Report - go.m1.advisortohr.com/track/click/SlC9x_G1z1KQGsQGnu0U7pxI4mg/1/aHR0cHM6Ly9jbGF0aWQuaW8vd2ViaW5hci9pcnMtcmVsZWFzZXMtbmV3LTIwMjMtZm9ybXMtdy00LXctNHItYW5kLXB1YmxpY2F0aW9ucy0xNS1hbXAtMTUtdA==/?md5=d8eddFDts1ftFKifh8c3lA

Report Overview

Submitted URL
go.m1.advisortohr.com/track/click/SlC9x_G1z1KQGsQGnu0U7pxI4mg/1/aHR0cHM6Ly9jbGF0aWQuaW8vd2ViaW5hci9pcnMtcmVsZWFzZXMtbmV3LTIwMjMtZm9ybXMtdy00LXctNHItYW5kLXB1YmxpY2F0aW9ucy0xNS1hbXAtMTUtdA==/?md5=d8eddFDts1ftFKifh8c3lA
IP
96.44.175.236
ASN
#8100 ASN-QUADRANET-GLOBAL
Submitted
2023-03-23 04:09:54
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
4
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-26T11:13:51Z	3.4 kB	157 kB	216.58.207.227
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-26T13:08:42Z	682 B	1.6 kB	192.229.221.95
unpkg.com	11693	2016-01-08T00:26:01Z	2023-03-26T14:30:15Z	762 B	5.7 kB	104.16.122.175
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	3.2 kB	52 kB	34.120.237.76
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-26T05:21:02Z	383 B	1.1 kB	104.16.87.20
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-26T05:09:18Z	782 B	2.4 kB	35.241.9.150
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-26T10:46:46Z	377 B	79 kB	142.250.74.168
clatid.io	unknown	2020-02-19T09:05:40Z	2023-03-25T11:53:48Z	663 B	811 B	104.21.56.4
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-26T12:48:47Z	1.7 kB	3.8 kB	142.250.74.74
cdn.quilljs.com	30496	2014-11-10T09:38:17Z	2023-03-25T20:32:00Z	379 B	568 B	216.24.57.253
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606 B	127 B	35.162.11.178
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-26T05:09:01Z	367 B	29 kB	157.240.200.14
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	835 B	349 B	157.240.200.35
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-26T05:15:01Z	952 B	440 B	216.239.34.36
embed.tawk.to	8650	2014-03-19T22:03:49Z	2023-03-26T14:30:01Z	2.1 kB	44 kB	104.22.25.131
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413 B	5.9 kB	34.160.144.191
go.m1.advisortohr.com	unknown	2022-07-14T22:42:47Z	2023-03-25T19:08:01Z	547 B	703 B	96.44.175.236
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-26T05:10:41Z	3.1 kB	14 kB	142.250.74.163
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-26T05:09:13Z	2.4 kB	6.2 kB	23.36.77.32
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333 B	391 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-23 04:09:51	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-03-23 04:09:51	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-03-23 04:09:52	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-03-23 04:09:52	medium	Client IP	Internal IP	ET DNS Query for .to TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (28)

	URL	Size	First Seen	Last Seen
	embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-696bc286.js	17 kB	2023-03-26	2023-03-29
Pretty URL embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-696bc286.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 12:37:15 Last Seen2023-03-29 21:11:55 Times Seen268 Hash 4b8a1068cc267d0da5bcdb8fee3e728c d6e02b29cf3b687c680d688a50c0808d7d044e7c 0ca60f9c200e1c2716a13eb9745c0a5bdb2a944870cef862c48f8e90765078f8 Loading...

	embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-48f46bef.js	16 kB	2023-03-26	2023-03-29
Pretty URL embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-48f46bef.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 12:37:16 Last Seen2023-03-29 21:10:27 Times Seen263 Hash 35bf2a07113d845242557c39212c98f8 3b9fd7f9c340a36e310656870ae9602ad14c248b 2486a6ffa103f97c15d49f439b06ff30f54a8c29b3ab5047870d6b8e9026f8da Loading...

	clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_campaign=432&utm_content=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_medium=email&utm_source=newsletter&utm_term=campaign-432	161 B	2023-03-09	2024-01-04
Pretty URL clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_campaign=432&utm_content=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_medium=email&utm_source=newsletter&utm_term=campaign-432 IP 104.21.56.4 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:09:59 Last Seen2024-01-04 18:27:04 Times Seen213 Hash e6a962ba8067999f575b9cd4ecdbe69a 2505272224e7a954eac72aa64cfdc8feb1d8fadb a58c7ea33eade156c7dbaab987f870cb1c22fe2d0590711f85f35555e2c85ceb Loading...

	clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_campaign=432&utm_content=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_medium=email&utm_source=newsletter&utm_term=campaign-432	392 B	2023-03-09	2024-01-04
Pretty URL clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_campaign=432&utm_content=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_medium=email&utm_source=newsletter&utm_term=campaign-432 IP 104.21.56.4 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:09:59 Last Seen2024-01-04 18:27:04 Times Seen213 Hash 0c038e946467b187f4d6dad3dbead365 47046fd17c1bb6bebd4684881a337e9f106a4612 6737c6183f6a9ef72fb66616290f95e5678116f6eb2f93180e5a66ff3da141ea Loading...

	connect.facebook.net/signals/config/176102314131786?v=2.9.99&r=stable	386 kB	2023-03-13	2023-04-20
Pretty URL connect.facebook.net/signals/config/176102314131786?v=2.9.99&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:57:07 Last Seen2023-04-20 22:18:33 Times Seen40 Hash d4e335edbb5f437adb8985cd2acab0b1 0e299bb766588f88973d0ff0bd4c8c8dceaed967 ec3845448b0f50a7688cccf4fc96babab936d6778223e911fb6eb46220ff5735 Loading...

	embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-vendors.js	211 kB	2023-03-25	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-vendors.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:39:38 Last Seen2023-12-01 20:53:29 Times Seen8603 Hash 27a109773b0fdd12c9737166eb5719c2 8977473ceb692a49bac7a9a3c010d82c48857995 abd9f756ab6f8d858e73f4b8d8194ed99333d58fcadafbb50cac353fbaf9a03f Loading...

	embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-app.js	151 B	2023-03-07	2024-04-19
Pretty URL embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-app.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-04-19 15:08:18 Times Seen46582 Hash e736e189edb5d0d9d5b8e7f23dd9114a bcabee193f13756fa9154fc492fe420c47140343 13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd Loading...

	embed.tawk.to/_s/v4/app/64191eaee7b/languages/en.js	17 kB	2023-03-07	2024-02-05
Pretty URL embed.tawk.to/_s/v4/app/64191eaee7b/languages/en.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:47 Last Seen2024-02-05 02:14:35 Times Seen39084 Hash 585ba00b2c167b90c210161454f843b5 89ee8372cc6d5eb307cf5840b70d8f3dab3c57f2 e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0 Loading...

	clatid.io/assets/js/aos.js	14 kB	2023-03-07	2024-04-18
Pretty URL clatid.io/assets/js/aos.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:30 Last Seen2024-04-18 14:50:14 Times Seen1698 Hash aa20b6e0418d20fb86b071e670b2b207 e38950c1bce65e9f048e305b3567ff90a0c923e3 dd1f9acf13b12f189da475e0f23c7c505767859ab620aac636964974093c281d Loading...

	clatid.io/assets/js/main.js	11 kB	2023-03-09	2024-01-04
Pretty URL clatid.io/assets/js/main.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:09:59 Last Seen2024-01-04 18:27:04 Times Seen403 Hash 8b09d9f02d2926ed8124110cb08c5602 63557c1f01737423bac1621b33f5f68aadc14294 fc4f3003926309a56f5fcbd0d7c941027493e4e77af12678b17b7c30afecab50 Loading...

	clatid.io/assets/js/tabs.js	775 B	2023-03-09	2024-02-16
Pretty URL clatid.io/assets/js/tabs.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:09:59 Last Seen2024-02-16 16:11:33 Times Seen464 Hash 1c8c8adce8b55bf5871417329e1d2b4e b5744f28ad9dd7eb777839f17e7b6a2efa92a21a 5f4c084ac3822d17ec093138525213aa4d277d323d8cc5ca99e28c5c837660ab Loading...

	www.googletagmanager.com/gtag/js?id=G-FG42PV0X3V	223 kB	2023-03-26	2023-03-26
Pretty URL www.googletagmanager.com/gtag/js?id=G-FG42PV0X3V IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:40:23 Last Seen2023-03-26 14:40:23 Times Seen1 Hash 53d6887948d89c64e581a7fead0ddc19 2cbe819f3493cc87d66380505ad686423dc6f42d 64fae38afb0cba3444407620638dd693fa2eb826fb0e41f880c1f0b83cf65d42 Loading...

	embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-2c78ba82.js	7.1 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-2c78ba82.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:09 Last Seen2023-12-01 20:53:29 Times Seen7234 Hash fac25ff2d2c405e1ac7e156dca1f819c 9e7c83d4eefe4f64b4f1c43d15f21b248697a125 97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0 Loading...

	clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_campaign=432&utm_content=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_medium=email&utm_source=newsletter&utm_term=campaign-432	130 B	2023-03-09	2024-01-04
Pretty URL clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_campaign=432&utm_content=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_medium=email&utm_source=newsletter&utm_term=campaign-432 IP 104.21.56.4 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:09:59 Last Seen2024-01-04 18:27:04 Times Seen213 Hash c904369157c015caace09da9af84a1a1 59e62d9eac963de202d4d83be7369ef3d8a4cb69 ab24d7c5c8f133c94f7e6cfd5cfaccb5638846d7155da92f59ae05fd8c9258e7 Loading...

	embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-f163fcd0.js	11 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-f163fcd0.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-01 20:53:29 Times Seen11867 Hash a92075fd9ac5ba130387a80453676099 4b5b13cf9479b8311d574356e53f8da74200c57a 544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de Loading...

	embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-4fe9d5dd.js	942 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-4fe9d5dd.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-03 21:40:45 Times Seen7224 Hash 5f434bdd806571a4e1b385bee9316ff6 ca69e13015a6b7769e4174179dc8befd4c543c43 fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867 Loading...

	embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-2d0b9454.js	546 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-2d0b9454.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2023-12-03 21:40:45 Times Seen7208 Hash 09c3819d373bd4178a620d721429fada fc407211bc5ed4384dc85e981c5947f727254bd9 48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c Loading...

	clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_campaign=432&utm_content=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_medium=email&utm_source=newsletter&utm_term=campaign-432	444 B	2023-03-09	2024-01-04
Pretty URL clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_campaign=432&utm_content=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_medium=email&utm_source=newsletter&utm_term=campaign-432 IP 104.21.56.4 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:09:59 Last Seen2024-01-04 18:27:04 Times Seen213 Hash 01258ae5f79f5dcce31f69917dfed7dd 0205e6e39442e9e5b16e78d1de06b6cfb6c0181f f81b1372d9c184fb58e80b5f453667a309324c22ede4b1be3062ef25194cb0ea Loading...

