNTFW76ARG88ET
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"685a6b10be9f3db25acf78c5e7ba7379"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2527405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0Yvz%2FcRXjBjMCqMOgWRaSHUhNuDrjLpXuDqYzo1VirRQA8TvDxcT6qZSzFrIsn4TgnefnVRiCjr875wQ9%2F92rojvIFlGCjufY58vdwv8sEscgTpd4%2Fp0ULlvDmlwzKJTd7P7mG4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754754c01dca73ef-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /modern-renderer.f54f4ab50d21cbe32302.js HTTP/1.1 
Host: renderer-assets.typeform.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://form.typeform.com/to/xG6L3P0v?typeform-embed-id=4505856810042018&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next
Origin: https://form.typeform.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         143.204.55.76
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Mon, 03 Oct 2022 07:50:12 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 29 Sep 2022 14:34:06 GMT
etag: W/"87fd2d67ea9b72be73930bfb92f02031"
x-amz-version-id: rIwKCll7xSnCRu_6OOG7LJA4JJMVZO9m
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CQwgUUk2FLUKy6zhedrXZySlmiRZA16oTnLmH2vl8YO-fJRzOMBBDA==
age: 34033
cache-control: max-age=2419200
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /vendors~form~blocks-validation-phone_number~blocks-renderer-contact_info~blocks-renderer-phone_number.4af84cc3a887409f368b.renderer.js HTTP/1.1 
Host: renderer-assets.typeform.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://form.typeform.com/to/xG6L3P0v?typeform-embed-id=4505856810042018&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next
Connection: keep-alive
Cookie: __cf_bm=DiSKYgJpR8wj7JeEQf5D9L8O.dTZeJeAHzZxvG0zsSQ-1664817444-0-AZY86fy27rhtVhzH4VtJ5uF+ZHm/HM+1lAqJNuD7hGmpehXSCtpS02D17ZvNQK2zGk6/XTDoBTyr/uJWjU83O4o=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         143.204.55.76
HTTP/2 200 OK
content-type: application/x-javascript
                                        
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 27 Sep 2022 13:26:04 GMT
x-amz-version-id: sQkF0lJH48rhcgAnTKW1gOwvNoo7DlNj
server: AmazonS3
content-encoding: gzip
date: Mon, 03 Oct 2022 01:57:29 GMT
etag: W/"1fbe947b50778cdfe013a9a20a4bcba1"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bxMIDjQQZueB050fRAHZMpAVINUVuM0dqq3UXbjhKe4avv5Nc-_Pag==
age: 55233
cache-control: max-age=2419200
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /vendors~form.d78923d96dcf5241caa3.renderer.js HTTP/1.1 
Host: renderer-assets.typeform.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://form.typeform.com/to/xG6L3P0v?typeform-embed-id=4505856810042018&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next
Connection: keep-alive
Cookie: __cf_bm=DiSKYgJpR8wj7JeEQf5D9L8O.dTZeJeAHzZxvG0zsSQ-1664817444-0-AZY86fy27rhtVhzH4VtJ5uF+ZHm/HM+1lAqJNuD7hGmpehXSCtpS02D17ZvNQK2zGk6/XTDoBTyr/uJWjU83O4o=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.76
HTTP/2 200 OK
content-type: application/x-javascript
                                        
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 27 Sep 2022 13:26:04 GMT
x-amz-version-id: EEJzbhFJ3daMOTtqBHjNayFC7SmGYQTL
server: AmazonS3
content-encoding: gzip
date: Mon, 03 Oct 2022 13:47:45 GMT
etag: W/"79c4096def62d41d9b1118d2d6661bc5"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RoruTvQ9Yg_4FE-ua89zPThQVOIO6VR7g0RRCizzZHlpF-MCVkQ9gA==
age: 12580
cache-control: max-age=2419200
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /form.63c48677b41cde4b0d6f.renderer.js HTTP/1.1 
Host: renderer-assets.typeform.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://form.typeform.com/to/xG6L3P0v?typeform-embed-id=4505856810042018&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next
Connection: keep-alive
Cookie: __cf_bm=DiSKYgJpR8wj7JeEQf5D9L8O.dTZeJeAHzZxvG0zsSQ-1664817444-0-AZY86fy27rhtVhzH4VtJ5uF+ZHm/HM+1lAqJNuD7hGmpehXSCtpS02D17ZvNQK2zGk6/XTDoBTyr/uJWjU83O4o=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.76
HTTP/2 200 OK
content-type: application/x-javascript
                                        
