HTTP/2 200 OK
content-type: application/javascript
content-length: 809
date: Mon, 04 Dec 2023 19:57:38 GMT
last-modified: Mon, 04 Dec 2023 18:36:49 GMT
etag: "3a0c70dca90edff93b7c348d620d4be8"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
accept-ranges: bytes
server: AmazonS3
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
age: 56962
content-security-policy: default-src 'self' https://assets.onfido.com; prefetch-src https://cdn.plaid.com; connect-src 'self' wss://app.airtm.io/graphql wss://app.airtm.com/graphql wss://app.airtm0.com/graphql wss://app.airtm-1.com/graphql wss://app.airtm-2.com/graphql wss://app.airtm-3.com/graphql wss://app.airtm-4.com/graphql https://*.facebook.com https://*.facebook.net https://*.hotjar.com https://*.hotjar.io https://*.kaptcha.com https://*.onfido.com https://airtm.freshdesk.com https://api.leanplum.com https://api.locize.app https://api.sendwyre.com https://api.testwyre.com https://dev.leanplum.com https://heapanalytics.com https://o950927.ingest.sentry.io https://sentry.io https://widget.freshworks.com https://www.leanplum.com wss://*.hotjar.com wss://*.onfido.com wss://dev.leanplum.com https://www.facebook.com https://monitor.geetest.com *.bing.com wss://*.bing.com https://*.trychameleon.com data: blob: *.onfido.com https://www.woopra.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com *.linkedin.com *.licdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.facebook.net https://*.geetest.com https://api.geevisit.com https://*.kaptcha.com https://*.wchat.freshchat.com https://apis.google.com https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://cdn.plaid.com/link/2.0.1322/link-dynamic-loader.js https://cdn.plaid.com/link/v2/stable/link-initialize.js https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.3/jquery.min.js https://code.jquery.com https://heapanalytics.com https://script.hotjar.com https://sentry.io https://static.hotjar.com https://verify.sendwyre.com https://wchat.freshchat.com https://widget.freshworks.com https://connect.facebook.net https://bat.bing.com https://r.bing.com https://*.trychameleon.com https://www.woopra.com https://assets.onfido.com https://www.googletagmanager.com https://tagmanager.google.com *.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com https://snap.licdn.com https://static-exp1.licdn.com https://content.linkedin.com https://platform.linkedin.com; frame-src 'self' data: blob: https://*.freshchat.com https://*.kaptcha.com https://*.sendwyre.com https://*.testwyre.com https://accounts.google.com https://cdn.plaid.com https://connect.facebook.net https://vars.hotjar.com https://www.facebook.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://web.facebook.com sdx.microsoft.com https://*.trychameleon.com www.linkedin.com; report-uri https://sentry.airtm.com/api/2/security/?sentry_key=edab16e543de4a3cbc3a6e8d88fc3d16&sentry_environment=production; img-src 'self' blob: data: android-webview-video-poster: https://*.facebook.com https://*.facebook.net https://*.geetest.com https://*.gstatic.com https://*.kaptcha.com https://app.airtm.com https://assets.prod.leanplum.com https://heapanalytics.com https://kanto-us-west-2-private-file-manager-shaymin.s3.us-west-2.amazonaws.com https://s3.amazonaws.com/cdn.freshdesk.com https://script.hotjar.com https://static-stg-us-east-1-private-file-manager-shaymin.s3.amazonaws.com/ *.bing.com *.microsoft.com https://*.trychameleon.com https://*.chmln-cdn.com https://lipis.github.io/flag-icon-css/ www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com *.google-analytics.com *.googletagmanager.com https://www.google-analytics.com *.linkedin.com *.licdn.com p.adsymptotic.com; font-src 'self' data: chrome-extension: https://script.hotjar.com https://heapanalytics.com https://*.chmln-cdn.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' blob: https://*.geetest.com https://heapanalytics.com https://wchat.freshchat.com https://widget.freshworks.com https://dn-staticdown.qbox.me *.bing.com https://assets.onfido.com https://tagmanager.google.com https://fonts.googleapis.com https://accounts.google.com *.licdn.com; media-src 'self' blob: media.licdn.com; object-src blob: 'self';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YFD_yGr0g263Lo4lgbA3_gjAyyyJ9QA_QeteTniJGdl-sEc_pZ25JA==
X-Firefox-Spdy: h2

HTTP/2 200 OK
last-modified: Fri, 22 Sep 2023 21:19:38 GMT
etag: "d712cb51ddca79bec27267c5dda35ad1"
cache-control: public, max-age=31536000, no-cache
content-encoding: br
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:46:59 GMT
strict-transport-security: max-age=31557600
via: 1.1 chameleon.io (Hyoid)
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1476
X-Firefox-Spdy: h2

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 11:47:00 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

HTTP/2 200 OK
content-type: application/json
content-length: 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-cache
access-control-max-age: 300
x-amz-replication-status: COMPLETED
last-modified: Wed, 08 Apr 2020 15:53:18 GMT
x-amz-version-id: LP99qA9EAMLqCMMRUwJOQ5lo4sldS.Jg
accept-ranges: bytes
server: AmazonS3
date: Tue, 05 Dec 2023 11:47:01 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=0
etag: "8a80554c91d9fca8acb82f023de02f11"
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Error from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: fkKJyEaWpjShugFMjWY6aaHprb-knaaFp2hcZgMBr_B2mUFC7aoKIw==
X-Firefox-Spdy: h2

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 05 Dec 2023 11:47:00 GMT
expires: Tue, 05 Dec 2023 11:47:00 GMT
cache-control: private, max-age=900
last-modified: Tue, 05 Dec 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 107620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

HTTP/2 200 OK
content-type: application/json
date: Tue, 05 Dec 2023 00:40:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-cache
access-control-max-age: 300
x-amz-replication-status: COMPLETED
last-modified: Fri, 03 Nov 2023 19:48:10 GMT
etag: W/"96ac1e5f7f5299ac15980af7279e638f"
x-amz-server-side-encryption: AES256
cache-control: public, stale-while-revalidate=8640, max-age=86400, s-maxage=86400
x-amz-version-id: rM.tQUHWWQaLuvW979tBHCz4Wh_1UkYK
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: vWyvhRBsxEjZk4eTY6Z0mXfPgyvEihydwD_F3R0jYmIqx2jwqBnHKA==
age: 40002
X-Firefox-Spdy: h2

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Type: text/javascript
Expires: 0
P3p: CP=CAO PSA OUR
Pragma: no-cache
Set-Cookie: k=45844bbcdbb148408b6335a59ee0755f; Path=/; Expires=Mon, 04 Mar 2024 11:47:00 GMT; HttpOnly; Secure; SameSite=None
X-Correlation-Id: 4a7b57fe-73ab-4db6-8cf8-6de72f3a1f46
Date: Tue, 05 Dec 2023 11:47:00 GMT
Transfer-Encoding: chunked

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 05 Dec 2023 11:47:00 GMT
expires: Tue, 05 Dec 2023 11:47:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 96037
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 05 Dec 2023 11:47:00 GMT
expires: Tue, 05 Dec 2023 11:47:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93199
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

