r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6658
Expires: Wed, 08 Feb 2023 01:32:06 GMT
Date: Tue, 07 Feb 2023 23:41:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3514
Expires: Wed, 08 Feb 2023 00:39:42 GMT
Date: Tue, 07 Feb 2023 23:41:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 23:34:10 GMT
content-type: application/json
age: 418
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17474
Expires: Wed, 08 Feb 2023 04:32:22 GMT
Date: Tue, 07 Feb 2023 23:41:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Tqeml28bwMMErV/DUDyKeshjFogxjzWsaq77C9AVLiSxNpO2LzuYlj3xW1nsLaER/3WpXLLZB4o=
x-amz-request-id: Q81P1J213HEC3NKD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 22:45:44 GMT
age: 3324
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 23:41:08 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
globalcurrencyaccount.ofx.com/Transfer
3.105.135.117301 Moved Permanently 134 B URL HTTP/1.1 globalcurrencyaccount.ofx.com/Transfer
IP 3.105.135.117:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /Transfer HTTP/1.1
Host: globalcurrencyaccount.ofx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Tue, 07 Feb 2023 23:41:08 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://globalcurrencyaccount.ofx.com:443/Transfer
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 23:14:52 GMT
age: 1577
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6827
Expires: Wed, 08 Feb 2023 01:34:56 GMT
Date: Tue, 07 Feb 2023 23:41:09 GMT
Connection: keep-alive
push.services.mozilla.com/
35.81.158.34101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.81.158.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AMe1wBwboDSqyES/+c+gMw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VgrYYmzEvu6I3En7nhmtyYMm1ow=
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 15a13555d8d352bdbe5eaa748b2ba78e
74f31b400c4dccfcfaee20c6e5abd14103299870
cd570d7fa0f7ba62e76e3b616b4360c382ecb3ecd27507a9f606a16cdbaa1ff6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167535
Date: Tue, 07 Feb 2023 23:41:09 GMT
Etag: "63e2cd04-1d7"
Expires: Thu, 09 Feb 2023 22:13:24 GMT
Last-Modified: Tue, 07 Feb 2023 22:13:24 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sRF3aYdM1Ay4pvCtRuHYtqNEIXPAGciQG7k1LEUylk1E2275v_TWnQ==
globalcurrencyaccount.ofx.com/Transfer
3.105.135.117302 Found 0 B URL HTTP/2 globalcurrencyaccount.ofx.com/Transfer
IP 3.105.135.117:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Transfer HTTP/1.1
Host: globalcurrencyaccount.ofx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 07 Feb 2023 23:41:10 GMT
content-length: 0
location: http://globalcurrencyaccount.ofx.com/login?ReturnUrl=%2FTransfer
server: Kestrel
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3338
Expires: Wed, 08 Feb 2023 00:36:48 GMT
Date: Tue, 07 Feb 2023 23:41:10 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3338
Expires: Wed, 08 Feb 2023 00:36:48 GMT
Date: Tue, 07 Feb 2023 23:41:10 GMT
Connection: keep-alive
globalcurrencyaccount.ofx.com/login?ReturnUrl=%2FTransfer
3.105.135.117301 Moved Permanently 134 B URL HTTP/1.1 globalcurrencyaccount.ofx.com/login?ReturnUrl=%2FTransfer
IP 3.105.135.117:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /login?ReturnUrl=%2FTransfer HTTP/1.1
Host: globalcurrencyaccount.ofx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Tue, 07 Feb 2023 23:41:10 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://globalcurrencyaccount.ofx.com:443/login?ReturnUrl=%2FTransfer
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3338
Expires: Wed, 08 Feb 2023 00:36:48 GMT
Date: Tue, 07 Feb 2023 23:41:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 81DTnHIh40lNEi6l5hC87Vo9R8k4w79Fr71zibyvGP0iJm4kmhWITA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:45:27 GMT
age: 57343
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a39697d-4bed-4ebe-970d-d9950958f814.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a39697d-4bed-4ebe-970d-d9950958f814.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de2fe3c9a2b091689a7213c4f781446
385fa88a857ba301f37ab56d72d11fb49abd8c6b
b64b11a68493fa304aa6102bf9b9ff11fab5e1536ecf768e4b0fa51470ae2293
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a39697d-4bed-4ebe-970d-d9950958f814.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13714
x-amzn-requestid: 8f776dba-4e5d-46e5-a3ac-459d86852375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PFjGNHIAMFrMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c556-74429dc755cc37672c68b58b;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KYWj40o5goODdNjGr_Evrb_bfXcxtJRIyGvs7ViEWlELAyJt0-ZzMw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:54:14 GMT
age: 6416
etag: "385fa88a857ba301f37ab56d72d11fb49abd8c6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe800d6af728cd622a6192ad5e7dda6a
3a301dd894fc428c7d1863c9d5eaf2652f5c2083
f4923c211ef24e933bbe73bd8d2033d6b6da4a9fa0c9d4699a1041a7bd8bf5a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12216
x-amzn-requestid: cc61a63b-35fe-4bfa-ad20-1db3f4165446
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7LFrCIAMFoYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-2b5e27c62218510b74ea0989;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Cf13Lp2SFHQ4SSF6_KpC4zx339tZRkMmnmF-OKM_2hbWbIoR3OLJ_g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:50:49 GMT
age: 6621
etag: "3a301dd894fc428c7d1863c9d5eaf2652f5c2083"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f31c82179856e39ee5fc43d7f0b685
5b37f807a19ffc80c0b9334e6d24d5bb717496ce
c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: ef7a879d-25be-42b0-a5c5-df6ad8f1482c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_R2FFv5IAMFZ7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c9c0-2f8fa7ef41b70de04cfb5ac6;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:59:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JxJrYYY7fMm_DCBcuC4OEdR62HL5VMvJbt_a6TWp4QfqN0qxgFgj-A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:06:50 GMT
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
age: 5660
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b327816bc2c6fd7291c75c693685d54
771070be61d0724b1c90ca86ea34c804bd7e501a
d45188239cacc7b228bc75ccc95afb48914aaa434c418cd5b786533e8b9cb983
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6838
x-amzn-requestid: 54fc5ae9-d37a-46cf-97e0-d05de1417cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7QEsCoAMFY1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-40de6212468fcd0e78a93708;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mgfr5wO7Bj5BVjKYY7O0c4ogLognfq09QrA9khZROr2CVyOWgKTz1g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:52:35 GMT
age: 6515
etag: "771070be61d0724b1c90ca86ea34c804bd7e501a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f175de8eebe398f5de2829cd551b3f04
e6da63e9b03289bfded190d999a20da78232437c
b5d1ee4bd6186cbac1e4ac037766c9e453e166b0cfb2e08004cb11b8bb7daa88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10202
x-amzn-requestid: 15e6c7ee-acef-4638-9a15-a01864ac74f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PEYFZOoAMFzEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c54f-3681217a71e5b9472b9cdb8a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PyOVGtKFSYIU2don5C7_L_pTUxdP_VEAhLZUhtBWo2PZ4kvPqaTg9g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:55:22 GMT
etag: "e6da63e9b03289bfded190d999a20da78232437c"
content-type: image/jpeg
age: 6348
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
globalcurrencyaccount.ofx.com/login?ReturnUrl=%2FTransfer
3.105.135.117302 Found 0 B URL HTTP/2 globalcurrencyaccount.ofx.com/login?ReturnUrl=%2FTransfer
IP 3.105.135.117:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /login?ReturnUrl=%2FTransfer HTTP/1.1
Host: globalcurrencyaccount.ofx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 302 Found
date: Tue, 07 Feb 2023 23:41:10 GMT
content-length: 0