	clatid.io/assets/js/mobile-menu.js	1.1 kB	2023-03-09	2024-02-16
Pretty URL clatid.io/assets/js/mobile-menu.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:09:59 Last Seen2024-02-16 16:11:33 Times Seen466 Hash 7eb35ff41b520abef4530583d069b6a5 5af68dbb2e4ff0f8f6b348bc40f6ffdd37dab6ef de51ff4cdc7495a1ab3e915ee3e8729995dec77a3af03aa9f7dcf72f33ba4c12 Loading...

	embed.tawk.to/5fb6212e920fc91564c878d5/default	2.1 kB	2023-03-26	2023-03-26
Pretty URL embed.tawk.to/5fb6212e920fc91564c878d5/default IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:16:32 Last Seen2023-03-26 14:40:24 Times Seen5 Hash fc60453a9f6734ce5398fe694e87ac16 28fcdcc4bf99718b664bb532e13f4f3325761edd 0371960767fa65dd26dec8f852640dd9eceac84715302d097102eb2e53f959c1 Loading...

	embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-main.js	121 B	2023-03-07	2024-04-19
Pretty URL embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-main.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-19 15:08:19 Times Seen45898 Hash da5bb1dc647470204df0e49f5afac2de f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8 705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c Loading...

	embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-runtime.js	2.3 kB	2023-03-26	2023-03-29
Pretty URL embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-runtime.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 12:37:15 Last Seen2023-03-29 21:11:56 Times Seen306 Hash 1c6eb263727e4e9201f8b1de00d72eb1 ef367f58d303837ac38b86f26b0e7ad038025bf2 e3c7ee3cd49a0c38e55621085181b3d8aa2504aa3b1ec5343112c1c36db5e4e2 Loading...

	connect.facebook.net/en_US/fbevents.js	110 kB	2023-03-26	2023-03-29
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 08:49:43 Last Seen2023-03-29 21:45:24 Times Seen2372 Hash b3d7d1fd0029796048820b8f515d1d4f 242f2ec5485fb5048e53a87fd37b2e6eafb664b6 0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec Loading...

	embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-32507910.js	74 kB	2023-03-26	2023-03-29
Pretty URL embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-32507910.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 12:37:15 Last Seen2023-03-29 21:11:55 Times Seen257 Hash 3f0102d3a92644cf9e2e2437a1344c65 4a1614f514444898244484b4611ada958d750592 fc65c4297889a2bc5dd6f0e12b5922b8be4e9e85f73a87a84d61eae09f56fa3d Loading...

	clatid.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-20
Pretty URL clatid.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-20 04:00:01 Times Seen54573 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-vendor.js	78 kB	2023-03-07	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-vendor.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-01-03 04:29:13 Times Seen8812 Hash 7dcb496e4882926f93f2e73fa87062c0 f84d8f772336f305bbbd882a1e5d48d9aa8bd16a 5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7 Loading...

	clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_campaign=432&utm_content=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_medium=email&utm_source=newsletter&utm_term=campaign-432	900 B	2023-03-12	2023-03-26
Pretty URL clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_campaign=432&utm_content=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_medium=email&utm_source=newsletter&utm_term=campaign-432 IP 104.21.56.4 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:29:36 Last Seen2023-03-26 14:40:24 Times Seen2 Hash de80a5a1c6270ab457fee75ad5584638 135f2759586faac7586f2348e746de3608799221 477e66968bfe02bf8577bd4a96462173e06cd3ab06320f3adbc9d95b371aa067 Loading...

	embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-common.js	197 kB	2023-03-26	2023-03-29
Pretty URL embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-common.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 12:37:15 Last Seen2023-03-29 21:11:55 Times Seen293 Hash 46a0e02a4565e239dc27dd03b88074ee 4fb7593a34d4150d03fc15af3b242e297b0ffa97 344609be4cc7450398cf9c15313f54fabc5f0a9f14fa5881b48205c19519be97 Loading...

HTTP Transactions (55)