HTTP/2 200 OK
server: CloudFront
content-type: application/json; charset=utf-8
content-length: 163
date: Tue, 05 Dec 2023 11:47:00 GMT
vary: Accept-Encoding, Origin
access-control-allow-origin: https://app.airtm-2.com
access-control-allow-credentials: true
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' https://assets.onfido.com; prefetch-src https://cdn.plaid.com; connect-src 'self' wss://app.airtm.io/graphql wss://app.airtm.com/graphql wss://app.airtm0.com/graphql wss://app.airtm-1.com/graphql wss://app.airtm-2.com/graphql wss://app.airtm-3.com/graphql wss://app.airtm-4.com/graphql https://*.facebook.com https://*.facebook.net https://*.hotjar.com https://*.hotjar.io https://*.kaptcha.com https://*.onfido.com https://airtm.freshdesk.com https://api.leanplum.com https://api.locize.app https://api.sendwyre.com https://api.testwyre.com https://dev.leanplum.com https://heapanalytics.com https://o950927.ingest.sentry.io https://sentry.io https://widget.freshworks.com https://www.leanplum.com wss://*.hotjar.com wss://*.onfido.com wss://dev.leanplum.com https://www.facebook.com https://monitor.geetest.com *.bing.com wss://*.bing.com https://*.trychameleon.com data: blob: *.onfido.com https://www.woopra.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com *.linkedin.com *.licdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.facebook.net https://*.geetest.com https://api.geevisit.com https://*.kaptcha.com https://*.wchat.freshchat.com https://apis.google.com https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://cdn.plaid.com/link/2.0.1322/link-dynamic-loader.js https://cdn.plaid.com/link/v2/stable/link-initialize.js https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.3/jquery.min.js https://code.jquery.com https://heapanalytics.com https://script.hotjar.com https://sentry.io https://static.hotjar.com https://verify.sendwyre.com https://wchat.freshchat.com https://widget.freshworks.com https://connect.facebook.net https://bat.bing.com https://r.bing.com https://*.trychameleon.com https://www.woopra.com https://assets.onfido.com https://www.googletagmanager.com https://tagmanager.google.com *.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com https://snap.licdn.com https://static-exp1.licdn.com https://content.linkedin.com https://platform.linkedin.com; frame-src 'self' data: blob: https://*.freshchat.com https://*.kaptcha.com https://*.sendwyre.com https://*.testwyre.com https://accounts.google.com https://cdn.plaid.com https://connect.facebook.net https://vars.hotjar.com https://www.facebook.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://web.facebook.com sdx.microsoft.com https://*.trychameleon.com www.linkedin.com; report-uri https://sentry.airtm.com/api/2/security/?sentry_key=edab16e543de4a3cbc3a6e8d88fc3d16&sentry_environment=production; img-src 'self' blob: data: android-webview-video-poster: https://*.facebook.com https://*.facebook.net https://*.geetest.com https://*.gstatic.com https://*.kaptcha.com https://app.airtm.com https://assets.prod.leanplum.com https://heapanalytics.com https://kanto-us-west-2-private-file-manager-shaymin.s3.us-west-2.amazonaws.com https://s3.amazonaws.com/cdn.freshdesk.com https://script.hotjar.com https://static-stg-us-east-1-private-file-manager-shaymin.s3.amazonaws.com/ *.bing.com *.microsoft.com https://*.trychameleon.com https://*.chmln-cdn.com https://lipis.github.io/flag-icon-css/ www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com *.google-analytics.com *.googletagmanager.com https://www.google-analytics.com *.linkedin.com *.licdn.com p.adsymptotic.com; font-src 'self' data: chrome-extension: https://script.hotjar.com https://heapanalytics.com https://*.chmln-cdn.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' blob: https://*.geetest.com https://heapanalytics.com https://wchat.freshchat.com https://widget.freshworks.com https://dn-staticdown.qbox.me *.bing.com https://assets.onfido.com https://tagmanager.google.com https://fonts.googleapis.com https://accounts.google.com *.licdn.com; media-src 'self' blob: media.licdn.com; object-src blob: 'self';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 73j2QU6BDnlbcPjrfxvataLDSCA6f6PmNRYa8XaF8B4XNCJDCJ5p3Q==
X-Firefox-Spdy: h2

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Type: text/html
Expires: 0
Pragma: no-cache
Set-Cookie: k=45844bbcdbb148408b6335a59ee0755f; Path=/; Expires=Mon, 04 Mar 2024 11:47:00 GMT; HttpOnly; Secure; SameSite=None
X-Correlation-Id: 1f2e2c5c-b74c-4eac-9027-9c288b74c84f
Date: Tue, 05 Dec 2023 11:47:00 GMT
Transfer-Encoding: chunked

HTTP/3 200 OK
content-type: application/json
content-length: 745
age: 40026
date: Tue, 05 Dec 2023 00:39:56 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-cache
access-control-max-age: 300
x-amz-replication-status: COMPLETED
last-modified: Fri, 03 Nov 2023 19:48:10 GMT
etag: "1221f102c48e4d789188f36c5c0159be"
x-amz-server-side-encryption: AES256
cache-control: public, stale-while-revalidate=8640, max-age=86400, s-maxage=86400
x-amz-version-id: thl4rVCSTOc99dgqVq1eLRxtR.QUSL5j
accept-ranges: bytes
server: AmazonS3
vary: Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: BE-wIPT8fFKSdt5ZE8q6d1-KjZfaDc9aXsJNWug6kpS_3ZGM6LLjYA==

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0
Pragma: no-cache
X-Correlation-Id: ca7acfd1-3246-4fdd-95f3-ac40434ccd17
Date: Tue, 05 Dec 2023 11:47:01 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 17996
date: Fri, 01 Dec 2023 06:13:41 GMT
last-modified: Thu, 30 Nov 2023 01:18:49 GMT
etag: "6384ae17a355b2cb7cdfe0870648dbcd"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
accept-ranges: bytes
server: AmazonS3
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
age: 365601
content-security-policy: default-src 'self' https://assets.onfido.com; prefetch-src https://cdn.plaid.com; connect-src 'self' wss://app.airtm.io/graphql wss://app.airtm.com/graphql wss://app.airtm0.com/graphql wss://app.airtm-1.com/graphql wss://app.airtm-2.com/graphql wss://app.airtm-3.com/graphql wss://app.airtm-4.com/graphql https://*.facebook.com https://*.facebook.net https://*.hotjar.com https://*.hotjar.io https://*.kaptcha.com https://*.onfido.com https://airtm.freshdesk.com https://api.leanplum.com https://api.locize.app https://api.sendwyre.com https://api.testwyre.com https://dev.leanplum.com https://heapanalytics.com https://o950927.ingest.sentry.io https://sentry.io https://widget.freshworks.com https://www.leanplum.com wss://*.hotjar.com wss://*.onfido.com wss://dev.leanplum.com https://www.facebook.com https://monitor.geetest.com *.bing.com wss://*.bing.com https://*.trychameleon.com data: blob: *.onfido.com https://www.woopra.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com *.linkedin.com *.licdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.facebook.net https://*.geetest.com https://api.geevisit.com https://*.kaptcha.com https://*.wchat.freshchat.com https://apis.google.com https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://cdn.plaid.com/link/2.0.1322/link-dynamic-loader.js https://cdn.plaid.com/link/v2/stable/link-initialize.js https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.3/jquery.min.js https://code.jquery.com https://heapanalytics.com https://script.hotjar.com https://sentry.io https://static.hotjar.com https://verify.sendwyre.com https://wchat.freshchat.com https://widget.freshworks.com https://connect.facebook.net https://bat.bing.com https://r.bing.com https://*.trychameleon.com https://www.woopra.com https://assets.onfido.com https://www.googletagmanager.com https://tagmanager.google.com *.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com https://snap.licdn.com https://static-exp1.licdn.com https://content.linkedin.com https://platform.linkedin.com; frame-src 'self' data: blob: https://*.freshchat.com https://*.kaptcha.com https://*.sendwyre.com https://*.testwyre.com https://accounts.google.com https://cdn.plaid.com https://connect.facebook.net https://vars.hotjar.com https://www.facebook.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://web.facebook.com sdx.microsoft.com https://*.trychameleon.com www.linkedin.com; report-uri https://sentry.airtm.com/api/2/security/?sentry_key=edab16e543de4a3cbc3a6e8d88fc3d16&sentry_environment=production; img-src 'self' blob: data: android-webview-video-poster: https://*.facebook.com https://*.facebook.net https://*.geetest.com https://*.gstatic.com https://*.kaptcha.com https://app.airtm.com https://assets.prod.leanplum.com https://heapanalytics.com https://kanto-us-west-2-private-file-manager-shaymin.s3.us-west-2.amazonaws.com https://s3.amazonaws.com/cdn.freshdesk.com https://script.hotjar.com https://static-stg-us-east-1-private-file-manager-shaymin.s3.amazonaws.com/ *.bing.com *.microsoft.com https://*.trychameleon.com https://*.chmln-cdn.com https://lipis.github.io/flag-icon-css/ www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com *.google-analytics.com *.googletagmanager.com https://www.google-analytics.com *.linkedin.com *.licdn.com p.adsymptotic.com; font-src 'self' data: chrome-extension: https://script.hotjar.com https://heapanalytics.com https://*.chmln-cdn.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' blob: https://*.geetest.com https://heapanalytics.com https://wchat.freshchat.com https://widget.freshworks.com https://dn-staticdown.qbox.me *.bing.com https://assets.onfido.com https://tagmanager.google.com https://fonts.googleapis.com https://accounts.google.com *.licdn.com; media-src 'self' blob: media.licdn.com; object-src blob: 'self';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: niP54hxdD8b7HSbrkG0LWcX-vvFsdKxCkBYUx9v66NHR845GSWOCBg==
X-Firefox-Spdy: h2

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0
Pragma: no-cache
X-Correlation-Id: 760f7408-90df-4f0f-a6d4-0965c13c41ea
Date: Tue, 05 Dec 2023 11:47:01 GMT
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 11:47:01 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 11:47:01 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