location: https://identity.ofx.com/oauth2/default/v1/authorize?client_id=secure.ofx.com&redirect_uri=https%3A%2F%2Fglobalcurrencyaccount.ofx.com%2Fsignin-oidc-okta&response_type=code&scope=openid%20profile%20offline_access%20ALLAPI&code_challenge=GF2J4NBydC5Mm3AabJyGiUp8n_lsG-CLpRxILG00mwE&code_challenge_method=S256&response_mode=form_post&nonce=638114100707631440.OTgzMWJhMWMtZGM5OS00MmZlLTllZWQtZTFlN2JkMzdlMWQwMjgxYWY1MWQtMThjOC00ZmFjLTliYTgtYjU5YTQwZjYyOWJj&state=CfDJ8PmtOUue1JpDqRIGmtF6GTtUgoWC8OQIOsbwGF89YBDHlp_9Gtp4VFJwjSuK8HXVRN2bjVrsJmaRXc83xRPtMRQ4a3yBN0tm6MLETSm1-7aJ3E_4dbFlHibfqerv1cG0FTzoOvT4raJCx8j-oUv_ltYQWb47WiqbpmuFk5ul2rf-3kLgkyYpjRw_K10G1qpCbxvP_m3ricaeMTlyxLNOVIgo4jmvgsv2zjv7EkPoYakWksFbyKO6QCr39zRS0ZbnaPpg1xCjyZE95QLaGng-DItEssvomg8Fc7h1buaddySkRMB8Gogxk-0tZmMftZielz01OcQOlClJF32D2HPQ5FEzUEC_1mvYQUqIn5T6Cup_8XMdaQ17dbX7sYynqTI15Yenic3PD2hdM_9Tkzc7Lr4&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.10.0.0
server: Kestrel
set-cookie: .AspNetCore.OpenIdConnect.Nonce.CfDJ8PmtOUue1JpDqRIGmtF6GTu1QGzw8uzG11kHpBdOdku9GebBmAqdr3xh-Rbsd1IJElIbMnGA1h1nf_FLLTAvu5gvLxY5Okj0GiqKWdF_89rglEBBolzwUrzOeWtrLdKxFkqll69NXwm_Lw2EUuJvtpS0I-Ob-coU9XIchN0TVwhA-e5EyfI_9jriE0KOj5MUCPpGRJDzIYCoLfVXoIsuexRGxWvx2Y1bqCi4TLTocc44Q6khmcce9b2vDdA1IP-3A_dpUq7Nh2f3Kk3exB4Atag=N; expires=Tue, 07 Feb 2023 23:56:10 GMT; path=/signin-oidc-okta; secure; samesite=none; httponly
.AspNetCore.Correlation.EIqD65s1VuGOxZce_bTX9D3MTtpEAuNpRoMl_1qjvRs=N; expires=Tue, 07 Feb 2023 23:56:10 GMT; path=/signin-oidc-okta; secure; samesite=none; httponly
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 22ca7c482674d67f993ad78a40c56e7e
48c2bc5b76618ae1738d2359d29043586cc32ce9
7838d789297f1439d2bc3d1ecebfb7f915b147d77d7c5882bb329ec4d887b284
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:41:11 GMT
Etag: "63e2024f-1d7"
Server: ECS (amb/6BB0)
Content-Length: 471
identity.ofx.com/oauth2/default/v1/authorize?client_id=secure.ofx.com&redirect_uri=https%3A%2F%2Fglobalcurrencyaccount.ofx.com%2Fsignin-oidc-okta&response_type=code&scope=openid%20profile%20offline_access%20ALLAPI&code_challenge=GF2J4NBydC5Mm3AabJyGiUp8n_lsG-CLpRxILG00mwE&code_challenge_method=S256&response_mode=form_post&nonce=638114100707631440.OTgzMWJhMWMtZGM5OS00MmZlLTllZWQtZTFlN2JkMzdlMWQwMjgxYWY1MWQtMThjOC00ZmFjLTliYTgtYjU5YTQwZjYyOWJj&state=CfDJ8PmtOUue1JpDqRIGmtF6GTtUgoWC8OQIOsbwGF89YBDHlp_9Gtp4VFJwjSuK8HXVRN2bjVrsJmaRXc83xRPtMRQ4a3yBN0tm6MLETSm1-7aJ3E_4dbFlHibfqerv1cG0FTzoOvT4raJCx8j-oUv_ltYQWb47WiqbpmuFk5ul2rf-3kLgkyYpjRw_K10G1qpCbxvP_m3ricaeMTlyxLNOVIgo4jmvgsv2zjv7EkPoYakWksFbyKO6QCr39zRS0ZbnaPpg1xCjyZE95QLaGng-DItEssvomg8Fc7h1buaddySkRMB8Gogxk-0tZmMftZielz01OcQOlClJF32D2HPQ5FEzUEC_1mvYQUqIn5T6Cup_8XMdaQ17dbX7sYynqTI15Yenic3PD2hdM_9Tkzc7Lr4&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.10.0.0
15.197.181.212200 OK 18 kB URL HTTP/1.1 identity.ofx.com/oauth2/default/v1/authorize?client_id=secure.ofx.com&redirect_uri=https%3A%2F%2Fglobalcurrencyaccount.ofx.com%2Fsignin-oidc-okta&response_type=code&scope=openid%20profile%20offline_access%20ALLAPI&code_challenge=GF2J4NBydC5Mm3AabJyGiUp8n_lsG-CLpRxILG00mwE&code_challenge_method=S256&response_mode=form_post&nonce=638114100707631440.OTgzMWJhMWMtZGM5OS00MmZlLTllZWQtZTFlN2JkMzdlMWQwMjgxYWY1MWQtMThjOC00ZmFjLTliYTgtYjU5YTQwZjYyOWJj&state=CfDJ8PmtOUue1JpDqRIGmtF6GTtUgoWC8OQIOsbwGF89YBDHlp_9Gtp4VFJwjSuK8HXVRN2bjVrsJmaRXc83xRPtMRQ4a3yBN0tm6MLETSm1-7aJ3E_4dbFlHibfqerv1cG0FTzoOvT4raJCx8j-oUv_ltYQWb47WiqbpmuFk5ul2rf-3kLgkyYpjRw_K10G1qpCbxvP_m3ricaeMTlyxLNOVIgo4jmvgsv2zjv7EkPoYakWksFbyKO6QCr39zRS0ZbnaPpg1xCjyZE95QLaGng-DItEssvomg8Fc7h1buaddySkRMB8Gogxk-0tZmMftZielz01OcQOlClJF32D2HPQ5FEzUEC_1mvYQUqIn5T6Cup_8XMdaQ17dbX7sYynqTI15Yenic3PD2hdM_9Tkzc7Lr4&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.10.0.0
IP 15.197.181.212:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4475)
Hash e5dca2531b75280a516d9d6f99377839
45b8474e7d24d4dd1290bb8181b41cf1607392ec
97e29dce48aba430d21cf79dac8d8d53e06ad65f4c5b1ebf10c569e84aec48ed
GET /oauth2/default/v1/authorize?client_id=secure.ofx.com&redirect_uri=https%3A%2F%2Fglobalcurrencyaccount.ofx.com%2Fsignin-oidc-okta&response_type=code&scope=openid%20profile%20offline_access%20ALLAPI&code_challenge=GF2J4NBydC5Mm3AabJyGiUp8n_lsG-CLpRxILG00mwE&code_challenge_method=S256&response_mode=form_post&nonce=638114100707631440.OTgzMWJhMWMtZGM5OS00MmZlLTllZWQtZTFlN2JkMzdlMWQwMjgxYWY1MWQtMThjOC00ZmFjLTliYTgtYjU5YTQwZjYyOWJj&state=CfDJ8PmtOUue1JpDqRIGmtF6GTtUgoWC8OQIOsbwGF89YBDHlp_9Gtp4VFJwjSuK8HXVRN2bjVrsJmaRXc83xRPtMRQ4a3yBN0tm6MLETSm1-7aJ3E_4dbFlHibfqerv1cG0FTzoOvT4raJCx8j-oUv_ltYQWb47WiqbpmuFk5ul2rf-3kLgkyYpjRw_K10G1qpCbxvP_m3ricaeMTlyxLNOVIgo4jmvgsv2zjv7EkPoYakWksFbyKO6QCr39zRS0ZbnaPpg1xCjyZE95QLaGng-DItEssvomg8Fc7h1buaddySkRMB8Gogxk-0tZmMftZielz01OcQOlClJF32D2HPQ5FEzUEC_1mvYQUqIn5T6Cup_8XMdaQ17dbX7sYynqTI15Yenic3PD2hdM_9Tkzc7Lr4&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.10.0.0 HTTP/1.1
Host: identity.ofx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:41:11 GMT
Server: nginx
Content-Type: text/html;charset=utf-8
Vary: Accept-Encoding
x-okta-request-id: Y-Lhl9A2mBdopIX5avu8dQAACd4
x-xss-protection: 0
p3p: CP="HONK"
x-rate-limit-limit: 60
x-rate-limit-remaining: 59
x-rate-limit-reset: 1675813331
expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
referrer-policy: no-referrer
cache-control: no-cache, no-store
pragma: no-cache
expires: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-ua-compatible: IE=edge
content-language: en
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-Robots-Tag: noindex,nofollow
Content-Encoding: gzip
set-cookie: sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
autolaunch_triggered=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
JSESSIONID=BF0F26AFAB73EAB7D8C49E50E388D229; Path=/; Secure; HttpOnly
t=default; Path=/
DT=DI1Bc_rYB4eRlSUKOHUnNh9eg;Version=1;Path=/;Max-Age=63072000;Secure;Expires=Thu, 06 Feb 2025 23:41:11 GMT;HttpOnly;SameSite=None
sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
autolaunch_triggered=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
t=default; Path=/
DT=DI1Bc_rYB4eRlSUKOHUnNh9eg;Version=1;Path=/;Max-Age=63072000;Secure;Expires=Thu, 06 Feb 2025 23:41:11 GMT;HttpOnly;SameSite=None
sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
cdn.jsdelivr.net/npm/uuid@8.3.2/dist/umd/uuidv4.min.js
151.101.129.229200 OK 669 B URL HTTP/2 cdn.jsdelivr.net/npm/uuid@8.3.2/dist/umd/uuidv4.min.js
IP 151.101.129.229:0
File type ASCII text, with very long lines (1366), with no line terminators
Hash 410a517cf9f3478998f3b01bbcb6fdc9
f3374770c11535a58ef6ac7ff44fea0c2e6f9d35
37ffa90fc1782840938551dbc7a8366efa13f68af2c289e68765a89d8d1c3e48
GET /npm/uuid@8.3.2/dist/umd/uuidv4.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 8.3.2
x-jsd-version-type: version
etag: W/"556-Wdn/VD6mBE6EvolddgVB6g4Ez5g"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 07 Feb 2023 23:41:11 GMT
age: 682362
x-served-by: cache-fra-eddf8230117-FRA, cache-bma1647-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 669
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/whatwg-fetch@3.6.2/dist/fetch.umd.min.js
151.101.129.229200 OK 3.5 kB URL HTTP/2 cdn.jsdelivr.net/npm/whatwg-fetch@3.6.2/dist/fetch.umd.min.js
IP 151.101.129.229:0
File type ASCII text, with very long lines (9371)
Hash dc41db3e4f198e60ee3e7ff7326a1780
67809d92bfd1ef2c5a2a62b28938836e92c99084
58601f7a7c22519093736e6ac007ec2a1f4107a3acfd8659a9f9c65f2a938e8d
GET /npm/whatwg-fetch@3.6.2/dist/fetch.umd.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.6.2
x-jsd-version-type: version
etag: W/"25e9-zcVmEEmMDMb0e9E5b4uSxESNjNU"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 07 Feb 2023 23:41:11 GMT
age: 2941279
x-served-by: cache-fra-eddf8230133-FRA, cache-bma1647-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3450
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/promise-polyfill@8.2.0/dist/polyfill.min.js
151.101.129.229200 OK 1.4 kB URL HTTP/2 cdn.jsdelivr.net/npm/promise-polyfill@8.2.0/dist/polyfill.min.js
IP 151.101.129.229:0
File type ASCII text, with very long lines (3872)
Hash ec3502366295424aff214fc9ec4ccd90
48901ed3344bd0d35534e6d62cf12e2234b0590b
46e0e9825647abd3bc6ce0c583029937f541a7841338845e29e15ee75f0cc822
GET /npm/promise-polyfill@8.2.0/dist/polyfill.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 8.2.0