	URL	IP	Response	Size
	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 210a2a42cfc4f4aced144f5de9babcc6 ece6ecfb2db8d036c3bfc7f02f8ea387e3f965db 59553a312d3fb34f1f0aea469f7e7cc810ff9993481ddbd73ea5d461cf97ed51 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "59553A312D3FB34F1F0AEA469F7E7CC810FF9993481DDBD73EA5D461CF97ED51" Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12365 Expires: Thu, 23 Mar 2023 07:35:48 GMT Date: Thu, 23 Mar 2023 04:09:43 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash bea3185dd820a31c1981317f37c3456d 1a548a5d27270fc11df9011837a7149571cedd78 469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9" Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2704 Expires: Thu, 23 Mar 2023 04:54:47 GMT Date: Thu, 23 Mar 2023 04:09:43 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 84db75194692d4afe13196bda6f22da8 4c1f49bc973a4917f146d93c8d598344edc021f6 a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 23 Mar 2023 03:27:30 GMT content-type: application/json age: 2533 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 51a5d4696a6090c295850554508b51ce c44e143c2223546e64b19f543b8101aaf3b11e97 8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF" Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15210 Expires: Thu, 23 Mar 2023 08:23:13 GMT Date: Thu, 23 Mar 2023 04:09:43 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: dc60VbxEpSZe/QfuDGmgS6WJEW0OQDaKwl3vDQ4dSsxKPsbPC0zB0u3fUsL+SbEpFd8hXESWRTk= x-amz-request-id: G613PM0MFQFGDHC4 x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 23 Mar 2023 03:53:54 GMT age: 949 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	go.m1.advisortohr.com/track/click/SlC9x_G1z1KQGsQGnu0U7pxI4mg/1/aHR0cHM6Ly9jbGF0aWQuaW8vd2ViaW5hci9pcnMtcmVsZWFzZXMtbmV3LTIwMjMtZm9ybXMtdy00LXctNHItYW5kLXB1YmxpY2F0aW9ucy0xNS1hbXAtMTUtdA==/?md5=d8eddFDts1ftFKifh8c3lA	96.44.175.236	302 Found	285 B
URL HTTP/1.1 go.m1.advisortohr.com/track/click/SlC9x_G1z1KQGsQGnu0U7pxI4mg/1/aHR0cHM6Ly9jbGF0aWQuaW8vd2ViaW5hci9pcnMtcmVsZWFzZXMtbmV3LTIwMjMtZm9ybXMtdy00LXctNHItYW5kLXB1YmxpY2F0aW9ucy0xNS1hbXAtMTUtdA==/?md5=d8eddFDts1ftFKifh8c3lA IP 96.44.175.236:0 ASN #8100 ASN-QUADRANET-GLOBAL File type HTML document, ASCII text Size 285 B (285 bytes) Hash 3ee7590b129640d9aee0a84874138446 2877bec6400b7215a4a28364b3abff71c5639eb9 e4b97254673d15cafa70c9dae1b75363f17345c265310bdfec0cfe45112415f8 HTTP Headers GET /track/click/SlC9x_G1z1KQGsQGnu0U7pxI4mg/1/aHR0cHM6Ly9jbGF0aWQuaW8vd2ViaW5hci9pcnMtcmVsZWFzZXMtbmV3LTIwMjMtZm9ybXMtdy00LXctNHItYW5kLXB1YmxpY2F0aW9ucy0xNS1hbXAtMTUtdA==/?md5=d8eddFDts1ftFKifh8c3lA HTTP/1.1 Host: go.m1.advisortohr.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1 `HTTP/1.1 302 Found Server: nginx/1.18.0 Date: Thu, 23 Mar 2023 04:09:43 GMT Content-Type: text/html; charset=utf-8 Content-Length: 285 Connection: keep-alive location: https://clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_campaign=432&utm_content=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_medium=email&utm_source=newsletter&utm_term=campaign-432`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Thu, 23 Mar 2023 04:09:43 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 23 Mar 2023 03:14:33 GMT age: 3311 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	850 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 850 B (850 bytes) Hash 558869a1d21e2091ee015e0a59e17b0f ecdf15510e2a1ba380403487344e4f29bc480b9a d38f26610cbd79c37e7c1bf233ea13bed46df3171e0f48cc38970ef9f30f79e9 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 04:09:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 18b877ebbad1529e4bd91e12220d91c4 a3d64fb3d9cc1fe3a29b261c4ec9acfe134dfedc 7001d3ef847c7002ac15155f0dfcc0a369f19860e85c8e90530f1e7b2dd88f09 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "7001D3EF847C7002AC15155F0DFCC0A369F19860E85C8E90530F1E7B2DD88F09" Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3317 Expires: Thu, 23 Mar 2023 05:05:01 GMT Date: Thu, 23 Mar 2023 04:09:44 GMT Connection: keep-alive`

	www.googletagmanager.com/gtag/js?id=G-FG42PV0X3V	142.250.74.168	200 OK	78 kB
URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-FG42PV0X3V IP 142.250.74.168:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (19390) Size 78 kB (78164 bytes) Hash 87240e84ddc4199b4d3dbc91cf79a10c 49f2216f6c91422970b9b9310676c7c56e55cb71 3315340c1cefb70b27d473c065404e2fe0860916c15ea1b730ed39c0c480f7bc HTTP Headers `GET /gtag/js?id=G-FG42PV0X3V HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Thu, 23 Mar 2023 04:09:44 GMT expires: Thu, 23 Mar 2023 04:09:44 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 78164 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	5.2 kB
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 5.2 kB (5217 bytes) Hash 4b5d53071514d094f8d8ae47173b5859 efdaa2ab1122d90b92afb4fccdef29687e6c89fd c46f09761b2049ba756931200001ba8adebe91f11cd8b228d66ae33488ada75b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 04:09:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 342da587101df62e3e8f03dc4a87f93d 897c40f31b24adf281b804bbca7f0ffba5b86816 f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 04:09:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	791 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 791 B (791 bytes) Hash 6641b0b5ae7dcfc849bbf1c2c114a1a1 102cf07df6bc4a806ba8085bfba548feb38e99d5 ebc9410210570498e83ccd7148140e6820fd149aa453fd1c6f0376a96664f478 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 04:09:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	2.7 kB
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 2.7 kB (2710 bytes) Hash aafa1729c1d4164add4604f033e3bd68 ed63328c387520c6742d177bec5e3f317574b256 5aa592d956ee18292c9c3df6cd02f7138615059e1c8022d81d83ef2053bbf600 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 04:09:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 23c054d3aee551b6fdc42a5a472a7040 b1a46c12ac7d65c979fd1998bdb243f3dba8f956 9e8b91ab91da9ea20dfb5f90c1c06239d2872b0eb80785534d0c59c3b51de404 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 04:09:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 342da587101df62e3e8f03dc4a87f93d 897c40f31b24adf281b804bbca7f0ffba5b86816 f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 04:09:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.googleapis.com/css2?family=Rubik:wght@400;500;700;900&family=Ubuntu:wght@400;500;700&display=swap	142.250.74.74	200 OK	1.2 kB
URL HTTP/2 fonts.googleapis.com/css2?family=Rubik:wght@400;500;700;900&family=Ubuntu:wght@400;500;700&display=swap IP 142.250.74.74:0 ASN #15169 GOOGLE File type data Size 1.2 kB (1238 bytes) Hash fca8f3a5cbf753c6144a99143c2f8255 f8ff5fc903832f6cf33ccc9df831f6447aa1dab1 1d4e645dc9d36c539f93e4de067a13aac60538c6ca91f8d099416b4917e65394 HTTP Headers `GET /css2?family=Rubik:wght@400;500;700;900&family=Ubuntu:wght@400;500;700&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Thu, 23 Mar 2023 04:09:44 GMT date: Thu, 23 Mar 2023 04:09:44 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 097d447e049e3b41f92a4695b1b0c3c7 f39c9ef8d22bee41d940bf719c75b2cfae9291d5 459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 04:09:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	push.services.mozilla.com/	35.162.11.178	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 35.162.11.178:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 88kLSyQkrElmd8pETN046g== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: o27rTx8tbulygtiPgQ4hldotY20=`

	fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2	216.58.207.227	200 OK	7.9 kB
URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data Size 7.9 kB (7884 bytes) Hash 9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f HTTP Headers `GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://clatid.io Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 7884 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 22 Mar 2023 18:05:11 GMT expires: Thu, 21 Mar 2024 18:05:11 GMT cache-control: public, max-age=31536000 last-modified: Wed, 27 Apr 2022 17:03:52 GMT content-type: font/woff2 age: 36273 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/rubik/v26/iJWKBXyIfDnIV7nBrXw.woff2	216.58.207.227	200 OK	34 kB
URL HTTP/2 fonts.gstatic.com/s/rubik/v26/iJWKBXyIfDnIV7nBrXw.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 33868, version 1.0\012- data Size 34 kB (33868 bytes) Hash a55fefd02b25a2cb141efe2d17776d60 ba132269410be55bbd81032011d5904ceb33bc64 e5b4655e2fac9e5887dfc63e54a5ea312f8779ad2a4316765a690c5177ef1acc HTTP Headers `GET /s/rubik/v26/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://clatid.io Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 33868 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 22 Mar 2023 23:55:52 GMT expires: Thu, 21 Mar 2024 23:55:52 GMT cache-control: public, max-age=31536000 age: 15232 last-modified: Wed, 08 Mar 2023 21:37:56 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2	216.58.207.227	200 OK	7.8 kB
URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data Size 7.8 kB (7816 bytes) Hash 25b0e113ca7cce3770d542736db26368 cb726212d5d525021752a1d8470a0fb593e0c49e 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 HTTP Headers `GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://clatid.io Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 7816 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 22 Mar 2023 18:05:11 GMT expires: Thu, 21 Mar 2024 18:05:11 GMT cache-control: public, max-age=31536000 last-modified: Wed, 27 Apr 2022 16:11:40 GMT content-type: font/woff2 age: 36273 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2	216.58.207.227	200 OK	31 kB
URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data Size 31 kB (30928 bytes) Hash ac0d2859ea5f8fd6bcb3c305c08ec184 7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7 ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 HTTP Headers `GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://clatid.io Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 30928 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 22 Mar 2023 22:29:05 GMT expires: Thu, 21 Mar 2024 22:29:05 GMT cache-control: public, max-age=31536000 last-modified: Mon, 11 Jul 2022 18:57:39 GMT content-type: font/woff2 age: 20439 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2	216.58.207.227	200 OK	32 kB
URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data Size 32 kB (31760 bytes) Hash fda4d0b623999af43148ba34c3b1ff73 ca5496af89720cc3e94e6279132f252b7cd471a6 33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38 HTTP Headers `GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://clatid.io Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 31760 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 22 Mar 2023 18:05:11 GMT expires: Thu, 21 Mar 2024 18:05:11 GMT cache-control: public, max-age=31536000 last-modified: Mon, 11 Jul 2022 18:54:16 GMT content-type: font/woff2 age: 36273 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2	216.58.207.227	200 OK	8.0 kB
URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data Size 8.0 kB (8000 bytes) Hash 72993dddf88a63e8f226656f7de88e57 179f97ec0275f09603a8db94d4380eb584d81cd5 f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149 HTTP Headers `GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://clatid.io Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 8000 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 22 Mar 2023 13:08:02 GMT expires: Thu, 21 Mar 2024 13:08:02 GMT cache-control: public, max-age=31536000 age: 54102 last-modified: Wed, 27 Apr 2022 16:59:07 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2	216.58.207.227	200 OK	30 kB
URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 30480, version 1.0\012- data Size 30 kB (30480 bytes) Hash 0e7e5f9d3a8ef121149827180b790b5c 0e9f9333078e5df9245630ff6f68ba1d9da3c403 e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c HTTP Headers `GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://clatid.io Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 30480 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 20 Mar 2023 13:48:03 GMT expires: Tue, 19 Mar 2024 13:48:03 GMT cache-control: public, max-age=31536000 last-modified: Wed, 27 Apr 2022 16:04:03 GMT content-type: font/woff2 age: 224501 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 097d447e049e3b41f92a4695b1b0c3c7 f39c9ef8d22bee41d940bf719c75b2cfae9291d5 459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 04:09:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.digicert.com/	192.229.221.95	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 6e965ba75b84abf96ca0d83da48d2fbb 4c2eb4c06cabee4d0f0606e88e9e074e2f767168 4b39bfe671df590e9c5baf75008d76f4272d8ffbafd7108e7592f8165b6806c6 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 4747 Cache-Control: max-age=127334 Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 04:09:45 GMT Etag: "641b0ce4-1d7" Expires: Fri, 24 Mar 2023 15:31:59 GMT Last-Modified: Wed, 22 Mar 2023 14:12:52 GMT Server: ECAcc (ska/F6AF) X-Cache: HIT Content-Length: 471`