HTTP/2 200 OK
content-type: image/jpeg
content-length: 207059
date: Tue, 31 Oct 2023 15:54:15 GMT
last-modified: Tue, 31 Oct 2023 13:58:09 GMT
etag: "f853f0f5d85dabcf94f250c13477d9da"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
accept-ranges: bytes
server: AmazonS3
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
age: 3009167
content-security-policy: default-src 'self' https://assets.onfido.com; prefetch-src https://cdn.plaid.com; connect-src 'self' wss://app.airtm.io/graphql wss://app.airtm.com/graphql wss://app.airtm0.com/graphql wss://app.airtm-1.com/graphql wss://app.airtm-2.com/graphql wss://app.airtm-3.com/graphql wss://app.airtm-4.com/graphql https://*.facebook.com https://*.facebook.net https://*.hotjar.com https://*.hotjar.io https://*.kaptcha.com https://*.onfido.com https://airtm.freshdesk.com https://api.leanplum.com https://api.locize.app https://api.sendwyre.com https://api.testwyre.com https://dev.leanplum.com https://heapanalytics.com https://o950927.ingest.sentry.io https://sentry.io https://widget.freshworks.com https://www.leanplum.com wss://*.hotjar.com wss://*.onfido.com wss://dev.leanplum.com https://www.facebook.com https://monitor.geetest.com *.bing.com wss://*.bing.com https://*.trychameleon.com data: blob: *.onfido.com https://www.woopra.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com *.linkedin.com *.licdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.facebook.net https://*.geetest.com https://api.geevisit.com https://*.kaptcha.com https://*.wchat.freshchat.com https://apis.google.com https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://cdn.plaid.com/link/2.0.1322/link-dynamic-loader.js https://cdn.plaid.com/link/v2/stable/link-initialize.js https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.3/jquery.min.js https://code.jquery.com https://heapanalytics.com https://script.hotjar.com https://sentry.io https://static.hotjar.com https://verify.sendwyre.com https://wchat.freshchat.com https://widget.freshworks.com https://connect.facebook.net https://bat.bing.com https://r.bing.com https://*.trychameleon.com https://www.woopra.com https://assets.onfido.com https://www.googletagmanager.com https://tagmanager.google.com *.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com https://snap.licdn.com https://static-exp1.licdn.com https://content.linkedin.com https://platform.linkedin.com; frame-src 'self' data: blob: https://*.freshchat.com https://*.kaptcha.com https://*.sendwyre.com https://*.testwyre.com https://accounts.google.com https://cdn.plaid.com https://connect.facebook.net https://vars.hotjar.com https://www.facebook.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://web.facebook.com sdx.microsoft.com https://*.trychameleon.com www.linkedin.com; report-uri https://sentry.airtm.com/api/2/security/?sentry_key=edab16e543de4a3cbc3a6e8d88fc3d16&sentry_environment=production; img-src 'self' blob: data: android-webview-video-poster: https://*.facebook.com https://*.facebook.net https://*.geetest.com https://*.gstatic.com https://*.kaptcha.com https://app.airtm.com https://assets.prod.leanplum.com https://heapanalytics.com https://kanto-us-west-2-private-file-manager-shaymin.s3.us-west-2.amazonaws.com https://s3.amazonaws.com/cdn.freshdesk.com https://script.hotjar.com https://static-stg-us-east-1-private-file-manager-shaymin.s3.amazonaws.com/ *.bing.com *.microsoft.com https://*.trychameleon.com https://*.chmln-cdn.com https://lipis.github.io/flag-icon-css/ www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com *.google-analytics.com *.googletagmanager.com https://www.google-analytics.com *.linkedin.com *.licdn.com p.adsymptotic.com; font-src 'self' data: chrome-extension: https://script.hotjar.com https://heapanalytics.com https://*.chmln-cdn.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' blob: https://*.geetest.com https://heapanalytics.com https://wchat.freshchat.com https://widget.freshworks.com https://dn-staticdown.qbox.me *.bing.com https://assets.onfido.com https://tagmanager.google.com https://fonts.googleapis.com https://accounts.google.com *.licdn.com; media-src 'self' blob: media.licdn.com; object-src blob: 'self';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fbU3fz17stTtPNPWFDbTYgWn3Smd_u3KKiP5ehSX0dtUybkspiPtQA==
X-Firefox-Spdy: h2

HTTP/3 200 OK
content-type: application/json
alt-svc: h3=":443"; ma=86400
age: 40069
date: Tue, 05 Dec 2023 00:39:13 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-cache
access-control-max-age: 300
x-amz-replication-status: COMPLETED
last-modified: Fri, 03 Nov 2023 19:48:10 GMT
etag: W/"465576178691d74353fb50fff9478312"
x-amz-server-side-encryption: AES256
cache-control: public, stale-while-revalidate=8640, max-age=86400, s-maxage=86400
x-amz-version-id: Aftebow0lNw4yEgVItjDRVigzNruZFP5
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0h2jaBLCizgcTxu1aLvZbXV9t0Mka7mTCwPMPXcvckqKUX7C3REJcQ==

HTTP/2 200 OK
content-type: image/jpeg
content-length: 180627
date: Mon, 20 Nov 2023 00:59:42 GMT
last-modified: Mon, 13 Nov 2023 21:05:22 GMT
etag: "74175778dcbd14099bd41f7840159af0"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
accept-ranges: bytes
server: AmazonS3
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
age: 1334840
content-security-policy: default-src 'self' https://assets.onfido.com; prefetch-src https://cdn.plaid.com; connect-src 'self' wss://app.airtm.io/graphql wss://app.airtm.com/graphql wss://app.airtm0.com/graphql wss://app.airtm-1.com/graphql wss://app.airtm-2.com/graphql wss://app.airtm-3.com/graphql wss://app.airtm-4.com/graphql https://*.facebook.com https://*.facebook.net https://*.hotjar.com https://*.hotjar.io https://*.kaptcha.com https://*.onfido.com https://airtm.freshdesk.com https://api.leanplum.com https://api.locize.app https://api.sendwyre.com https://api.testwyre.com https://dev.leanplum.com https://heapanalytics.com https://o950927.ingest.sentry.io https://sentry.io https://widget.freshworks.com https://www.leanplum.com wss://*.hotjar.com wss://*.onfido.com wss://dev.leanplum.com https://www.facebook.com https://monitor.geetest.com *.bing.com wss://*.bing.com https://*.trychameleon.com data: blob: *.onfido.com https://www.woopra.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com *.linkedin.com *.licdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.facebook.net https://*.geetest.com https://api.geevisit.com https://*.kaptcha.com https://*.wchat.freshchat.com https://apis.google.com https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://cdn.plaid.com/link/2.0.1322/link-dynamic-loader.js https://cdn.plaid.com/link/v2/stable/link-initialize.js https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.3/jquery.min.js https://code.jquery.com https://heapanalytics.com https://script.hotjar.com https://sentry.io https://static.hotjar.com https://verify.sendwyre.com https://wchat.freshchat.com https://widget.freshworks.com https://connect.facebook.net https://bat.bing.com https://r.bing.com https://*.trychameleon.com https://www.woopra.com https://assets.onfido.com https://www.googletagmanager.com https://tagmanager.google.com *.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com https://snap.licdn.com https://static-exp1.licdn.com https://content.linkedin.com https://platform.linkedin.com; frame-src 'self' data: blob: https://*.freshchat.com https://*.kaptcha.com https://*.sendwyre.com https://*.testwyre.com https://accounts.google.com https://cdn.plaid.com https://connect.facebook.net https://vars.hotjar.com https://www.facebook.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://web.facebook.com sdx.microsoft.com https://*.trychameleon.com www.linkedin.com; report-uri https://sentry.airtm.com/api/2/security/?sentry_key=edab16e543de4a3cbc3a6e8d88fc3d16&sentry_environment=production; img-src 'self' blob: data: android-webview-video-poster: https://*.facebook.com https://*.facebook.net https://*.geetest.com https://*.gstatic.com https://*.kaptcha.com https://app.airtm.com https://assets.prod.leanplum.com https://heapanalytics.com https://kanto-us-west-2-private-file-manager-shaymin.s3.us-west-2.amazonaws.com https://s3.amazonaws.com/cdn.freshdesk.com https://script.hotjar.com https://static-stg-us-east-1-private-file-manager-shaymin.s3.amazonaws.com/ *.bing.com *.microsoft.com https://*.trychameleon.com https://*.chmln-cdn.com https://lipis.github.io/flag-icon-css/ www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com *.google-analytics.com *.googletagmanager.com https://www.google-analytics.com *.linkedin.com *.licdn.com p.adsymptotic.com; font-src 'self' data: chrome-extension: https://script.hotjar.com https://heapanalytics.com https://*.chmln-cdn.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' blob: https://*.geetest.com https://heapanalytics.com https://wchat.freshchat.com https://widget.freshworks.com https://dn-staticdown.qbox.me *.bing.com https://assets.onfido.com https://tagmanager.google.com https://fonts.googleapis.com https://accounts.google.com *.licdn.com; media-src 'self' blob: media.licdn.com; object-src blob: 'self';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: u5VQTCe-1qycDiQQOth0mT9h8tAJIiLMfh9KWBcM_5RKSodbpH06cw==
X-Firefox-Spdy: h2

HTTP/2 403 Forbidden
date: Tue, 05 Dec 2023 11:47:01 GMT
content-type: application/json
content-length: 26
expires: Tue, 05 Dec 2023 11:47:01 GMT
x-content-type-options: nosniff
content-language: en
x-sentry-error: Invalid origin
vary: Accept-Language, Cookie
last-modified: Tue, 05 Dec 2023 11:47:01 GMT
x-xss-protection: 1; mode=block
cache-control: max-age=0
x-frame-options: deny
X-Firefox-Spdy: h2