x-jsd-version-type: version
etag: W/"f21-7y8qDdUZ0tHOjRWwA1LCbmu2V2I"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 07 Feb 2023 23:41:11 GMT
age: 1887628
x-served-by: cache-fra-eddf8230038-FRA, cache-bma1647-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1372
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8d5417d247d259e3c0186136b83d9f75
49fbcf99a352669aee2559579ef73fa60f46d38d
3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:41:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash 57367abddf841d488a0a08284d1f2d85
aa88011bd078829268784075bf0948e82d4313eb
8733eb218f24d33d215806f961dafd78a5605d699dc4726b241bb45482b276f7
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:41:11 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "17DD57EB4C67AED8C63858506C6A3EFB36F2E64B"
Expires: Wed, 08 Feb 2023 11:00:00 GMT
Last-Modified: Tue, 07 Feb 2023 23:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1731
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795ff995ac9c0b51-OSL
www.googletagmanager.com/gtm.js?id=GTM-KSMXT6
172.217.21.168200 OK 70 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KSMXT6
IP 172.217.21.168:0
File type ASCII text, with very long lines (51040)
Hash 7f9e3ea09fc5528f1fd4c5035cb3f2bf
32e4d66ec6b2108ac1474df05f64cd7ed36153a5
7c9732d825ce98c421338b35f6f742c061a496259ad1d1a30e871c105dbc36ba
GET /gtm.js?id=GTM-KSMXT6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 Feb 2023 23:41:11 GMT
expires: Tue, 07 Feb 2023 23:41:11 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 Feb 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70296
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 08b08d5d725e53ecddee874580bf9b9c
cfd37af4f20a5e2f98b83e4a8d03d17f603b5351
12fb7c5d1f86a5b2de7f1678b9502c6d02f20da54ac893a078751f5eb31cce0e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 07 Feb 2023 23:41:11 GMT
Last-Modified: Tue, 07 Feb 2023 22:04:32 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TS4rx35ScsR8x6N1J0gx6U9i1gEYofECylDTH6C3gI8pglOb_Wz3tA==
Age: 5799
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 08b08d5d725e53ecddee874580bf9b9c
cfd37af4f20a5e2f98b83e4a8d03d17f603b5351
12fb7c5d1f86a5b2de7f1678b9502c6d02f20da54ac893a078751f5eb31cce0e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=116733
Date: Tue, 07 Feb 2023 23:41:11 GMT
Etag: "63e1f5cc-1d7"
Expires: Thu, 09 Feb 2023 08:06:44 GMT
Last-Modified: Tue, 07 Feb 2023 06:55:08 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ThC7_uYGZZ-8Wle0iBeiTZlaC_8KS9u2Q1hULiwzpcGVd_hnpM8baw==
Age: 4296
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 08b08d5d725e53ecddee874580bf9b9c
cfd37af4f20a5e2f98b83e4a8d03d17f603b5351
12fb7c5d1f86a5b2de7f1678b9502c6d02f20da54ac893a078751f5eb31cce0e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 07 Feb 2023 23:41:11 GMT
Etag: "63e1f5cc-1d7"
Server: ECS (dcb/7FA6)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6Rk4dTjh3lkgK_GJ675MOs4zmonB2FjXFwMJF4QDFDBAulouaSCSWg==
login-resources.prd.aws.ofx.com/styles/fonts/ciutadella_rounded_regular-webfont.woff2
54.230.111.27200 OK 29 kB URL HTTP/2 login-resources.prd.aws.ofx.com/styles/fonts/ciutadella_rounded_regular-webfont.woff2
IP 54.230.111.27:0
File type Web Open Font Format (Version 2), TrueType, length 29024, version 1.0\012- data
Hash 6cb3091a7e215e21243293660f428308
47596f0c0f0e8ba5ee8d416c4022ddcd5f317ef7
49cc3134e21c01d1e278a043c8312bdf66dd51945b90b3cf4fcf90acef12a3f0
GET /styles/fonts/ciutadella_rounded_regular-webfont.woff2 HTTP/1.1
Host: login-resources.prd.aws.ofx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://identity.ofx.com
Connection: keep-alive
Referer: https://login-resources.prd.aws.ofx.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 29024
access-control-allow-origin: https://identity.ofx.com
access-control-allow-methods: HEAD, GET
access-control-max-age: 3000
access-control-allow-credentials: true
last-modified: Mon, 06 Feb 2023 02:59:29 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 07 Feb 2023 08:15:12 GMT
etag: "6cb3091a7e215e21243293660f428308"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3HEGhsW2t38DLNO3lIpG_ZLHvAKtjmQdc0uEpIeh1JbqYmnYTC2ZYw==
age: 55561
X-Firefox-Spdy: h2
login-resources.prd.aws.ofx.com/styles/background.png
54.230.111.27200 OK 22 kB URL HTTP/2 login-resources.prd.aws.ofx.com/styles/background.png
IP 54.230.111.27:0
File type PNG image data, 2000 x 700, 8-bit/color RGBA, non-interlaced\012- data
Hash bb7b58b8aaa90d05926b8eafdb08ce4a
50a5af4affe8c83ac9a5d1b7b78cde88c619f92a
22e63f3ce15d4f5591191b77d8afa656ac3fc086db382bf0929cdd17633ad410
GET /styles/background.png HTTP/1.1
Host: login-resources.prd.aws.ofx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://login-resources.prd.aws.ofx.com/styles/ofx-global-min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 22476
last-modified: Mon, 06 Feb 2023 02:59:28 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 07 Feb 2023 08:10:19 GMT
etag: "bb7b58b8aaa90d05926b8eafdb08ce4a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XHul2XDZfGbOOC0Ld5jPwQ4LN9WeL55lP06vbn_54dHPNRMq1R54yw==
age: 55854
X-Firefox-Spdy: h2
login-resources.prd.aws.ofx.com/styles/favicon.ico
54.230.111.27200 OK 1.2 kB URL HTTP/2 login-resources.prd.aws.ofx.com/styles/favicon.ico
IP 54.230.111.27:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash b1b20a11e2ad457054c1d69ea4edfc56
1b8e39b39d150d3d151b09670baca09e46ccd5ae
23863b0f46a0cfc950ac22fab01bc36cf71efc7ed6691d4504ef02d411a085bb
GET /styles/favicon.ico HTTP/1.1
Host: login-resources.prd.aws.ofx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 1150
date: Tue, 07 Feb 2023 09:01:45 GMT
last-modified: Mon, 06 Feb 2023 02:59:28 GMT
etag: "b1b20a11e2ad457054c1d69ea4edfc56"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YBzR-G6teTEBicKZXNr4XQm6usUeAhXBdc2JJs0Y0N0V4lEW_cuFkQ==
age: 52767
X-Firefox-Spdy: h2
ok11static.oktacdn.com/assets/img/logos/okta-logo.1e146cad5713da744492be95eb0f7793.png
54.230.111.55200 OK 3.4 kB URL HTTP/2 ok11static.oktacdn.com/assets/img/logos/okta-logo.1e146cad5713da744492be95eb0f7793.png
IP 54.230.111.55:0
File type PNG image data, 220 x 74, 8-bit/color RGBA, non-interlaced\012- data
Hash 1e146cad5713da744492be95eb0f7793
a63f3b3e20b6023ff0d492b3f759b35b7741dea6
4146f4c2384967dede1db1dae2da81c246d3d50228056bc0bb842e2ae868e13a
GET /assets/img/logos/okta-logo.1e146cad5713da744492be95eb0f7793.png HTTP/1.1
Host: ok11static.oktacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3422
date: Sat, 21 Jan 2023 03:03:35 GMT
server: nginx
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
last-modified: Tue, 24 May 2022 22:12:12 GMT
etag: "1e146cad5713da744492be95eb0f7793"
expires: Sun, 21 Jan 2024 03:03:35 GMT
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
strict-transport-security: max-age=315360000; includeSubDomains
access-control-allow-origin: *
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _6vGIGiY1Ni7SRy3vJQAln_JwmqGB_mwxXnXk9FI4lQArGkGSMqHxw==
age: 1543057
X-Firefox-Spdy: h2
login-resources.prd.aws.ofx.com/styles/fonts/ofx-icons.woff2
54.230.111.27200 OK 7.2 kB URL HTTP/2 login-resources.prd.aws.ofx.com/styles/fonts/ofx-icons.woff2
IP 54.230.111.27:0
File type Web Open Font Format (Version 2), TrueType, length 7160, version 1.0\012- data
Hash 1f1709d0b877693202b9efe8f0930185
b3423369d3b5473b94e400d91a836938e8076ab7
a7680036cb49e8b1676eb6e4014ed5d119cd1957ea44de318ce3aa10b89a7815
GET /styles/fonts/ofx-icons.woff2 HTTP/1.1
Host: login-resources.prd.aws.ofx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://identity.ofx.com
Connection: keep-alive
Referer: https://login-resources.prd.aws.ofx.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 7160
date: Tue, 07 Feb 2023 07:48:29 GMT
access-control-allow-origin: https://identity.ofx.com
access-control-allow-methods: HEAD, GET
access-control-max-age: 3000
access-control-allow-credentials: true
last-modified: Mon, 06 Feb 2023 02:59:29 GMT
etag: "1f1709d0b877693202b9efe8f0930185"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wwjFDFDkOrDzPggwbucJapnkL3vQus40lkFu7hstdTIzZfM0x4f5lQ==
age: 57164