	connect.facebook.net/en_US/fbevents.js	157.240.200.14	200 OK	28 kB
URL HTTP/2 connect.facebook.net/en_US/fbevents.js IP 157.240.200.14:0 ASN #32934 FACEBOOK File type ASCII text, with very long lines (64348) Size 28 kB (27907 bytes) Hash e5f5bf796d91f271e383cf1ff3ee5af4 70ead02da19095ca752d55e89a48fcdf59d44d33 247f023e282f1556e668df0033858196d682f31f659d1b53ea6dcaeff56c401a HTTP Headers `GET /en_US/fbevents.js HTTP/1.1 Host: connect.facebook.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK vary: Accept-Encoding content-encoding: gzip content-type: application/x-javascript; charset=utf-8 report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-security-policy: default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report" cross-origin-opener-policy: same-origin-allow-popups pragma: public cache-control: public, max-age=1200 expires: Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options: nosniff x-xss-protection: 0 x-frame-options: DENY origin-agent-cluster: ?0 strict-transport-security: max-age=31536000; preload; includeSubDomains x-fb-debug: du32h7MHDbJ/eAmSX/6Z6u5WIb/0fsMBDE+pgkUKhHcjuO88vHe5PvYBqONwSSMgjdC2fNspxSzZeofFDyWPhA== content-length: 27907 x-fb-trip-id: 1679558926 date: Thu, 23 Mar 2023 04:09:45 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.digicert.com/	192.229.221.95	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 6e965ba75b84abf96ca0d83da48d2fbb 4c2eb4c06cabee4d0f0606e88e9e074e2f767168 4b39bfe671df590e9c5baf75008d76f4272d8ffbafd7108e7592f8165b6806c6 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 4673 Cache-Control: max-age=127260 Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 04:09:45 GMT Etag: "641b0ce4-1d7" Expires: Fri, 24 Mar 2023 15:30:45 GMT Last-Modified: Wed, 22 Mar 2023 14:12:52 GMT Server: ECAcc (ska/F7A5) X-Cache: HIT Content-Length: 471`

	www.facebook.com/tr/?id=176102314131786&ev=PageView&dl=https%3A%2F%2Fclatid.io%2Fwebinar%2Firs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t%3Fslid%3DSlC9x_G1z1KQGsQGnu0U7pxI4mg%26utm_campaign%3D432%26utm_content%3DSlC9x_G1z1KQGsQGnu0U7pxI4mg%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dcampaign-432&rl=&if=false&ts=1679544592465&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679544592464.923191880&it=1679544592183&coo=false&rqm=GET	157.240.200.35	200 OK	0 B
URL HTTP/2 www.facebook.com/tr/?id=176102314131786&ev=PageView&dl=https%3A%2F%2Fclatid.io%2Fwebinar%2Firs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t%3Fslid%3DSlC9x_G1z1KQGsQGnu0U7pxI4mg%26utm_campaign%3D432%26utm_content%3DSlC9x_G1z1KQGsQGnu0U7pxI4mg%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dcampaign-432&rl=&if=false&ts=1679544592465&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679544592464.923191880&it=1679544592183&coo=false&rqm=GET IP 157.240.200.35:0 ASN #32934 FACEBOOK File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tr/?id=176102314131786&ev=PageView&dl=https%3A%2F%2Fclatid.io%2Fwebinar%2Firs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t%3Fslid%3DSlC9x_G1z1KQGsQGnu0U7pxI4mg%26utm_campaign%3D432%26utm_content%3DSlC9x_G1z1KQGsQGnu0U7pxI4mg%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dcampaign-432&rl=&if=false&ts=1679544592465&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679544592464.923191880&it=1679544592183&coo=false&rqm=GET HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site `HTTP/2 200 OK content-type: text/plain access-control-allow-origin: access-control-allow-credentials: true strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin content-length: 0 server: proxygen-bolt alt-svc: h3=":443"; ma=86400 date: Thu, 23 Mar 2023 04:09:45 GMT X-Firefox-Spdy: h2`