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0
Pragma: no-cache
X-Correlation-Id: 1cfa11b1-16d5-4b8f-a16b-efc34dc4b092
Date: Tue, 05 Dec 2023 11:47:01 GMT
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://app.airtm-2.com
date: Tue, 05 Dec 2023 11:47:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

HTTP/2 204 No Content
access-control-allow-origin: https://app.airtm-2.com
date: Tue, 05 Dec 2023 11:47:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 18976
date: Fri, 01 Dec 2023 06:13:41 GMT
last-modified: Thu, 30 Nov 2023 01:18:49 GMT
etag: "9c70afa70c78aa8497969ed94c1405c9"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
accept-ranges: bytes
server: AmazonS3
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
age: 365601
content-security-policy: default-src 'self' https://assets.onfido.com; prefetch-src https://cdn.plaid.com; connect-src 'self' wss://app.airtm.io/graphql wss://app.airtm.com/graphql wss://app.airtm0.com/graphql wss://app.airtm-1.com/graphql wss://app.airtm-2.com/graphql wss://app.airtm-3.com/graphql wss://app.airtm-4.com/graphql https://*.facebook.com https://*.facebook.net https://*.hotjar.com https://*.hotjar.io https://*.kaptcha.com https://*.onfido.com https://airtm.freshdesk.com https://api.leanplum.com https://api.locize.app https://api.sendwyre.com https://api.testwyre.com https://dev.leanplum.com https://heapanalytics.com https://o950927.ingest.sentry.io https://sentry.io https://widget.freshworks.com https://www.leanplum.com wss://*.hotjar.com wss://*.onfido.com wss://dev.leanplum.com https://www.facebook.com https://monitor.geetest.com *.bing.com wss://*.bing.com https://*.trychameleon.com data: blob: *.onfido.com https://www.woopra.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com *.linkedin.com *.licdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.facebook.net https://*.geetest.com https://api.geevisit.com https://*.kaptcha.com https://*.wchat.freshchat.com https://apis.google.com https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://cdn.plaid.com/link/2.0.1322/link-dynamic-loader.js https://cdn.plaid.com/link/v2/stable/link-initialize.js https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.3/jquery.min.js https://code.jquery.com https://heapanalytics.com https://script.hotjar.com https://sentry.io https://static.hotjar.com https://verify.sendwyre.com https://wchat.freshchat.com https://widget.freshworks.com https://connect.facebook.net https://bat.bing.com https://r.bing.com https://*.trychameleon.com https://www.woopra.com https://assets.onfido.com https://www.googletagmanager.com https://tagmanager.google.com *.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com https://snap.licdn.com https://static-exp1.licdn.com https://content.linkedin.com https://platform.linkedin.com; frame-src 'self' data: blob: https://*.freshchat.com https://*.kaptcha.com https://*.sendwyre.com https://*.testwyre.com https://accounts.google.com https://cdn.plaid.com https://connect.facebook.net https://vars.hotjar.com https://www.facebook.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://web.facebook.com sdx.microsoft.com https://*.trychameleon.com www.linkedin.com; report-uri https://sentry.airtm.com/api/2/security/?sentry_key=edab16e543de4a3cbc3a6e8d88fc3d16&sentry_environment=production; img-src 'self' blob: data: android-webview-video-poster: https://*.facebook.com https://*.facebook.net https://*.geetest.com https://*.gstatic.com https://*.kaptcha.com https://app.airtm.com https://assets.prod.leanplum.com https://heapanalytics.com https://kanto-us-west-2-private-file-manager-shaymin.s3.us-west-2.amazonaws.com https://s3.amazonaws.com/cdn.freshdesk.com https://script.hotjar.com https://static-stg-us-east-1-private-file-manager-shaymin.s3.amazonaws.com/ *.bing.com *.microsoft.com https://*.trychameleon.com https://*.chmln-cdn.com https://lipis.github.io/flag-icon-css/ www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com *.google-analytics.com *.googletagmanager.com https://www.google-analytics.com *.linkedin.com *.licdn.com p.adsymptotic.com; font-src 'self' data: chrome-extension: https://script.hotjar.com https://heapanalytics.com https://*.chmln-cdn.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' blob: https://*.geetest.com https://heapanalytics.com https://wchat.freshchat.com https://widget.freshworks.com https://dn-staticdown.qbox.me *.bing.com https://assets.onfido.com https://tagmanager.google.com https://fonts.googleapis.com https://accounts.google.com *.licdn.com; media-src 'self' blob: media.licdn.com; object-src blob: 'self';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0ubvwRFc9JiaKHeTFGzkgWvvR_ARBb_nQdATEfXmEiAcap2Ko15l_Q==
X-Firefox-Spdy: h2

HTTP/2 403 Forbidden
date: Tue, 05 Dec 2023 11:47:01 GMT
content-type: application/json
content-length: 26
expires: Tue, 05 Dec 2023 11:47:01 GMT
x-content-type-options: nosniff
content-language: en
x-sentry-error: Invalid origin
vary: Accept-Language, Cookie
last-modified: Tue, 05 Dec 2023 11:47:01 GMT
x-xss-protection: 1; mode=block
cache-control: max-age=0
x-frame-options: deny
X-Firefox-Spdy: h2

HTTP/2 403 Forbidden
date: Tue, 05 Dec 2023 11:47:01 GMT
content-type: application/json
content-length: 26
expires: Tue, 05 Dec 2023 11:47:01 GMT
x-content-type-options: nosniff
content-language: en
x-sentry-error: Invalid origin
vary: Accept-Language, Cookie
last-modified: Tue, 05 Dec 2023 11:47:01 GMT
x-xss-protection: 1; mode=block
cache-control: max-age=0
x-frame-options: deny
X-Firefox-Spdy: h2

HTTP/2 403 Forbidden
date: Tue, 05 Dec 2023 11:47:01 GMT
content-type: application/json
content-length: 26
expires: Tue, 05 Dec 2023 11:47:01 GMT
x-content-type-options: nosniff
content-language: en
x-sentry-error: Invalid origin
vary: Accept-Language, Cookie
last-modified: Tue, 05 Dec 2023 11:47:01 GMT
x-xss-protection: 1; mode=block
cache-control: max-age=0
x-frame-options: deny
X-Firefox-Spdy: h2

HTTP/2 403 Forbidden
date: Tue, 05 Dec 2023 11:47:01 GMT
content-type: application/json
content-length: 26
expires: Tue, 05 Dec 2023 11:47:01 GMT
x-content-type-options: nosniff
content-language: en
x-sentry-error: Invalid origin
vary: Accept-Language, Cookie
last-modified: Tue, 05 Dec 2023 11:47:01 GMT
x-xss-protection: 1; mode=block
cache-control: max-age=0
x-frame-options: deny
X-Firefox-Spdy: h2

HTTP/2 403 Forbidden
date: Tue, 05 Dec 2023 11:47:01 GMT
content-type: application/json
content-length: 26
expires: Tue, 05 Dec 2023 11:47:01 GMT
x-content-type-options: nosniff
content-language: en
x-sentry-error: Invalid origin
vary: Accept-Language, Cookie
last-modified: Tue, 05 Dec 2023 11:47:01 GMT
x-xss-protection: 1; mode=block
cache-control: max-age=0
x-frame-options: deny
X-Firefox-Spdy: h2