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 4a2793786b1ce1206b70d285bea47b94
11747c77f2ef56d889b5148834faa184be7cfc07
af406b334b4df19c87a6911d78bbab5bc5628dc7ccac9d7d60050908c770fb52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1190
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:41:12 GMT
Last-Modified: Tue, 07 Feb 2023 23:21:22 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e29b3c40e1c3b85eed9452ed059ab820
86f02de932e2f3a7143c9bc3837b2eac2a0d1fe6
615b1ed256fbf8be5a6a8548f7edb16ee0567f28a6cc7adf9fe8a870e521da0b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6219
Cache-Control: max-age=116506
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:41:12 GMT
Etag: "63e1ed68-118"
Expires: Thu, 09 Feb 2023 08:02:58 GMT
Last-Modified: Tue, 07 Feb 2023 06:19:20 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
ok11static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.b9908ad85db754927edb4618cf7ae383.js
54.230.111.55200 OK 81 kB URL HTTP/2 ok11static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.b9908ad85db754927edb4618cf7ae383.js
IP 54.230.111.55:0
Hash 98fc3e843574c1da6a95b38c2e4fc0ba
1799543fcdb81ccd26d66b2a52628bb138bfae7f
ff6929b90c75a0365255667262ab9b75fddf6c97a47f13c0bcb28c41f9603c78
GET /assets/js/mvc/loginpage/initLoginPage.pack.b9908ad85db754927edb4618cf7ae383.js HTTP/1.1
Host: ok11static.oktacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 21 Jan 2023 05:01:02 GMT
server: nginx
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
last-modified: Wed, 14 Dec 2022 02:28:37 GMT
etag: W/"b9908ad85db754927edb4618cf7ae383"
x-amz-meta-sha1sum: d3e7483f61decf0f992791f713d04bfcbe916136
expires: Sun, 21 Jan 2024 05:01:02 GMT
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
strict-transport-security: max-age=315360000; includeSubDomains
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: syvYaW7ZtBm1hDa8c-I-8xebIVK3WQE7K5i9PkA4q0hy47j8y7NhrQ==
age: 1536010
X-Firefox-Spdy: h2
www.google-analytics.com/gtm/optimize.js?id=GTM-KP54WTG
142.250.74.46200 OK 44 kB URL HTTP/2 www.google-analytics.com/gtm/optimize.js?id=GTM-KP54WTG
IP 142.250.74.46:0
File type ASCII text, with very long lines (1759)
Hash f63e2f56a9aecac3c37e40bd0e1f3edf
3b06751768319cf6a5a9371c0346af81ee96e8e3
86d3ce091189fb013065c49fbd00cee6eff9252d8fe8f34dc01740959ae725d9
GET /gtm/optimize.js?id=GTM-KP54WTG HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 Feb 2023 23:41:12 GMT
expires: Tue, 07 Feb 2023 23:41:12 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 Feb 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44306
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
104.16.148.64200 OK 8.4 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP 104.16.148.64:0
File type ASCII text, with very long lines (25592)
Hash e248bb3ed9070ee48f0b5bc674e6a49d
46a6ac373399405df390e910c580cf850dce9886
74fd866eaf62b63cec2b85eadf2245e9302107f4c8fabc25f9c3e5cd49f40a6b
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:41:12 GMT
content-type: application/javascript
content-length: 8384
content-encoding: gzip
content-md5: 4ki7PtkHDuSPC1vGdOaknQ==
last-modified: Mon, 06 Feb 2023 21:14:10 GMT
etag: 0x8DB08871727C056
x-ms-request-id: 44eab864-901e-0094-0188-3ab828000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 18157
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 795ff99a29e81c0a-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 4a2793786b1ce1206b70d285bea47b94
11747c77f2ef56d889b5148834faa184be7cfc07
af406b334b4df19c87a6911d78bbab5bc5628dc7ccac9d7d60050908c770fb52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1190
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:41:12 GMT
Last-Modified: Tue, 07 Feb 2023 23:21:22 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
cdn.cookielaw.org/consent/d91f68eb-6e3e-4b88-8fca-fca648a3b0c0/d91f68eb-6e3e-4b88-8fca-fca648a3b0c0.json
104.16.148.64200 OK 1.6 kB URL HTTP/2 cdn.cookielaw.org/consent/d91f68eb-6e3e-4b88-8fca-fca648a3b0c0/d91f68eb-6e3e-4b88-8fca-fca648a3b0c0.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (4175), with no line terminators
Hash 6a6111410c5be03cf811ba202b3206cb
c70b7004bc5a520b6a2084d19b9e502e22f33445
33c549d046411506ecb17e9f5c7aed429148a3fa2cec7625858a0fafdcace1ea
GET /consent/d91f68eb-6e3e-4b88-8fca-fca648a3b0c0/d91f68eb-6e3e-4b88-8fca-fca648a3b0c0.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://identity.ofx.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:41:12 GMT
content-type: application/x-javascript
content-length: 1563
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: amERQQxb4Dz4EbogKzIGyw==
last-modified: Fri, 25 Feb 2022 00:37:46 GMT
etag: 0x8D9F7F70AD9550A
x-ms-request-id: 93c211dc-901e-0175-170e-2a1908000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 26229
expires: Wed, 08 Feb 2023 23:41:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 795ff99abdc1fab4-OSL
X-Firefox-Spdy: h2
identity.ofx.com/api/v1/authn/introspect
15.197.181.212200 OK 852 B URL HTTP/1.1 identity.ofx.com/api/v1/authn/introspect
IP 15.197.181.212:0
File type JSON data\012- , ASCII text, with very long lines (1292), with no line terminators
Hash 35888b8bcdf4cf54f88b91b235331f1f
89b5d3f009f31801bc3c88d82c3d11e2a462f423
f86c1cc1279eee0d3ac137e3bd0312cc3651c85f0a1b74cb933a0d4165c8d472
POST /api/v1/authn/introspect HTTP/1.1
Host: identity.ofx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Okta-User-Agent-Extended: okta-auth-js/5.8.0 okta-signin-widget-5.16.1
Origin: https://identity.ofx.com
Content-Length: 59
Connection: keep-alive
Cookie: JSESSIONID=BF0F26AFAB73EAB7D8C49E50E388D229; t=default; DT=DI1Bc_rYB4eRlSUKOHUnNh9eg; _gcl_au=1.1.476422649.1675813324
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:41:12 GMT
Server: nginx
Content-Type: application/json
Vary: Accept-Encoding,Origin
x-okta-request-id: Y-LhmNA2mBdopIX5avu8ewAACd4
x-xss-protection: 0
p3p: CP="HONK"
content-security-policy-report-only: default-src 'self' ofx-external.okta.com identity.ofx.com *.oktacdn.com; connect-src 'self' ofx-external.okta.com ofx-external-admin.okta.com identity.ofx.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com ofx-external.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' ofx-external.okta.com identity.ofx.com *.oktacdn.com; style-src 'unsafe-inline' 'self' ofx-external.okta.com identity.ofx.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' ofx-external.okta.com ofx-external-admin.okta.com identity.ofx.com login.okta.com; img-src 'self' ofx-external.okta.com identity.ofx.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' ofx-external.okta.com identity.ofx.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'; report-uri https://oktacsp.report-uri.com/r/t/csp/reportOnly; report-to csp
content-security-policy: frame-ancestors 'self'
x-rate-limit-limit: 600
x-rate-limit-remaining: 598
x-rate-limit-reset: 1675813294
access-control-allow-origin: https://identity.ofx.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
cache-control: no-cache, no-store
pragma: no-cache
expires: 0
expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
x-content-type-options: nosniff
Strict-Transport-Security: max-age=315360000; includeSubDomains
Content-Encoding: gzip
set-cookie: sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
autolaunch_triggered=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
JSESSIONID=17D7B8FCDD4F26974794A1EDD1A3870B; Path=/; Secure; HttpOnly
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2ccbef7dcf1b1d32956833f5127c1ad5
af220576c82f064130ee7bfa3ea966d033e51707
f6eceec81f5b6deb7005fa9f3855ecb54e4bd6b3159c705decf0921e3a49067d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2ccbef7dcf1b1d32956833f5127c1ad5
af220576c82f064130ee7bfa3ea966d033e51707
f6eceec81f5b6deb7005fa9f3855ecb54e4bd6b3159c705decf0921e3a49067d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2ccbef7dcf1b1d32956833f5127c1ad5
af220576c82f064130ee7bfa3ea966d033e51707
f6eceec81f5b6deb7005fa9f3855ecb54e4bd6b3159c705decf0921e3a49067d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d286fc8b6547d9e27ae9dd77abbc3cf7
131c08a8c94269be62ff98b0399845d8d6d88d7a