	region1.google-analytics.com/g/collect?v=2&tid=G-FG42PV0X3V&gtm=45je33k0&_p=656874019&cid=1390125625.1679544592&ul=en-us&sr=1280x1024&_s=1&sid=1679544592&sct=1&seg=0&dl=https%3A%2F%2Fclatid.io%2Fwebinar%2Firs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t%3Fslid%3DSlC9x_G1z1KQGsQGnu0U7pxI4mg%26utm_campaign%3D432%26utm_content%3DSlC9x_G1z1KQGsQGnu0U7pxI4mg%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dcampaign-432&dt=IRS%20Releases%20New%202023%20Forms%20W-4%2C%20W-4R%20And%20Publications%2015%20%26%2015-T&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1	216.239.34.36	204 No Content	0 B
URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-FG42PV0X3V&gtm=45je33k0&_p=656874019&cid=1390125625.1679544592&ul=en-us&sr=1280x1024&_s=1&sid=1679544592&sct=1&seg=0&dl=https%3A%2F%2Fclatid.io%2Fwebinar%2Firs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t%3Fslid%3DSlC9x_G1z1KQGsQGnu0U7pxI4mg%26utm_campaign%3D432%26utm_content%3DSlC9x_G1z1KQGsQGnu0U7pxI4mg%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dcampaign-432&dt=IRS%20Releases%20New%202023%20Forms%20W-4%2C%20W-4R%20And%20Publications%2015%20%26%2015-T&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 IP 216.239.34.36:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /g/collect?v=2&tid=G-FG42PV0X3V&gtm=45je33k0&_p=656874019&cid=1390125625.1679544592&ul=en-us&sr=1280x1024&_s=1&sid=1679544592&sct=1&seg=0&dl=https%3A%2F%2Fclatid.io%2Fwebinar%2Firs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t%3Fslid%3DSlC9x_G1z1KQGsQGnu0U7pxI4mg%26utm_campaign%3D432%26utm_content%3DSlC9x_G1z1KQGsQGnu0U7pxI4mg%26utm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dcampaign-432&dt=IRS%20Releases%20New%202023%20Forms%20W-4%2C%20W-4R%20And%20Publications%2015%20%26%2015-T&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 Host: region1.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://clatid.io Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 `HTTP/2 204 No Content access-control-allow-origin: https://clatid.io date: Thu, 23 Mar 2023 04:09:45 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-common.js	104.22.25.131	200 OK	41 kB
URL HTTP/2 embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-common.js IP 104.22.25.131:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (65466) Size 41 kB (41390 bytes) Hash 3025aee677e581ca1be0e34fc96fa183 901b9d55dd189529c34e43f2f9554ba27a7b2e76 fa4fbe33d61357d7ab447475ba2d6092f861b03ce54e82e83ea996a68d13ec27 HTTP Headers `GET /_s/v4/app/64191eaee7b/js/twk-chunk-common.js HTTP/1.1 Host: embed.tawk.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://clatid.io Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Thu, 23 Mar 2023 04:09:45 GMT content-type: application/javascript last-modified: Tue, 21 Mar 2023 03:06:12 GMT etag: W/"46a0e02a4565e239dc27dd03b88074ee" age: 124428 access-control-allow-origin: * cache-control: public, max-age=2592000, immutable x-cache-status: HIT strict-transport-security: max-age=0; includeSubDomains; preload cf-cache-status: HIT vary: Accept-Encoding x-content-type-options: nosniff server: cloudflare cf-ray: 7ac3d21bfea1b4ee-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6433 Expires: Thu, 23 Mar 2023 05:56:59 GMT Date: Thu, 23 Mar 2023 04:09:46 GMT Connection: keep-alive`