HTTP/2 200 OK
server: CloudFront
content-type: application/json; charset=utf-8
content-length: 209
date: Tue, 05 Dec 2023 11:47:01 GMT
vary: Accept-Encoding, Origin
access-control-allow-origin: https://app.airtm-2.com
access-control-allow-credentials: true
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' https://assets.onfido.com; prefetch-src https://cdn.plaid.com; connect-src 'self' wss://app.airtm.io/graphql wss://app.airtm.com/graphql wss://app.airtm0.com/graphql wss://app.airtm-1.com/graphql wss://app.airtm-2.com/graphql wss://app.airtm-3.com/graphql wss://app.airtm-4.com/graphql https://*.facebook.com https://*.facebook.net https://*.hotjar.com https://*.hotjar.io https://*.kaptcha.com https://*.onfido.com https://airtm.freshdesk.com https://api.leanplum.com https://api.locize.app https://api.sendwyre.com https://api.testwyre.com https://dev.leanplum.com https://heapanalytics.com https://o950927.ingest.sentry.io https://sentry.io https://widget.freshworks.com https://www.leanplum.com wss://*.hotjar.com wss://*.onfido.com wss://dev.leanplum.com https://www.facebook.com https://monitor.geetest.com *.bing.com wss://*.bing.com https://*.trychameleon.com data: blob: *.onfido.com https://www.woopra.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com *.linkedin.com *.licdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.facebook.net https://*.geetest.com https://api.geevisit.com https://*.kaptcha.com https://*.wchat.freshchat.com https://apis.google.com https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://cdn.plaid.com/link/2.0.1322/link-dynamic-loader.js https://cdn.plaid.com/link/v2/stable/link-initialize.js https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.3/jquery.min.js https://code.jquery.com https://heapanalytics.com https://script.hotjar.com https://sentry.io https://static.hotjar.com https://verify.sendwyre.com https://wchat.freshchat.com https://widget.freshworks.com https://connect.facebook.net https://bat.bing.com https://r.bing.com https://*.trychameleon.com https://www.woopra.com https://assets.onfido.com https://www.googletagmanager.com https://tagmanager.google.com *.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com https://snap.licdn.com https://static-exp1.licdn.com https://content.linkedin.com https://platform.linkedin.com; frame-src 'self' data: blob: https://*.freshchat.com https://*.kaptcha.com https://*.sendwyre.com https://*.testwyre.com https://accounts.google.com https://cdn.plaid.com https://connect.facebook.net https://vars.hotjar.com https://www.facebook.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://web.facebook.com sdx.microsoft.com https://*.trychameleon.com www.linkedin.com; report-uri https://sentry.airtm.com/api/2/security/?sentry_key=edab16e543de4a3cbc3a6e8d88fc3d16&sentry_environment=production; img-src 'self' blob: data: android-webview-video-poster: https://*.facebook.com https://*.facebook.net https://*.geetest.com https://*.gstatic.com https://*.kaptcha.com https://app.airtm.com https://assets.prod.leanplum.com https://heapanalytics.com https://kanto-us-west-2-private-file-manager-shaymin.s3.us-west-2.amazonaws.com https://s3.amazonaws.com/cdn.freshdesk.com https://script.hotjar.com https://static-stg-us-east-1-private-file-manager-shaymin.s3.amazonaws.com/ *.bing.com *.microsoft.com https://*.trychameleon.com https://*.chmln-cdn.com https://lipis.github.io/flag-icon-css/ www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com *.google-analytics.com *.googletagmanager.com https://www.google-analytics.com *.linkedin.com *.licdn.com p.adsymptotic.com; font-src 'self' data: chrome-extension: https://script.hotjar.com https://heapanalytics.com https://*.chmln-cdn.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' blob: https://*.geetest.com https://heapanalytics.com https://wchat.freshchat.com https://widget.freshworks.com https://dn-staticdown.qbox.me *.bing.com https://assets.onfido.com https://tagmanager.google.com https://fonts.googleapis.com https://accounts.google.com *.licdn.com; media-src 'self' blob: media.licdn.com; object-src blob: 'self';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: j7sXLrFnmPyxUDJRDbAWWu0W1P_5JwyotyKmGg6QmBy3lrVA9RhPPw==
X-Firefox-Spdy: h2

HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 15406
date: Sun, 19 Nov 2023 05:19:25 GMT
last-modified: Mon, 13 Nov 2023 21:05:21 GMT
etag: "95bafe0f34af18256bc1602ce648ebdc"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
accept-ranges: bytes
server: AmazonS3
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
age: 1405657
content-security-policy: default-src 'self' https://assets.onfido.com; prefetch-src https://cdn.plaid.com; connect-src 'self' wss://app.airtm.io/graphql wss://app.airtm.com/graphql wss://app.airtm0.com/graphql wss://app.airtm-1.com/graphql wss://app.airtm-2.com/graphql wss://app.airtm-3.com/graphql wss://app.airtm-4.com/graphql https://*.facebook.com https://*.facebook.net https://*.hotjar.com https://*.hotjar.io https://*.kaptcha.com https://*.onfido.com https://airtm.freshdesk.com https://api.leanplum.com https://api.locize.app https://api.sendwyre.com https://api.testwyre.com https://dev.leanplum.com https://heapanalytics.com https://o950927.ingest.sentry.io https://sentry.io https://widget.freshworks.com https://www.leanplum.com wss://*.hotjar.com wss://*.onfido.com wss://dev.leanplum.com https://www.facebook.com https://monitor.geetest.com *.bing.com wss://*.bing.com https://*.trychameleon.com data: blob: *.onfido.com https://www.woopra.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com *.linkedin.com *.licdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.facebook.net https://*.geetest.com https://api.geevisit.com https://*.kaptcha.com https://*.wchat.freshchat.com https://apis.google.com https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://cdn.plaid.com/link/2.0.1322/link-dynamic-loader.js https://cdn.plaid.com/link/v2/stable/link-initialize.js https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.3/jquery.min.js https://code.jquery.com https://heapanalytics.com https://script.hotjar.com https://sentry.io https://static.hotjar.com https://verify.sendwyre.com https://wchat.freshchat.com https://widget.freshworks.com https://connect.facebook.net https://bat.bing.com https://r.bing.com https://*.trychameleon.com https://www.woopra.com https://assets.onfido.com https://www.googletagmanager.com https://tagmanager.google.com *.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com https://snap.licdn.com https://static-exp1.licdn.com https://content.linkedin.com https://platform.linkedin.com; frame-src 'self' data: blob: https://*.freshchat.com https://*.kaptcha.com https://*.sendwyre.com https://*.testwyre.com https://accounts.google.com https://cdn.plaid.com https://connect.facebook.net https://vars.hotjar.com https://www.facebook.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://web.facebook.com sdx.microsoft.com https://*.trychameleon.com www.linkedin.com; report-uri https://sentry.airtm.com/api/2/security/?sentry_key=edab16e543de4a3cbc3a6e8d88fc3d16&sentry_environment=production; img-src 'self' blob: data: android-webview-video-poster: https://*.facebook.com https://*.facebook.net https://*.geetest.com https://*.gstatic.com https://*.kaptcha.com https://app.airtm.com https://assets.prod.leanplum.com https://heapanalytics.com https://kanto-us-west-2-private-file-manager-shaymin.s3.us-west-2.amazonaws.com https://s3.amazonaws.com/cdn.freshdesk.com https://script.hotjar.com https://static-stg-us-east-1-private-file-manager-shaymin.s3.amazonaws.com/ *.bing.com *.microsoft.com https://*.trychameleon.com https://*.chmln-cdn.com https://lipis.github.io/flag-icon-css/ www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com *.google-analytics.com *.googletagmanager.com https://www.google-analytics.com *.linkedin.com *.licdn.com p.adsymptotic.com; font-src 'self' data: chrome-extension: https://script.hotjar.com https://heapanalytics.com https://*.chmln-cdn.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' blob: https://*.geetest.com https://heapanalytics.com https://wchat.freshchat.com https://widget.freshworks.com https://dn-staticdown.qbox.me *.bing.com https://assets.onfido.com https://tagmanager.google.com https://fonts.googleapis.com https://accounts.google.com *.licdn.com; media-src 'self' blob: media.licdn.com; object-src blob: 'self';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rlYnjsjsSKZJH6mVd5iSDf0KX_QLhuNF2072sZdtO2MfPPZjgNPVHA==
X-Firefox-Spdy: h2

HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 13175
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ranges: bytes
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CA6B4D54205F4DD4A6C9D861C42F1A64 Ref B: OSL30EDGE0511 Ref C: 2023-12-05T11:47:02Z
date: Tue, 05 Dec 2023 11:47:01 GMT
X-Firefox-Spdy: h2

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1503048FAD706A5F24171751AC856BE1; domain=.bing.com; expires=Sun, 29-Dec-2024 11:47:02 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 76F143AB3D4C4256AC71B6FB6EA17D92 Ref B: OSL30EDGE0511 Ref C: 2023-12-05T11:47:02Z
date: Tue, 05 Dec 2023 11:47:01 GMT
X-Firefox-Spdy: h2

HTTP/2 200 OK
content-type: text/css
content-length: 0
last-modified: Thu, 16 Nov 2023 07:47:36 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Tue, 05 Dec 2023 11:43:47 GMT
cache-control: max-age=31536000, no-transform, public
expires: Wed, 27 Nov 2024 06:28:51 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lifn6qNSBjUZFB_JsXcqZfO2MSpfPtjmJMtPxDZsTFsFr1L3G5SD7A==
age: 197
X-Firefox-Spdy: h2

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 20 Nov 2023 04:32:08 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Tue, 05 Dec 2023 11:42:28 GMT
cache-control: max-age=31536000, no-transform, public
expires: Wed, 27 Nov 2024 06:28:51 GMT
etag: W/"862630a2b93632e0d7bbae6d63246102"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MzdceB-n01TY1ltRMVwZwDYbW8nHvo9O400zua2cbTVlzOCdvMVeLw==
age: 275
X-Firefox-Spdy: h2