61ac23297d444db1c94330a592206a853a53e738ce08e4f4293d4a682fbd1003
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1497
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:41:13 GMT
Last-Modified: Tue, 07 Feb 2023 23:16:16 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
login.okta.com/discovery/iframe.html
54.230.111.25200 OK 451 B URL HTTP/1.1 login.okta.com/discovery/iframe.html
IP 54.230.111.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (451), with no line terminators
Hash 5aec8e4a09ca9e4429869adb7327d7a6
483f0e0ed87a6c44b934b6bd4271e45f396d15b2
d67465594c9edbd86287217a45088a591c8a8999b1961918bf29027a7a6cb4e8
GET /discovery/iframe.html HTTP/1.1
Host: login.okta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 451
Connection: keep-alive
Last-Modified: Wed, 11 Jan 2023 16:48:04 GMT
Server: AmazonS3
Date: Tue, 07 Feb 2023 20:10:43 GMT
ETag: "5aec8e4a09ca9e4429869adb7327d7a6"
X-Cache: Hit from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: F4rz7A4SIDLz6_Erk4LjjGFOdpc7Jqba1s2--9ID8Dkk0ILEqZQrKg==
Age: 12636
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QR4C9L8X2C&cid=307737041.1675813325>m=45je3260&aip=1&z=61865045
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QR4C9L8X2C&cid=307737041.1675813325>m=45je3260&aip=1&z=61865045
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QR4C9L8X2C&cid=307737041.1675813325>m=45je3260&aip=1&z=61865045 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 23:41:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TFB8GGR3P6&cid=307737041.1675813325>m=45je3260&aip=1&z=821847188
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TFB8GGR3P6&cid=307737041.1675813325>m=45je3260&aip=1&z=821847188
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TFB8GGR3P6&cid=307737041.1675813325>m=45je3260&aip=1&z=821847188 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 23:41:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EYPB30L58Z&cid=307737041.1675813325>m=45je3260&aip=1&z=264919645
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EYPB30L58Z&cid=307737041.1675813325>m=45je3260&aip=1&z=264919645
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EYPB30L58Z&cid=307737041.1675813325>m=45je3260&aip=1&z=264919645 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 23:41:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2ccbef7dcf1b1d32956833f5127c1ad5
af220576c82f064130ee7bfa3ea966d033e51707
f6eceec81f5b6deb7005fa9f3855ecb54e4bd6b3159c705decf0921e3a49067d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d4136f4fefcaa6c9199641722cbf9af3
f0be6cd9808dd77f6d4b914fa9644eccd1ed0266
9469a07e40c6f871b88a2d279d432156d2bce30e7346b76492361caae890b088
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 662
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:41:13 GMT
Last-Modified: Tue, 07 Feb 2023 23:30:11 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
188.114.98.234200 OK 22 kB URL HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP 188.114.98.234:0
Hash 4babf9b8f6a9419498217e3ba831d023
5635cd6dbc7df5859237819d593be6770a5831a5
86feee8be4a6fa620d1f696eb0c96719ccff2b5db8cc2486e0fef851f13b4d47
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://identity.ofx.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:41:13 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 795ff99daf01b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c1d97dc43809bec97201f9cb1ac1502f
b581da336a33c1703aad5697997adac988150abe
b24077a0e5fda860ffed485b8e72868d2106224fa9f4ae604c9fee3ffbf31917
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B24077A0E5FDA860FFED485B8E72868D2106224FA9F4AE604C9FEE3FFBF31917"
Last-Modified: Sun, 05 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 08 Feb 2023 05:41:13 GMT
Date: Tue, 07 Feb 2023 23:41:13 GMT
Connection: keep-alive
go.message.ofx.com/pd.js
18.208.125.13200 OK 1.9 kB IP 18.208.125.13:0
File type ASCII text, with very long lines (5297)
Hash c9f60ff021727eaffcf6d7bcce44cbc7
a62104686e86bf51494fa530bfaec55500e60a37
bd11307ac746bd34bac63885be9e4600e72c7711b370414b206533ebd076ce1b
GET /pd.js HTTP/1.1
Host: go.message.ofx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _gcl_au=1.1.476422649.1675813324
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:41:13 GMT
Content-Type: application/javascript
Content-Length: 1946
Connection: keep-alive
last-modified: Tue, 07 Feb 2023 05:29:23 GMT
etag: "1547-gzip"
accept-ranges: bytes
cache-control: max-age=63072000
expires: Thu, 06 Feb 2025 23:41:13 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
Server: PardotServer
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
region1.analytics.google.com/g/collect?v=2&tid=G-QR4C9L8X2C>m=45je3260&_p=222072131&_gaz=1&cid=307737041.1675813325&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675813324&sct=1&seg=0&dl=https%3A%2F%2Fidentity.ofx.com%2Fsignin%2Frefresh-auth-state%2F008RbDzMFg9cbMjBa_638GmVxz260yVKXVFKcp5rK1&dt=Log%20in%20to%20OFX&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-QR4C9L8X2C>m=45je3260&_p=222072131&_gaz=1&cid=307737041.1675813325&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675813324&sct=1&seg=0&dl=https%3A%2F%2Fidentity.ofx.com%2Fsignin%2Frefresh-auth-state%2F008RbDzMFg9cbMjBa_638GmVxz260yVKXVFKcp5rK1&dt=Log%20in%20to%20OFX&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-QR4C9L8X2C>m=45je3260&_p=222072131&_gaz=1&cid=307737041.1675813325&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675813324&sct=1&seg=0&dl=https%3A%2F%2Fidentity.ofx.com%2Fsignin%2Frefresh-auth-state%2F008RbDzMFg9cbMjBa_638GmVxz260yVKXVFKcp5rK1&dt=Log%20in%20to%20OFX&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: null
date: Tue, 07 Feb 2023 23:41:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7ec32dff957003dae195c36ca9e3bd6c
6761a20819b0d5a48216d74782e3ea752af7257a
953a3a2d35250df7b506b42f7d1d8813301dd1f9f9bcc30d2d100bd0788e4c76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7ec32dff957003dae195c36ca9e3bd6c
6761a20819b0d5a48216d74782e3ea752af7257a
953a3a2d35250df7b506b42f7d1d8813301dd1f9f9bcc30d2d100bd0788e4c76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-2217750-36&cid=307737041.1675813325&jid=421649834&gjid=868951292&_gid=1359225078.1675813325&_u=YCDAiEABRAAAAEAAI~&z=1306298949
142.250.150.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-2217750-36&cid=307737041.1675813325&jid=421649834&gjid=868951292&_gid=1359225078.1675813325&_u=YCDAiEABRAAAAEAAI~&z=1306298949
IP 142.250.150.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-2217750-36&cid=307737041.1675813325&jid=421649834&gjid=868951292&_gid=1359225078.1675813325&_u=YCDAiEABRAAAAEAAI~&z=1306298949 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://identity.ofx.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://identity.ofx.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 07 Feb 2023 23:41:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-QR4C9L8X2C&cid=307737041.1675813325>m=45je3260&aip=1
142.250.150.154204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-QR4C9L8X2C&cid=307737041.1675813325>m=45je3260&aip=1
IP 142.250.150.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-QR4C9L8X2C&cid=307737041.1675813325>m=45je3260&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: null
date: Tue, 07 Feb 2023 23:41:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ok11static.oktacdn.com/assets/loginpage/css/custom-signin.241e0fb439244dc50c5929c0513a6765.css
54.230.111.55200 OK 654 B URL HTTP/2 ok11static.oktacdn.com/assets/loginpage/css/custom-signin.241e0fb439244dc50c5929c0513a6765.css
IP 54.230.111.55:0
File type ASCII text, with very long lines (1820)
Hash c07db171228549185b2da9f043a38ca7
9e1cd6da1bf511f24e239aebd9e20268796e7119
92e7f49714c4153fc8c28d5e0fae2d1aea656810cedd7e785803287fd893c951
GET /assets/loginpage/css/custom-signin.241e0fb439244dc50c5929c0513a6765.css HTTP/1.1
Host: ok11static.oktacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
date: Fri, 27 Jan 2023 02:53:20 GMT
server: nginx
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
last-modified: Tue, 22 Mar 2022 23:52:17 GMT
etag: W/"241e0fb439244dc50c5929c0513a6765"