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 27 Sep 2022 13:26:04 GMT
x-amz-version-id: av4QlelnyZ5kzJDY0bbEB7QIxIVB1fnj
server: AmazonS3
content-encoding: gzip
date: Mon, 03 Oct 2022 13:47:48 GMT
etag: W/"abb976cf1f2a4c0e0473f926e3e10573"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wAr4_GH28Q0IwIdSdx0XU3U9QSH_FDccsM9nmhBa3KNNhp_q32GITQ==
age: 12581
cache-control: max-age=2419200
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /next/embed.js HTTP/1.1 
Host: embed.typeform.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.51
HTTP/2 200 OK
content-type: application/x-javascript
                                        
last-modified: Fri, 16 Sep 2022 13:54:00 GMT
x-amz-version-id: szYBfK07E4veASTgyw64BU0speoTZaMi
server: AmazonS3
content-encoding: gzip
date: Mon, 03 Oct 2022 17:13:18 GMT
etag: W/"6683d167c12d5efb43477d9c49e68801"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hm6tQo21AeFFEwZu83GTp-eQV3oNfrbs2DFRvo2knud7Wx_IT7fGuw==
age: 248
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Lato:400,700%7CRoboto:400,700%7COpen%20Sans:400,700%7CRaleway:400,700%7CMontserrat:400,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 17:17:23 GMT
date: Mon, 03 Oct 2022 17:17:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /to/xG6L3P0v?typeform-embed-id=4505856810042018&typeform-embed=embed-widget&typeform-source=go.1kday.com&typeform-medium=snippet&typeform-medium-version=next HTTP/1.1 
Host: form.typeform.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.1kday.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         104.18.41.163
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Mon, 03 Oct 2022 17:17:24 GMT
x-powered-by: 7260-6.11.6
content-security-policy-report-only: report-uri https://typeformforms.report-uri.com/r/t/csp/reportOnly; default-src 'self' https: data: blob: chrome-extension: moz-extension: safari-extension:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' https:; worker-src 'self' blob:; manifest-src public-assets.typeform.com; form-action 'none'; frame-ancestors 'self' http://localhost:* capacitor: iconic: https:; base-uri 'self'; child-src wvjbscheme: https:; connect-src 'self' wss: https: chrome-extension: moz-extension: safari-extension:; style-src 'self' 'unsafe-inline' https:
vary: Accept-Encoding
x-envoy-upstream-service-time: 1
x-varnish: 12706454 29194803
age: 95
x-cache: HIT
x-cache-lookup: HIT
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
access-control-allow-headers: X-Typeform-Key, Content-Type, Authorization, Typeform-Version
access-control-expose-headers: Location, X-Request-Id
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
set-cookie: AWSALBTG=KSbBEz2d76fY3hi9dTWm7M8ilUzFJTnplGsHbE5jKEQR6czrEgDsodSrJ9DmXlbhX45T6v/7fpJp4PZu0Rf/c7462wVkC6IaqE4fS5rPi50XuAxDQTYDiOsrVus/Ed+r9+RSWvSCT1VyAWvtOziHRsX1THibnNAz9i/4O//ppONR; Expires=Mon, 10 Oct 2022 17:17:24 GMT; Path=/ AWSALBTGCORS=KSbBEz2d76fY3hi9dTWm7M8ilUzFJTnplGsHbE5jKEQR6czrEgDsodSrJ9DmXlbhX45T6v/7fpJp4PZu0Rf/c7462wVkC6IaqE4fS5rPi50XuAxDQTYDiOsrVus/Ed+r9+RSWvSCT1VyAWvtOziHRsX1THibnNAz9i/4O//ppONR; Expires=Mon, 10 Oct 2022 17:17:24 GMT; Path=/; SameSite=None; Secure __cf_bm=DiSKYgJpR8wj7JeEQf5D9L8O.dTZeJeAHzZxvG0zsSQ-1664817444-0-AZY86fy27rhtVhzH4VtJ5uF+ZHm/HM+1lAqJNuD7hGmpehXSCtpS02D17ZvNQK2zGk6/XTDoBTyr/uJWjU83O4o=; path=/; expires=Mon, 03-Oct-22 17:47:24 GMT; domain=.typeform.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2dVr2EIrDWUw6VDWnnLlNW5u%2FIvS%2B%2F73C31M4wdaKDXKmGMII%2B8tguTVDic4y4UIF2E2idGoLkAkReoDvwDTjulUADolu73Q9MmPnGEKuHbal7opxtfJ1m2By9TY7bpRS6V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754754c43ecc1c02-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---