HTTP/2 200 OK
date: Tue, 05 Dec 2023 11:47:02 GMT
content-type: text/css
server: fwe
last-modified: Tue, 28 Nov 2023 06:29:01 GMT
expires: Wed, 04 Dec 2024 11:47:02 GMT
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-server: 4z8vk
content-encoding: gzip
x-envoy-upstream-service-time: 0
x-trace-id: 00-99280d9a5cba6df6270625229f66aad8-dcc129e6775390a2-01
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: false
x-request-id: cf527ef7-6b3c-9eaa-abde-b73b0e96f91c
X-Firefox-Spdy: h2

HTTP/2 200 OK
cache-control: private,max-age=60
content-type: application/javascript; charset=utf-8
content-encoding: br
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 05E119B08DBE4B6E9BD1B055E5E94BFF Ref B: OSL30EDGE0511 Ref C: 2023-12-05T11:47:02Z
date: Tue, 05 Dec 2023 11:47:01 GMT
X-Firefox-Spdy: h2

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0
Pragma: no-cache
X-Correlation-Id: 98af32b3-b06d-4101-b9b5-0aad40777cc6
Date: Tue, 05 Dec 2023 11:47:03 GMT
Content-Length: 0

HTTP/2 206 Partial Content
content-type: audio/mpeg
content-length: 4302
last-modified: Thu, 16 Nov 2023 07:47:36 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Tue, 05 Dec 2023 11:47:03 GMT
cache-control: max-age=31536000, no-transform, public
expires: Wed, 27 Nov 2024 06:28:51 GMT
etag: "a529450a7cfb4a60dea41ef294fa90dd"
vary: Accept-Encoding
content-range: bytes 0-4301/4302
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O6M4LxqvO-a79GGG57d3mnhuWFWc9jcD7rP4KJfqGSD_2TFyxMlj8Q==
age: 229
X-Firefox-Spdy: h2

HTTP/2 200 OK
content-type: text/javascript
last-modified: Thu, 04 May 2023 08:20:06 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: _X3Qz9F7lBkY6fY5ZFJvKfTDFca1Mb.F
server: AmazonS3
content-encoding: gzip
date: Tue, 05 Dec 2023 11:47:03 GMT
cache-control: no-cache
etag: W/"b93463e6b790a2959a44cc7ba847f9ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 11hi-KreADS3ylOzFpZcPUX2zMo_AZSquEKTQ91NQPoHQ7GKVO8UMw==
age: 2
X-Firefox-Spdy: h2

HTTP/2 200 OK
date: Tue, 05 Dec 2023 11:47:03 GMT
content-type: application/json;charset=UTF-8
server: fwe
access-control-allow-credentials: true
cache-control: no-store
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-request-id: a911ab08-174a-48f2-b8d2-53565fcfa3ca
content-encoding: gzip
vary: accept-encoding
x-server: 2601
x-status: HIT
x-envoy-upstream-service-time: 0
x-trace-id: 00-ff36cb3cb96a9d912ff790b9b807c001-4e3ad200d8b20fd2-00
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: true
x-ratelimit-total: 3000
x-ratelimit-remaining: 2997
x-ratelimit-used-currentrequest: 1
x-ratelimit-limit: 3000
X-Firefox-Spdy: h2

HTTP/1.1 200 OK
x-amz-id-2: csQSZdKAw6HPxJaH7erS/rU0HtUdM0X+zSCW0Di9MR9fh7n+u2oddE4PHJv/AnnbqCMkwzM9YOQ=
x-amz-request-id: VD9M73K2ZT0CE3CK
Date: Tue, 05 Dec 2023 11:47:05 GMT
Last-Modified: Wed, 28 Sep 2022 00:12:47 GMT
ETag: "9ecd97751964104998481906bf281768"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
x-amz-version-id: h6oHcNFmrDzz3ek3FKy0kUYh_h_HuXy1
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 4597

HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 07:47:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Tue, 05 Dec 2023 11:42:48 GMT
cache-control: max-age=31536000, no-transform, public
expires: Wed, 27 Nov 2024 06:28:51 GMT
etag: W/"516f14e4be6e5d509f7f85c85054d45f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: i9VebRZRZRMzTWW2VmUDGjlYSmV-NIaEkOAv3kL45cVTyiRhrFVqrQ==
age: 269
X-Firefox-Spdy: h2

HTTP/1.1 200 OK
x-amz-id-2: yiEqViD3X7gTp00jYcHXp+HPWiijW/l10gNXDvwJ8EnHtJBEAiBvcJBHDs/sVGR19Q546FusP/E=
x-amz-request-id: VD9ZKYD6DDE09EK0
Date: Tue, 05 Dec 2023 11:47:05 GMT
Last-Modified: Thu, 21 Apr 2022 20:40:46 GMT
ETag: "066176abdac2de249d4976061645fd41"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
x-amz-version-id: 8U1icBnOjhnyRNdC3HXLkWOlRBmcJ5ND
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 78792

HTTP/1.1 200 OK
x-amz-id-2: fxnOuHE5Q5HjB16YuGavjgPZQ1PR4M0euRXlOX0PBfAiiYtABZLADC++64kV87rpNHklvNPI8GQ=
x-amz-request-id: DCZ0Y1N4E2QSE7Q9
Date: Tue, 05 Dec 2023 11:47:06 GMT
Last-Modified: Wed, 21 Dec 2022 20:06:34 GMT
ETag: "a046d04cce46ed91268351cf556d5f5c"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
x-amz-version-id: mci5UuuhfC_1WDceGoN5LC5HW8jFcG6Q
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 14702

HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 20 Nov 2023 04:32:08 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Tue, 05 Dec 2023 11:43:31 GMT
cache-control: max-age=31536000, no-transform, public
expires: Wed, 27 Nov 2024 06:28:51 GMT
etag: W/"05b1e01be3b51279f3932e908f6579db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4S7WiCS-VTSRL3lk4jYP3TfNAegRilv0DeOeGJKWzeCNWmGHnKQ-tA==
age: 212
X-Firefox-Spdy: h2

HTTP/3 204 No Content
access-control-allow-origin: https://app.airtm-2.com
date: Tue, 05 Dec 2023 11:47:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

HTTP/3 204 No Content
access-control-allow-origin: https://app.airtm-2.com
date: Tue, 05 Dec 2023 11:47:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 06:49:51 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Tue, 05 Dec 2023 11:43:31 GMT
cache-control: max-age=31536000, no-transform, public
expires: Wed, 27 Nov 2024 06:28:51 GMT
etag: W/"e048ab7fc94211ea2584c25aadd40ded"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HCw_lX3kC9EiJ7d6ayis0QIINKRQVRrdMPbu3wAWj62g1pnaT7bsiw==
age: 214
X-Firefox-Spdy: h2

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 04 Dec 2023 18:43:51 GMT
last-modified: Mon, 04 Dec 2023 18:36:48 GMT
etag: W/"da2a718df3bf598673a4aedc8a6c10b4"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
age: 61389
content-security-policy: default-src 'self' https://assets.onfido.com; prefetch-src https://cdn.plaid.com; connect-src 'self' wss://app.airtm.io/graphql wss://app.airtm.com/graphql wss://app.airtm0.com/graphql wss://app.airtm-1.com/graphql wss://app.airtm-2.com/graphql wss://app.airtm-3.com/graphql wss://app.airtm-4.com/graphql https://*.facebook.com https://*.facebook.net https://*.hotjar.com https://*.hotjar.io https://*.kaptcha.com https://*.onfido.com https://airtm.freshdesk.com https://api.leanplum.com https://api.locize.app https://api.sendwyre.com https://api.testwyre.com https://dev.leanplum.com https://heapanalytics.com https://o950927.ingest.sentry.io https://sentry.io https://widget.freshworks.com https://www.leanplum.com wss://*.hotjar.com wss://*.onfido.com wss://dev.leanplum.com https://www.facebook.com https://monitor.geetest.com *.bing.com wss://*.bing.com https://*.trychameleon.com data: blob: *.onfido.com https://www.woopra.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com *.linkedin.com *.licdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.facebook.net https://*.geetest.com https://api.geevisit.com https://*.kaptcha.com https://*.wchat.freshchat.com https://apis.google.com https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://cdn.plaid.com/link/2.0.1322/link-dynamic-loader.js https://cdn.plaid.com/link/v2/stable/link-initialize.js https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.3/jquery.min.js https://code.jquery.com https://heapanalytics.com https://script.hotjar.com https://sentry.io https://static.hotjar.com https://verify.sendwyre.com https://wchat.freshchat.com https://widget.freshworks.com https://connect.facebook.net https://bat.bing.com https://r.bing.com https://*.trychameleon.com https://www.woopra.com https://assets.onfido.com https://www.googletagmanager.com https://tagmanager.google.com *.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com https://snap.licdn.com https://static-exp1.licdn.com https://content.linkedin.com https://platform.linkedin.com; frame-src 'self' data: blob: https://*.freshchat.com https://*.kaptcha.com https://*.sendwyre.com https://*.testwyre.com https://accounts.google.com https://cdn.plaid.com https://connect.facebook.net https://vars.hotjar.com https://www.facebook.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://web.facebook.com sdx.microsoft.com https://*.trychameleon.com www.linkedin.com; report-uri https://sentry.airtm.com/api/2/security/?sentry_key=edab16e543de4a3cbc3a6e8d88fc3d16&sentry_environment=production; img-src 'self' blob: data: android-webview-video-poster: https://*.facebook.com https://*.facebook.net https://*.geetest.com https://*.gstatic.com https://*.kaptcha.com https://app.airtm.com https://assets.prod.leanplum.com https://heapanalytics.com https://kanto-us-west-2-private-file-manager-shaymin.s3.us-west-2.amazonaws.com https://s3.amazonaws.com/cdn.freshdesk.com https://script.hotjar.com https://static-stg-us-east-1-private-file-manager-shaymin.s3.amazonaws.com/ *.bing.com *.microsoft.com https://*.trychameleon.com https://*.chmln-cdn.com https://lipis.github.io/flag-icon-css/ www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com *.google-analytics.com *.googletagmanager.com https://www.google-analytics.com *.linkedin.com *.licdn.com p.adsymptotic.com; font-src 'self' data: chrome-extension: https://script.hotjar.com https://heapanalytics.com https://*.chmln-cdn.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' blob: https://*.geetest.com https://heapanalytics.com https://wchat.freshchat.com https://widget.freshworks.com https://dn-staticdown.qbox.me *.bing.com https://assets.onfido.com https://tagmanager.google.com https://fonts.googleapis.com https://accounts.google.com *.licdn.com; media-src 'self' blob: media.licdn.com; object-src blob: 'self';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tAbATkF5LORwiHQ0c0Yd3S5AHwK-6qDJu3XniPocOohdbiOXlCW6vg==
X-Firefox-Spdy: h2

HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 16 Nov 2023 07:47:37 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Tue, 05 Dec 2023 11:44:34 GMT
cache-control: max-age=31536000, no-transform, public
expires: Wed, 27 Nov 2024 06:28:51 GMT
etag: W/"d64d219ca4493f67a3970efc52d51c86"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kh9MfKHcbNlbMxm0xjy033H5lBTALv3uaGM3bWaNCo5f7D-OTq7fLA==
age: 149
X-Firefox-Spdy: h2

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 06:49:53 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Tue, 05 Dec 2023 11:45:52 GMT
cache-control: max-age=31536000, no-transform, public
expires: Wed, 27 Nov 2024 06:28:51 GMT
etag: W/"cfbdd7cc27f6369f9f18ba232aa13732"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7Ao_mZepIE_CZbl_SniFFS5DuqDNcHJhYHzNP9aD_Q0Iu8nGpFMiKg==
age: 73
X-Firefox-Spdy: h2

HTTP/2 200 OK
content-type: image/jpeg
content-length: 150619
date: Tue, 28 Nov 2023 09:45:40 GMT
last-modified: Tue, 21 Nov 2023 21:59:16 GMT
etag: "8199ea0120c4d3d2e1c0bc143664ae05"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
accept-ranges: bytes
server: AmazonS3
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
age: 612082
content-security-policy: default-src 'self' https://assets.onfido.com; prefetch-src https://cdn.plaid.com; connect-src 'self' wss://app.airtm.io/graphql wss://app.airtm.com/graphql wss://app.airtm0.com/graphql wss://app.airtm-1.com/graphql wss://app.airtm-2.com/graphql wss://app.airtm-3.com/graphql wss://app.airtm-4.com/graphql https://*.facebook.com https://*.facebook.net https://*.hotjar.com https://*.hotjar.io https://*.kaptcha.com https://*.onfido.com https://airtm.freshdesk.com https://api.leanplum.com https://api.locize.app https://api.sendwyre.com https://api.testwyre.com https://dev.leanplum.com https://heapanalytics.com https://o950927.ingest.sentry.io https://sentry.io https://widget.freshworks.com https://www.leanplum.com wss://*.hotjar.com wss://*.onfido.com wss://dev.leanplum.com https://www.facebook.com https://monitor.geetest.com *.bing.com wss://*.bing.com https://*.trychameleon.com data: blob: *.onfido.com https://www.woopra.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com *.linkedin.com *.licdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.facebook.net https://*.geetest.com https://api.geevisit.com https://*.kaptcha.com https://*.wchat.freshchat.com https://apis.google.com https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://cdn.plaid.com/link/2.0.1322/link-dynamic-loader.js https://cdn.plaid.com/link/v2/stable/link-initialize.js https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.3/jquery.min.js https://code.jquery.com https://heapanalytics.com https://script.hotjar.com https://sentry.io https://static.hotjar.com https://verify.sendwyre.com https://wchat.freshchat.com https://widget.freshworks.com https://connect.facebook.net https://bat.bing.com https://r.bing.com https://*.trychameleon.com https://www.woopra.com https://assets.onfido.com https://www.googletagmanager.com https://tagmanager.google.com *.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com https://snap.licdn.com https://static-exp1.licdn.com https://content.linkedin.com https://platform.linkedin.com; frame-src 'self' data: blob: https://*.freshchat.com https://*.kaptcha.com https://*.sendwyre.com https://*.testwyre.com https://accounts.google.com https://cdn.plaid.com https://connect.facebook.net https://vars.hotjar.com https://www.facebook.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://web.facebook.com sdx.microsoft.com https://*.trychameleon.com www.linkedin.com; report-uri https://sentry.airtm.com/api/2/security/?sentry_key=edab16e543de4a3cbc3a6e8d88fc3d16&sentry_environment=production; img-src 'self' blob: data: android-webview-video-poster: https://*.facebook.com https://*.facebook.net https://*.geetest.com https://*.gstatic.com https://*.kaptcha.com https://app.airtm.com https://assets.prod.leanplum.com https://heapanalytics.com https://kanto-us-west-2-private-file-manager-shaymin.s3.us-west-2.amazonaws.com https://s3.amazonaws.com/cdn.freshdesk.com https://script.hotjar.com https://static-stg-us-east-1-private-file-manager-shaymin.s3.amazonaws.com/ *.bing.com *.microsoft.com https://*.trychameleon.com https://*.chmln-cdn.com https://lipis.github.io/flag-icon-css/ www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com *.google-analytics.com *.googletagmanager.com https://www.google-analytics.com *.linkedin.com *.licdn.com p.adsymptotic.com; font-src 'self' data: chrome-extension: https://script.hotjar.com https://heapanalytics.com https://*.chmln-cdn.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' blob: https://*.geetest.com https://heapanalytics.com https://wchat.freshchat.com https://widget.freshworks.com https://dn-staticdown.qbox.me *.bing.com https://assets.onfido.com https://tagmanager.google.com https://fonts.googleapis.com https://accounts.google.com *.licdn.com; media-src 'self' blob: media.licdn.com; object-src blob: 'self';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2n0M9vFzMb6bhaGibUWwjdCaBwtHQhThOICfstaJ4VBb6aykjhRTIA==
X-Firefox-Spdy: h2

HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 07:47:33 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Tue, 05 Dec 2023 11:44:33 GMT
cache-control: max-age=31536000, no-transform, public
expires: Wed, 27 Nov 2024 06:28:51 GMT
etag: W/"47c822f8cee790a907c6e7dd37148e0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Mg36dne1EoF1JWnZKJ7pg0kIfgpqrKBkYaN6YoeFADh3JeiKPGVDww==
age: 150
X-Firefox-Spdy: h2

HTTP/2 200 OK
content-type: application/json
date: Tue, 05 Dec 2023 00:39:41 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-cache
access-control-max-age: 300
x-amz-replication-status: COMPLETED
last-modified: Tue, 05 Dec 2023 00:39:08 GMT
etag: W/"f43ef056430bd82c5c170f99f1f19718"
x-amz-server-side-encryption: AES256
cache-control: public, stale-while-revalidate=8640, max-age=86400, s-maxage=86400
x-amz-version-id: zJ3EeVw1aQNbtpnNrB7YfRvILJOqGlXp
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 4dPniTxLRuT8BN2auRPX2_CoSGLh8J7BN0QBNOVKrOug-iNhDCTUZA==
age: 40040
X-Firefox-Spdy: h2