expires: Sat, 27 Jan 2024 02:53:20 GMT
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
strict-transport-security: max-age=315360000; includeSubDomains
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VNiUK06aLFlvlon47PIAQOTRYuzmlUz504m0PkhvbACXUcNg5G_K-g==
age: 1025271
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-EYPB30L58Z>m=45je3260&_p=222072131&_gaz=1&cid=307737041.1675813325&ul=en-us&sr=1280x1024&ir=1&uaW=1&_eu=EA&_s=1&sid=1675813324&sct=1&seg=0&dl=https%3A%2F%2Fidentity.ofx.com%2Fsignin%2Frefresh-auth-state%2F008RbDzMFg9cbMjBa_638GmVxz260yVKXVFKcp5rK1&dt=Log%20in%20to%20OFX&en=page_view&_fv=1&_ss=2&ep.clean_url=https%3A%2F%2Fidentity.ofx.com%2Fsignin%2Frefresh-auth-state%2F008RbDzMFg9cbMjBa_638GmVxz260yVKXVFKcp5rK1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-EYPB30L58Z>m=45je3260&_p=222072131&_gaz=1&cid=307737041.1675813325&ul=en-us&sr=1280x1024&ir=1&uaW=1&_eu=EA&_s=1&sid=1675813324&sct=1&seg=0&dl=https%3A%2F%2Fidentity.ofx.com%2Fsignin%2Frefresh-auth-state%2F008RbDzMFg9cbMjBa_638GmVxz260yVKXVFKcp5rK1&dt=Log%20in%20to%20OFX&en=page_view&_fv=1&_ss=2&ep.clean_url=https%3A%2F%2Fidentity.ofx.com%2Fsignin%2Frefresh-auth-state%2F008RbDzMFg9cbMjBa_638GmVxz260yVKXVFKcp5rK1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-EYPB30L58Z>m=45je3260&_p=222072131&_gaz=1&cid=307737041.1675813325&ul=en-us&sr=1280x1024&ir=1&uaW=1&_eu=EA&_s=1&sid=1675813324&sct=1&seg=0&dl=https%3A%2F%2Fidentity.ofx.com%2Fsignin%2Frefresh-auth-state%2F008RbDzMFg9cbMjBa_638GmVxz260yVKXVFKcp5rK1&dt=Log%20in%20to%20OFX&en=page_view&_fv=1&_ss=2&ep.clean_url=https%3A%2F%2Fidentity.ofx.com%2Fsignin%2Frefresh-auth-state%2F008RbDzMFg9cbMjBa_638GmVxz260yVKXVFKcp5rK1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: null
date: Tue, 07 Feb 2023 23:41:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.30.0/otBannerSdk.js
104.16.148.64200 OK 81 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.30.0/otBannerSdk.js
IP 104.16.148.64:0
File type ASCII text, with very long lines (65455)
Hash e6813eb7e75a1c20a676c5d866763da1
e4c175f741b037b1fa00225abc177b8ad81bea97
0fb6dfe4e87e1b559c983d385f25199367f47484501b85c36f00cf14c6fb0c0f
GET /scripttemplates/6.30.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:41:13 GMT
content-type: application/javascript
content-length: 80901
content-encoding: gzip
content-md5: 5oE+t+daHCCmdsXYZnY9oQ==
last-modified: Mon, 31 Jan 2022 17:10:47 GMT
etag: 0x8D9E4DC9FB57A81
x-ms-request-id: 1630470e-d01e-0098-7bda-1656d9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 78291
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 795ff99f3c671c0a-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7ec32dff957003dae195c36ca9e3bd6c
6761a20819b0d5a48216d74782e3ea752af7257a
953a3a2d35250df7b506b42f7d1d8813301dd1f9f9bcc30d2d100bd0788e4c76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-TFB8GGR3P6&cid=307737041.1675813325>m=45je3260&aip=1
142.250.150.154204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-TFB8GGR3P6&cid=307737041.1675813325>m=45je3260&aip=1
IP 142.250.150.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-TFB8GGR3P6&cid=307737041.1675813325>m=45je3260&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: null
date: Tue, 07 Feb 2023 23:41:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/d91f68eb-6e3e-4b88-8fca-fca648a3b0c0/5e1eab3a-405c-479c-b66b-41d6e68867ba/en.json
104.16.148.64200 OK 17 kB URL HTTP/2 cdn.cookielaw.org/consent/d91f68eb-6e3e-4b88-8fca-fca648a3b0c0/5e1eab3a-405c-479c-b66b-41d6e68867ba/en.json
IP 104.16.148.64:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (65480), with no line terminators
Hash 9f0c46c8bafd70e52056dcff5ea6ab07
990a262e3794928248952a931e950c81ec5bd083
42f169069a060321e93effbeee1c2c05818de99eca05d6d4f8d0bd8c7751a635
GET /consent/d91f68eb-6e3e-4b88-8fca-fca648a3b0c0/5e1eab3a-405c-479c-b66b-41d6e68867ba/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://identity.ofx.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:41:13 GMT
content-type: application/x-javascript
content-length: 16980
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: nwxGyLr9cOUgVtz/XqarBw==
last-modified: Fri, 25 Feb 2022 00:37:56 GMT
etag: 0x8D9F7F710E510F9
x-ms-request-id: 63cad217-701e-0016-31e9-291978000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
expires: Wed, 08 Feb 2023 23:41:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 795ff99fbf6bfab4-OSL
X-Firefox-Spdy: h2
pixel.quantserve.com/pixel;r=1747207864;labels=_fp.event.PageView;source=gtm;event=refresh;rf=0;a=p-9xPpAFMcLk8qV;url=https%3A%2F%2Fidentity.ofx.com%2F;uht=2;fpan=1;fpa=P0-1673306359-1675813324972;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230203135208;cm=;gdpr=0;ref=;d=ofx.com;dst=0;et=1675813325236;tzo=0;ogl=;ses=b29fb442-54e6-404c-825d-fe981db24e86
91.228.74.244200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1747207864;labels=_fp.event.PageView;source=gtm;event=refresh;rf=0;a=p-9xPpAFMcLk8qV;url=https%3A%2F%2Fidentity.ofx.com%2F;uht=2;fpan=1;fpa=P0-1673306359-1675813324972;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230203135208;cm=;gdpr=0;ref=;d=ofx.com;dst=0;et=1675813325236;tzo=0;ogl=;ses=b29fb442-54e6-404c-825d-fe981db24e86
IP 91.228.74.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1747207864;labels=_fp.event.PageView;source=gtm;event=refresh;rf=0;a=p-9xPpAFMcLk8qV;url=https%3A%2F%2Fidentity.ofx.com%2F;uht=2;fpan=1;fpa=P0-1673306359-1675813324972;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230203135208;cm=;gdpr=0;ref=;d=ofx.com;dst=0;et=1675813325236;tzo=0;ogl=;ses=b29fb442-54e6-404c-825d-fe981db24e86 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:41:13 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=63e2e199-af6d7-f71d6-c8e67; expires=Sat, 09-Mar-2024 23:41:13 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5bcb9125c18e4ed3562ceb950dc6eaad
a6c6944804b772de3a487723e3e866c0219de230
94947430d745a6648a2e87f163bf474b4fd4513519360bf4bfecfabc141e5ff1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cookielaw.org/scripttemplates/6.30.0/assets/v2/otPcPanel.json
104.16.148.64200 OK 12 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.30.0/assets/v2/otPcPanel.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (38688)
Hash ad65d6f0802ec8a350ad0545b06a5eea
fc82bb56111393c4d76f2ace8fd2e882a01b68c5
5b7f9fb8baadd9ce3295b3221e6f2aa9ed196f2f3cf33c460b0ae4b1e64824d5
GET /scripttemplates/6.30.0/assets/v2/otPcPanel.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://identity.ofx.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:41:13 GMT
content-type: application/json
content-length: 11467
content-encoding: gzip
content-md5: rWXW8IAuyKNQrQVFsGpe6g==
last-modified: Mon, 31 Jan 2022 17:10:40 GMT
etag: 0x8D9E4DC9BD681A2
x-ms-request-id: 78c243fc-b01e-0022-5317-29b6d0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 795ff9a0cfb1fab4-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.30.0/assets/otFloatingRounded.json
104.16.148.64200 OK 2.6 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.30.0/assets/otFloatingRounded.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (7980)
Hash f110b3439032f5db11c4e84e363e59d1
2c58ce10fdc867b82fa17690c0e0d381120e0f82
e475eb42b73409e879585dae0b42e4709abfc71bd99cd54b125be7b83e2d5ab3
GET /scripttemplates/6.30.0/assets/otFloatingRounded.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://identity.ofx.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:41:13 GMT
content-type: application/json
content-length: 2588
content-encoding: gzip
content-md5: 8RCzQ5Ay9dsRxOhONj5Z0Q==
last-modified: Mon, 31 Jan 2022 17:10:38 GMT
etag: 0x8D9E4DC9A2C1ACD
x-ms-request-id: b2edfde3-b01e-00a1-4a26-38167d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 795ff9a0cfb0fab4-OSL
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-2217750-36&cid=307737041.1675813325&jid=421649834&_u=YCDAiEABRAAAAEAAI~&z=175179
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-2217750-36&cid=307737041.1675813325&jid=421649834&_u=YCDAiEABRAAAAEAAI~&z=175179
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-2217750-36&cid=307737041.1675813325&jid=421649834&_u=YCDAiEABRAAAAEAAI~&z=175179 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 23:41:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ed3f32fef9b843f5511bb882c0a38358
a1a60921f7cb6ab14b645c77bb7d77c20b8201ef
9a4b9e269aa66258c1d9b10fb1af899a3e669de3e244dcfd843a0bce87646f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
go.message.ofx.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=null&account_id=252972&title=Log%20in%20to%20OFX&url=https%3A%2F%2Fidentity.ofx.com%2F&referrer=
18.208.125.13200 OK 550 B URL HTTP/1.1 go.message.ofx.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=null&account_id=252972&title=Log%20in%20to%20OFX&url=https%3A%2F%2Fidentity.ofx.com%2F&referrer=
IP 18.208.125.13:0
Hash 3a4826f010bc63e181616cc82c620830
614d7f54c1aca5fbf105b063243c742278d64ccf
f51589af13165bd86f96f70b660325eedb2997eea514091c5972fc809ddefcce
GET /analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=null&account_id=252972&title=Log%20in%20to%20OFX&url=https%3A%2F%2Fidentity.ofx.com%2F&referrer= HTTP/1.1
Host: go.message.ofx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _gcl_au=1.1.476422649.1675813324; _ga_QR4C9L8X2C=GS1.1.1675813324.1.0.1675813324.60.0.0; _ga=GA1.2.307737041.1675813325; _ga_EYPB30L58Z=GS1.1.1675813324.1.0.1675813324.60.0.0; _ga_TFB8GGR3P6=GS1.1.1675813324.1.0.1675813324.60.0.0; _gid=GA1.2.1359225078.1675813325; _dc_gtm_UA-2217750-36=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:41:14 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 550
Connection: keep-alive
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-pardot-rsp: 0/0/1
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
set-cookie: pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
visitor_id251972=708580132; expires=Fri, 04-Feb-2033 23:41:13 GMT; Max-Age=315359999; path=/; secure; SameSite=None
visitor_id251972-hash=89287c45ab90fa2cdfe8beec9b6fc5efb99368f4d18533f0151bd8143052309a2a84e5527e585e7611df45b83db170f8c3cc286b; expires=Fri, 04-Feb-2033 23:41:13 GMT; Max-Age=315359999; path=/; secure; SameSite=None
lpv251972=aHR0cHM6Ly9pZGVudGl0eS5vZnguY29tLw%3D%3D; expires=Wed, 08-Feb-2023 00:11:14 GMT; Max-Age=1800; path=/; secure; SameSite=None
vary: Accept-Encoding,User-Agent
content-encoding: gzip
Server: PardotServer
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9d70f35f46e6ec90f33422e9648cba0e
df889b7f3bbb31b777a835d72f8d0e0ee60a7c01
9f4f79c9cf83c11d03e158bc0cdc8a6fe97e41c57648e8e7cf8ecc50c0fe530b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2472
Cache-Control: max-age=106627
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:41:14 GMT
Etag: "63e1d575-1d7"
Expires: Thu, 09 Feb 2023 05:18:21 GMT
Last-Modified: Tue, 07 Feb 2023 04:37:09 GMT
Server: ECS (amb/6BA9)
X-Cache: HIT
Content-Length: 471
pi.pardot.com/analytics?conly=true&visitor_id=708580132&visitor_id_sign=89287c45ab90fa2cdfe8beec9b6fc5efb99368f4d18533f0151bd8143052309a2a84e5527e585e7611df45b83db170f8c3cc286b&pi_opt_in=&campaign_id=49059&account_id=252972&title=Log%20in%20to%20OFX&url=https%3A%2F%2Fidentity.ofx.com%2F&referrer=
3.92.120.28200 OK 50 B URL HTTP/1.1 pi.pardot.com/analytics?conly=true&visitor_id=708580132&visitor_id_sign=89287c45ab90fa2cdfe8beec9b6fc5efb99368f4d18533f0151bd8143052309a2a84e5527e585e7611df45b83db170f8c3cc286b&pi_opt_in=&campaign_id=49059&account_id=252972&title=Log%20in%20to%20OFX&url=https%3A%2F%2Fidentity.ofx.com%2F&referrer=
IP 3.92.120.28:0
Hash 6b8e0bfbea5feca6911b8e14e1921e9d
ea3e8e6051154a2a83278000909577c7c6e013fa
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
GET /analytics?conly=true&visitor_id=708580132&visitor_id_sign=89287c45ab90fa2cdfe8beec9b6fc5efb99368f4d18533f0151bd8143052309a2a84e5527e585e7611df45b83db170f8c3cc286b&pi_opt_in=&campaign_id=49059&account_id=252972&title=Log%20in%20to%20OFX&url=https%3A%2F%2Fidentity.ofx.com%2F&referrer= HTTP/1.1
Host: pi.pardot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:41:14 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 50
Connection: keep-alive
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-pardot-rsp: 0/0/1
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
set-cookie: pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
visitor_id251972=708580132; expires=Fri, 04-Feb-2033 23:41:14 GMT; Max-Age=315360000; path=/; domain=.pardot.com; secure; SameSite=None
visitor_id251972-hash=89287c45ab90fa2cdfe8beec9b6fc5efb99368f4d18533f0151bd8143052309a2a84e5527e585e7611df45b83db170f8c3cc286b; expires=Fri, 04-Feb-2033 23:41:14 GMT; Max-Age=315360000; path=/; domain=.pardot.com; secure; SameSite=None
vary: User-Agent
Server: PardotServer
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 1d6a950ca0ba8ff1d825e8e24fff1556
fde012ef17892541efd5a8d4f40ce2552508f83f
1726f113bf7969d56488992de3b66a42c399f1f2e371b4733ee3fbfbb55088d8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152384
Date: Tue, 07 Feb 2023 23:41:15 GMT
Etag: "63e291db-1d7"
Expires: Thu, 09 Feb 2023 18:00:59 GMT
Last-Modified: Tue, 07 Feb 2023 18:00:59 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Cw9591ZELkkDJ52IcqOr3LM1JaxGy8nkxAI7TVBcmshPc7gqTqC7cg==
www.cdn-net.com/cc.js?sid=e27737f5fb243f07&ts=1675813323720&tid=52bb5c9f-6041-4518-b8f8-ac883e05d077
54.230.111.83200 39 kB URL HTTP/1.1 www.cdn-net.com/cc.js?sid=e27737f5fb243f07&ts=1675813323720&tid=52bb5c9f-6041-4518-b8f8-ac883e05d077
IP 54.230.111.83:0
File type ASCII text, with very long lines (4672)
Hash 1e4d57885484ed5e0c9d1bb1b9a5bad1
83a80b7825031f74e93fab9dfa6e761dd7dc17f8
bd1a6625ab5a36f1debb5c4a9eb2ac905aa8acb4049cbdbce7df8807d65dff47
GET /cc.js?sid=e27737f5fb243f07&ts=1675813323720&tid=52bb5c9f-6041-4518-b8f8-ac883e05d077 HTTP/1.1
Host: www.cdn-net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Content-Type: application/javascript
Content-Length: 38795
Connection: keep-alive
Server: openresty/1.11.2.3
Date: Tue, 07 Feb 2023 23:41:15 GMT
Set-Cookie: _cc-x=YjBhMWIyNWItZTVkMC00YjViLWE1YTktYTRiMWE4OWZiYjkwOjE2NzU4MTMyNzU0NzQ; Max-Age=15552000; Expires=Sun, 06-Aug-2023 23:41:15 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: private, no-cache, proxy-revalidate
Pragma: no-cache
X-IA-Request-ID: a41b1eb120a74a7b5945afc0ec9ff733
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UjT7NYMAPk1pK1Vf0EUBe-m-IlX_xoUUPnqP2ttXy4TdokCqPVXcyg==
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 7a6b6cd884e499b90b3c3906333764f6
65ab9a4b48f3e5bda3d3f8fa66d3df88bfc44dee
60f7a7cac1d300ef40f4480043fa869de2d5df7729bc6999e75da5f93a29e265
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:41:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 23:28:50 GMT
Expires: Sat, 11 Feb 2023 23:28:49 GMT
Etag: "65ab9a4b48f3e5bda3d3f8fa66d3df88bfc44dee"
Cache-Control: max-age=344253,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795ff9ad5ad7b505-OSL
six.cdn-net.com/6.js
35.190.2.11200 OK 1.0 kB IP 35.190.2.11:0
File type ASCII text, with very long lines (1039), with no line terminators
Hash 802f71e446b4090c7004a49d47111779
12e89c442b72e0f9e17f497b68af1f6179c344ac
e468476a664948a67bb2f8f2126726871b8cc8309fbc2641efd9d68acbcf4c15
GET /6.js HTTP/1.1
Host: six.cdn-net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, max-age=0
content-type: application/javascript
pragma: no-cache
date: Tue, 07 Feb 2023 23:41:15 GMT
content-length: 1039
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 7a6b6cd884e499b90b3c3906333764f6
65ab9a4b48f3e5bda3d3f8fa66d3df88bfc44dee
60f7a7cac1d300ef40f4480043fa869de2d5df7729bc6999e75da5f93a29e265
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:41:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 23:28:50 GMT
Expires: Sat, 11 Feb 2023 23:28:49 GMT
Etag: "65ab9a4b48f3e5bda3d3f8fa66d3df88bfc44dee"
Cache-Control: max-age=344252,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795ff9af1c08b505-OSL
www.cdn-net.com/et.js
54.230.111.83200 98 B IP 54.230.111.83:0
File type ASCII text, with no line terminators
Hash 98a8f0cd22b85a7751f6a11b13cb4f64
3eb5107578fb3aece72cd4e6dae0830ad298c914
bf93c9eff59991eed23ca7b13254b195bd93ac1dfc27f4855aca2511bd9e2df8
GET /et.js HTTP/1.1