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 04 Dec 2023 18:43:51 GMT
last-modified: Mon, 04 Dec 2023 18:36:48 GMT
etag: W/"08fdc65f4e175cfaadba2a50b3de34f8"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
age: 61389
content-security-policy: default-src 'self' https://assets.onfido.com; prefetch-src https://cdn.plaid.com; connect-src 'self' wss://app.airtm.io/graphql wss://app.airtm.com/graphql wss://app.airtm0.com/graphql wss://app.airtm-1.com/graphql wss://app.airtm-2.com/graphql wss://app.airtm-3.com/graphql wss://app.airtm-4.com/graphql https://*.facebook.com https://*.facebook.net https://*.hotjar.com https://*.hotjar.io https://*.kaptcha.com https://*.onfido.com https://airtm.freshdesk.com https://api.leanplum.com https://api.locize.app https://api.sendwyre.com https://api.testwyre.com https://dev.leanplum.com https://heapanalytics.com https://o950927.ingest.sentry.io https://sentry.io https://widget.freshworks.com https://www.leanplum.com wss://*.hotjar.com wss://*.onfido.com wss://dev.leanplum.com https://www.facebook.com https://monitor.geetest.com *.bing.com wss://*.bing.com https://*.trychameleon.com data: blob: *.onfido.com https://www.woopra.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com *.linkedin.com *.licdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.facebook.net https://*.geetest.com https://api.geevisit.com https://*.kaptcha.com https://*.wchat.freshchat.com https://apis.google.com https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://cdn.plaid.com/link/2.0.1322/link-dynamic-loader.js https://cdn.plaid.com/link/v2/stable/link-initialize.js https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.3/jquery.min.js https://code.jquery.com https://heapanalytics.com https://script.hotjar.com https://sentry.io https://static.hotjar.com https://verify.sendwyre.com https://wchat.freshchat.com https://widget.freshworks.com https://connect.facebook.net https://bat.bing.com https://r.bing.com https://*.trychameleon.com https://www.woopra.com https://assets.onfido.com https://www.googletagmanager.com https://tagmanager.google.com *.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com https://snap.licdn.com https://static-exp1.licdn.com https://content.linkedin.com https://platform.linkedin.com; frame-src 'self' data: blob: https://*.freshchat.com https://*.kaptcha.com https://*.sendwyre.com https://*.testwyre.com https://accounts.google.com https://cdn.plaid.com https://connect.facebook.net https://vars.hotjar.com https://www.facebook.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://web.facebook.com sdx.microsoft.com https://*.trychameleon.com www.linkedin.com; report-uri https://sentry.airtm.com/api/2/security/?sentry_key=edab16e543de4a3cbc3a6e8d88fc3d16&sentry_environment=production; img-src 'self' blob: data: android-webview-video-poster: https://*.facebook.com https://*.facebook.net https://*.geetest.com https://*.gstatic.com https://*.kaptcha.com https://app.airtm.com https://assets.prod.leanplum.com https://heapanalytics.com https://kanto-us-west-2-private-file-manager-shaymin.s3.us-west-2.amazonaws.com https://s3.amazonaws.com/cdn.freshdesk.com https://script.hotjar.com https://static-stg-us-east-1-private-file-manager-shaymin.s3.amazonaws.com/ *.bing.com *.microsoft.com https://*.trychameleon.com https://*.chmln-cdn.com https://lipis.github.io/flag-icon-css/ www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com *.google-analytics.com *.googletagmanager.com https://www.google-analytics.com *.linkedin.com *.licdn.com p.adsymptotic.com; font-src 'self' data: chrome-extension: https://script.hotjar.com https://heapanalytics.com https://*.chmln-cdn.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' blob: https://*.geetest.com https://heapanalytics.com https://wchat.freshchat.com https://widget.freshworks.com https://dn-staticdown.qbox.me *.bing.com https://assets.onfido.com https://tagmanager.google.com https://fonts.googleapis.com https://accounts.google.com *.licdn.com; media-src 'self' blob: media.licdn.com; object-src blob: 'self';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 88SolitM8_no0G6CqHjKhyP29dbAtD8XZgvk3dxcAPOBze7GDGHdZA==
X-Firefox-Spdy: h2

HTTP/2 200 OK
date: Tue, 05 Dec 2023 11:47:02 GMT
content-type: text/html
server: fwe
last-modified: Tue, 28 Nov 2023 06:29:01 GMT
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 4z8vk
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding: gzip
x-envoy-upstream-service-time: 1
x-trace-id: 00-0a36d69cf98d945a56c537da3591c43f-767c03106a882ea5-00
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: false
x-request-id: 3c1ed289-a645-48df-adc0-b3655fa0b37f
X-Firefox-Spdy: h2

HTTP/2 200 OK
date: Tue, 05 Dec 2023 11:47:03 GMT
content-type: text/css
server: fwe
last-modified: Tue, 28 Nov 2023 06:29:01 GMT
expires: Wed, 04 Dec 2024 11:47:03 GMT
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-server: 4z8vk
content-encoding: gzip
x-envoy-upstream-service-time: 1
x-trace-id: 00-3cdc48908198ba30bb74627802d3470e-a840338fc0978daa-00
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: false
x-request-id: 418c7564-c75f-4ea0-b356-e1f22ad4a00f
X-Firefox-Spdy: h2

HTTP/2 200 OK
content-type: text/css
date: Tue, 31 Oct 2023 19:17:53 GMT
last-modified: Tue, 31 Oct 2023 19:08:04 GMT
etag: W/"72056ffa238dacc785d76d4ca64dc353"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
age: 2996947
content-security-policy: default-src 'self' https://assets.onfido.com; prefetch-src https://cdn.plaid.com; connect-src 'self' wss://app.airtm.io/graphql wss://app.airtm.com/graphql wss://app.airtm0.com/graphql wss://app.airtm-1.com/graphql wss://app.airtm-2.com/graphql wss://app.airtm-3.com/graphql wss://app.airtm-4.com/graphql https://*.facebook.com https://*.facebook.net https://*.hotjar.com https://*.hotjar.io https://*.kaptcha.com https://*.onfido.com https://airtm.freshdesk.com https://api.leanplum.com https://api.locize.app https://api.sendwyre.com https://api.testwyre.com https://dev.leanplum.com https://heapanalytics.com https://o950927.ingest.sentry.io https://sentry.io https://widget.freshworks.com https://www.leanplum.com wss://*.hotjar.com wss://*.onfido.com wss://dev.leanplum.com https://www.facebook.com https://monitor.geetest.com *.bing.com wss://*.bing.com https://*.trychameleon.com data: blob: *.onfido.com https://www.woopra.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com https://www.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com *.linkedin.com *.licdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.facebook.net https://*.geetest.com https://api.geevisit.com https://*.kaptcha.com https://*.wchat.freshchat.com https://apis.google.com https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://cdn.plaid.com/link/2.0.1322/link-dynamic-loader.js https://cdn.plaid.com/link/v2/stable/link-initialize.js https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.3/jquery.min.js https://code.jquery.com https://heapanalytics.com https://script.hotjar.com https://sentry.io https://static.hotjar.com https://verify.sendwyre.com https://wchat.freshchat.com https://widget.freshworks.com https://connect.facebook.net https://bat.bing.com https://r.bing.com https://*.trychameleon.com https://www.woopra.com https://assets.onfido.com https://www.googletagmanager.com https://tagmanager.google.com *.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://accounts.google.com https://appleid.cdn-apple.com https://snap.licdn.com https://static-exp1.licdn.com https://content.linkedin.com https://platform.linkedin.com; frame-src 'self' data: blob: https://*.freshchat.com https://*.kaptcha.com https://*.sendwyre.com https://*.testwyre.com https://accounts.google.com https://cdn.plaid.com https://connect.facebook.net https://vars.hotjar.com https://www.facebook.com https://s-static.ak.facebook.com https://static.ak.facebook.com https://web.facebook.com sdx.microsoft.com https://*.trychameleon.com www.linkedin.com; report-uri https://sentry.airtm.com/api/2/security/?sentry_key=edab16e543de4a3cbc3a6e8d88fc3d16&sentry_environment=production; img-src 'self' blob: data: android-webview-video-poster: https://*.facebook.com https://*.facebook.net https://*.geetest.com https://*.gstatic.com https://*.kaptcha.com https://app.airtm.com https://assets.prod.leanplum.com https://heapanalytics.com https://kanto-us-west-2-private-file-manager-shaymin.s3.us-west-2.amazonaws.com https://s3.amazonaws.com/cdn.freshdesk.com https://script.hotjar.com https://static-stg-us-east-1-private-file-manager-shaymin.s3.amazonaws.com/ *.bing.com *.microsoft.com https://*.trychameleon.com https://*.chmln-cdn.com https://lipis.github.io/flag-icon-css/ www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com *.google-analytics.com *.googletagmanager.com https://www.google-analytics.com *.linkedin.com *.licdn.com p.adsymptotic.com; font-src 'self' data: chrome-extension: https://script.hotjar.com https://heapanalytics.com https://*.chmln-cdn.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' blob: https://*.geetest.com https://heapanalytics.com https://wchat.freshchat.com https://widget.freshworks.com https://dn-staticdown.qbox.me *.bing.com https://assets.onfido.com https://tagmanager.google.com https://fonts.googleapis.com https://accounts.google.com *.licdn.com; media-src 'self' blob: media.licdn.com; object-src blob: 'self';
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CnmCrCOeHgiES00dfGJr4tQtGCo-W9mdZUjCXXP-r1TlrafkALy9lA==
X-Firefox-Spdy: h2

HTTP/3 204 No Content
access-control-allow-origin: https://app.airtm-2.com
date: Tue, 05 Dec 2023 11:47:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000