Host: www.cdn-net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _cc-x=YjBhMWIyNWItZTVkMC00YjViLWE1YTktYTRiMWE4OWZiYjkwOjE2NzU4MTMyNzU0NzQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Content-Type: application/javascript
Content-Length: 98
Connection: keep-alive
Server: openresty/1.11.2.3
Date: Tue, 07 Feb 2023 23:41:16 GMT
ETag: "YWQwNDA4YjItNThkNy00YWQwLTk0MWQtYmU3YWRlZjljYWU1OjE2NzU4MTMyNzYwNzA"
Cache-Control: public, max-age=31536000
X-IA-Request-ID: 5fb5237f8b729b6a6dc8665adb35890c
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: R0xXqWW0akI8DAHflifRCTkseSy7clQLbMOWy7DTllvplgpMUG56xA==
www.cdn-net.com/s2?t=AbFmcimSnXmC7zsl2qj0Z5p9&x=1&sid=e27737f5fb243f07&tid=52bb5c9f-6041-4518-b8f8-ac883e05d077
54.230.111.83200 35 B URL HTTP/1.1 www.cdn-net.com/s2?t=AbFmcimSnXmC7zsl2qj0Z5p9&x=1&sid=e27737f5fb243f07&tid=52bb5c9f-6041-4518-b8f8-ac883e05d077
IP 54.230.111.83:0
File type HTML document, ASCII text, with no line terminators
Hash 0daeb37aec35be3de0dad59185719fd6
4ecb6d4b7a87c030851790476bfb81432051bf0a
3615e30dc95a3e48c66d53a77deb9894e94ddcb79c8759b5faa9625411076551
POST /s2?t=AbFmcimSnXmC7zsl2qj0Z5p9&x=1&sid=e27737f5fb243f07&tid=52bb5c9f-6041-4518-b8f8-ac883e05d077 HTTP/1.1
Host: www.cdn-net.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------175342699437921629984229013969
Content-Length: 24335
Origin: https://identity.ofx.com
Connection: keep-alive
Referer: https://identity.ofx.com/
Cookie: _cc-x=YjBhMWIyNWItZTVkMC00YjViLWE1YTktYTRiMWE4OWZiYjkwOjE2NzU4MTMyNzU0NzQ
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Content-Type: text/html
Content-Length: 35
Connection: keep-alive
Server: openresty/1.11.2.3
Date: Tue, 07 Feb 2023 23:41:16 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate
Pragma: no-cache
X-IA-Request-ID: 4890be13929adb7343b40c2c17301f50
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4bjT8R886vTzm7805DrTl5MKZiq3ZslgPJ_mzTBtBpPKKdTyCdb4Uw==
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 18a84ae645223aba0709b5e16c0207f7
0b865e797846520ccc6fff6fb2ee38d8836bd2c0
b1e4868045f074a84e3de1d82ec3ae22f6d2a1a4131b2a40bcce7f3f5375aff7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9760
x-amzn-requestid: 87a47ecc-20d5-49f5-b0df-149764b8de70
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f58GkEyVIAMF7rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a6f6-3ddaec37482a7a0a22899279;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:06:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Vzm5Icx0826Yup-nqN0aAdGJLl9Q7urlUjGLUHxUqRWB_qSb4tupXQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:26:33 GMT
age: 58484
etag: "0b865e797846520ccc6fff6fb2ee38d8836bd2c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d43a5c537419b193f5511da1195eac7a
c9aa3b7a305decf5b79e2f9f108ad1d0de18d3cf
6cdec3091b9fce48886dfb251dd5e5c7b8c2def90c30b894b802df8018602d1b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5957
Cache-Control: max-age=145766
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:41:17 GMT
Etag: "63e260be-117"
Expires: Thu, 09 Feb 2023 16:10:43 GMT
Last-Modified: Tue, 07 Feb 2023 14:31:26 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
login.okta.com/lib/discoveryIframe-0981fb4600c1fc3b059a.min.js
54.230.111.25200 OK 0 B URL HTTP/1.1 login.okta.com/lib/discoveryIframe-0981fb4600c1fc3b059a.min.js
IP 54.230.111.25:0
GET /lib/discoveryIframe-0981fb4600c1fc3b059a.min.js HTTP/1.1
Host: login.okta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://login.okta.com/discovery/iframe.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 98175
Connection: keep-alive
Last-Modified: Wed, 11 Jan 2023 16:48:05 GMT
Server: AmazonS3
Date: Tue, 07 Feb 2023 10:55:27 GMT
ETag: "5fd54037e63e9d87082dd6c45007c55a"
X-Cache: Hit from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: abhsYUZ9u3Nwd9TBMMzAomwiv2i_gjZ6-koioyiIb9PmmHIyOOyULQ==
Age: 45951
login-resources.prd.aws.ofx.com/styles/site.min.css
54.230.111.27200 OK 0 B URL HTTP/2 login-resources.prd.aws.ofx.com/styles/site.min.css
IP 54.230.111.27:0
GET /styles/site.min.css HTTP/1.1
Host: login-resources.prd.aws.ofx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 06 Feb 2023 02:59:29 GMT
server: AmazonS3
content-encoding: br
date: Tue, 07 Feb 2023 08:15:11 GMT
etag: W/"6a7d02ec7d1eb7df06abc18c41bb7636"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CxhJhiWKKthml6ZnvRVKwi94mlwrnTV4HK5SfpEVYY4NZuVTAMbxuQ==
age: 55561
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.244200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.244:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:41:13 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "u+riIbpeWSVolXo4r+dT2g=="
expires: Tue, 14 Feb 2023 23:41:13 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
login-resources.prd.aws.ofx.com/styles/ofx-global-min.css
54.230.111.27200 OK 0 B URL HTTP/2 login-resources.prd.aws.ofx.com/styles/ofx-global-min.css
IP 54.230.111.27:0
GET /styles/ofx-global-min.css HTTP/1.1
Host: login-resources.prd.aws.ofx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 06 Feb 2023 02:59:29 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 07 Feb 2023 23:41:12 GMT
etag: W/"a7991f350af9eff97b36d3b7a0063e0d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Dt2zlwVgOJsOi7IXi_y2JZgy8lgBL2q_YmAnrTvwhkTZYZefI3unyw==
age: 17910
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.30.0/assets/otCommonStyles.css
104.16.148.64200 OK 0 B URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.30.0/assets/otCommonStyles.css
IP 104.16.148.64:0
GET /scripttemplates/6.30.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://identity.ofx.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:41:13 GMT
content-type: text/css
content-md5: Ye6OeZcNyuFoWog7CYs00A==
last-modified: Mon, 31 Jan 2022 17:10:54 GMT
x-ms-request-id: 1a370070-801e-006e-6717-2971cf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 795ff9a0cfb3fab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/js/okta-sign-in.min.js
54.230.111.55200 OK 0 B URL HTTP/2 ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/js/okta-sign-in.min.js
IP 54.230.111.55:0
GET /assets/js/sdk/okta-signin-widget/5.16.1/js/okta-sign-in.min.js HTTP/1.1
Host: ok11static.oktacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 20 Jan 2023 03:51:48 GMT
server: nginx
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
last-modified: Fri, 04 Feb 2022 07:19:34 GMT
etag: W/"3201febd49d61359da808444b6a8dd0e"
expires: Sat, 20 Jan 2024 03:51:48 GMT
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
strict-transport-security: max-age=315360000; includeSubDomains
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sHvsR58UJB7AEl2SFxq27AWpUeOktBzS10Hg96vFn09MCwYOJXHisw==
age: 1626563
X-Firefox-Spdy: h2
ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css
54.230.111.55200 OK 0 B URL HTTP/2 ok11static.oktacdn.com/assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css
IP 54.230.111.55:0
GET /assets/js/sdk/okta-signin-widget/5.16.1/css/okta-sign-in.min.css HTTP/1.1
Host: ok11static.oktacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
date: Wed, 18 Jan 2023 23:40:16 GMT
server: nginx
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
last-modified: Fri, 04 Feb 2022 07:19:25 GMT
etag: W/"32082203138e95c3496af212b9076cd4"
expires: Thu, 18 Jan 2024 23:40:16 GMT
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
strict-transport-security: max-age=315360000; includeSubDomains
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aye6WQ3Ej5_E1f-kXZLEnGozEWzOkU4EuKJ2GSWGqeP_X3vn5pxxzA==
age: 1728055
X-Firefox-Spdy: h2
login-resources.prd.aws.ofx.com/styles/bootstrap.min.css
54.230.111.27200 OK 0 B URL HTTP/2 login-resources.prd.aws.ofx.com/styles/bootstrap.min.css
IP 54.230.111.27:0
GET /styles/bootstrap.min.css HTTP/1.1
Host: login-resources.prd.aws.ofx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 02 Feb 2023 04:43:24 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 07 Feb 2023 23:41:12 GMT
etag: W/"b31ff848fa78bfb7feb52c7729d63165"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B9P1VlMiyRY2BlZw8oO4xgUXuqFpqiMxdTmgXdxPganNhuac-fxMYQ==
age: 13174
X-Firefox-Spdy: h2