	unpkg.com/swiper@6.2.0/swiper-bundle.min.css	104.16.122.175	200 OK	4.5 kB
URL HTTP/2 unpkg.com/swiper@6.2.0/swiper-bundle.min.css IP 104.16.122.175:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (13425) Size 4.5 kB (4533 bytes) Hash 7eb45e801c365fbcc6e44e4490c8aa2c 81c00b5cf00079d6f0d0c357d75f0c7105f46bd1 4568f9036e26ee31cf6c4b15740752cc831142b71fc628e031d52ec82996c0ee HTTP Headers `GET /swiper@6.2.0/swiper-bundle.min.css HTTP/1.1 Host: unpkg.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Thu, 23 Mar 2023 04:09:44 GMT content-type: text/css; charset=utf-8 access-control-allow-origin: * cache-control: public, max-age=31536000 last-modified: Sat, 26 Oct 1985 08:15:00 GMT etag: W/"3571-KdIeCc9LyEtELLuICwCrVgE4iKk" via: 1.1 fly.io fly-request-id: 01G0WJWY1H04DM2V5ET2SE8E2Q-fra cf-cache-status: HIT age: 29317820 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 7ac3d2149c4eb4f3-OSL content-encoding: br X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6433 Expires: Thu, 23 Mar 2023 05:56:59 GMT Date: Thu, 23 Mar 2023 04:09:46 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6433 Expires: Thu, 23 Mar 2023 05:56:59 GMT Date: Thu, 23 Mar 2023 04:09:46 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea5d4e17-e42c-49fb-a54b-d7d97ad50ba4.jpeg	34.120.237.76	200 OK	7.1 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea5d4e17-e42c-49fb-a54b-d7d97ad50ba4.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.1 kB (7083 bytes) Hash 40d24dfcd9f0afe0e4077384f16cc494 76213c7d5c759471ed3823888860f918ac7e8f13 fbbbef0498ddf14bc9b204273a3cd416c357dceed20339c3e8c64a16b0be3caf HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea5d4e17-e42c-49fb-a54b-d7d97ad50ba4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7083 x-amzn-requestid: 52c38747-4a30-4831-87ca-7e72e5602ed0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CHY_gFu8IAMFh9g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64193b96-49c53b7c2e5ed4fc0217e357;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 05:07:34 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: XUrSSF8TgZSClR4MqJ0kuXGO-8KIguNmGe5lmVwzKXZO6CN0F9mimg== via: 1.1 f3802d173009698413044360f84de06c.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 21:51:03 GMT age: 22723 etag: "76213c7d5c759471ed3823888860f918ac7e8f13" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg	34.120.237.76	200 OK	6.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.0 kB (5950 bytes) Hash 800c2662fd6ab8829a02b7d63084c38d 0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239 76545e9f75dc558fdb7b54550934c7775318fb4150a9309f60e65d982d2e576e HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5950 x-amzn-requestid: ce85112e-428d-4ca1-9dac-1d6c8c6dc74a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CKyF9EI3oAMFtyQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a96f2-05c5948d6f74948b1c67d68c;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 05:49:38 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: tu0ENc_6tfykYc23nLfwYEMsi5HIfaDWF6dvzVTfX5rfjr3JrmMrCA== via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 22:02:44 GMT age: 57605 etag: "0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg	34.120.237.76	200 OK	5.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.6 kB (5556 bytes) Hash c831201ad81f55c63c1b101ce854a810 0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5 c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5556 x-amzn-requestid: dd5a8417-ddd5-469d-aa84-e880f4b84464 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CHqKFGRsoAMFTGQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6419570d-3f28a7502b56eda47dd82ba7;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 07:04:45 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: JImqyag05jmvEwsJSvKFVuisuS5KNKfr7xRuN0YPyneNXvVxKkFMzg== via: 1.1 ee6ea1e4552345de209d26f9ffb35d4a.cloudfront.net (CloudFront), 1.1 5292c0d5844327feadb38f1efe42ebc6.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 05:35:55 GMT age: 81231 etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340c6dd8-fc2f-45fc-9318-44a28c249325.jpeg	34.120.237.76	200 OK	9.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340c6dd8-fc2f-45fc-9318-44a28c249325.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.7 kB (9687 bytes) Hash 6de676f6856031e5c1baebe9166a8269 d81a4852f956999fa28a5f667ed73506843d0731 71f282ba594e454a2abf1c3700ade4d9461d6d48ac2726f746f3da5a63e29c38 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340c6dd8-fc2f-45fc-9318-44a28c249325.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9687 x-amzn-requestid: b7c8cd8c-6103-4aa4-9016-f02cf368908d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM8JGHyEoAMFzJw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b73d3-2fb1fd1b5be3289047f8aed4;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:32:03 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: pwTgv5KbsBUYyFFmAaQkVuceVkWmy6S5-JrC5QptjI6eZYMu23hopg== via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 21:47:44 GMT age: 22922 etag: "d81a4852f956999fa28a5f667ed73506843d0731" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffed036ca-a43b-426f-a0f3-fb8f2e221171.jpeg	34.120.237.76	200 OK	6.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffed036ca-a43b-426f-a0f3-fb8f2e221171.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.4 kB (6430 bytes) Hash 27bd1bd539c3711ff340f243098cab93 4860b7e75775fe187a9253a4d38222e36552f529 34278c150d0686e999228226d0d92e3e7ed1116978ab94fd21b3047c44a69972 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffed036ca-a43b-426f-a0f3-fb8f2e221171.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6430 x-amzn-requestid: abbe5dc0-5218-46ef-b264-30aa5d0a87b3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BzanbGRCIAMF96g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64113e2f-3c198b4a31aaa8f263ec8db5;Sampled=0 x-amzn-remapped-date: Wed, 15 Mar 2023 03:40:31 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: eETIf_ygzcHX6nt_w_o0UXc5Myk3aCUzDfWf4LhwILPkeAWkd4yctA== via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 13:48:21 GMT age: 51685 etag: "4860b7e75775fe187a9253a4d38222e36552f529" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae396653-384e-48e4-9824-4bf9d53f211b.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae396653-384e-48e4-9824-4bf9d53f211b.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (10959 bytes) Hash 90be67fd11de3a169f4de942f6418f3f 55bd99cc5490b60e7a653ffa5f2a8c288ef66e87 b07e34257bbaa41c941650a839adad82d4999d92ee62402dbec969d9464c89b0 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae396653-384e-48e4-9824-4bf9d53f211b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10959 x-amzn-requestid: a7e3f891-6f0e-48af-9a37-3cb8f9cae223 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: B9xD8G-pIAMFagQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64156218-3334d770691739b77f855b0b;Sampled=0 x-amzn-remapped-date: Sat, 18 Mar 2023 07:02:48 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: RmTQewe6KB0ictxZUj2umye1wlB6l5FkLEoXfGsR2adHPRU9KyXxWQ== via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Mar 2023 03:55:26 GMT age: 860 etag: "55bd99cc5490b60e7a653ffa5f2a8c288ef66e87" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,600,700	142.250.74.74	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,500,600,700 IP 142.250.74.74:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Montserrat:300,300i,400,400i,500,600,700 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Thu, 23 Mar 2023 04:09:44 GMT date: Thu, 23 Mar 2023 04:09:44 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Poppins:300,400,500,600,700&display=swap	142.250.74.74	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300,400,500,600,700&display=swap IP 142.250.74.74:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Poppins:300,400,500,600,700&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Thu, 23 Mar 2023 04:09:44 GMT date: Thu, 23 Mar 2023 04:09:44 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-main.js	104.22.25.131	200 OK	0 B
URL HTTP/2 embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-main.js IP 104.22.25.131:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /_s/v4/app/64191eaee7b/js/twk-main.js HTTP/1.1 Host: embed.tawk.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://clatid.io Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Thu, 23 Mar 2023 04:09:45 GMT content-type: application/javascript last-modified: Tue, 21 Mar 2023 03:06:13 GMT etag: W/"da5bb1dc647470204df0e49f5afac2de" age: 124428 access-control-allow-origin: * cache-control: public, max-age=2592000, immutable x-cache-status: HIT strict-transport-security: max-age=0; includeSubDomains; preload cf-cache-status: HIT vary: Accept-Encoding x-content-type-options: nosniff server: cloudflare cf-ray: 7ac3d21bde91b4ee-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-vendor.js	104.22.25.131	200 OK	0 B
URL HTTP/2 embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-vendor.js IP 104.22.25.131:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /_s/v4/app/64191eaee7b/js/twk-vendor.js HTTP/1.1 Host: embed.tawk.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://clatid.io Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Thu, 23 Mar 2023 04:09:45 GMT content-type: application/javascript last-modified: Tue, 21 Mar 2023 03:06:12 GMT etag: W/"7dcb496e4882926f93f2e73fa87062c0" access-control-allow-origin: * cache-control: public, max-age=2592000, immutable x-cache-status: HIT strict-transport-security: max-age=0; includeSubDomains; preload cf-cache-status: HIT age: 124428 vary: Accept-Encoding x-content-type-options: nosniff server: cloudflare cf-ray: 7ac3d21bde93b4ee-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-vendors.js	104.22.25.131	200 OK	0 B
URL HTTP/2 embed.tawk.to/_s/v4/app/64191eaee7b/js/twk-chunk-vendors.js IP 104.22.25.131:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /_s/v4/app/64191eaee7b/js/twk-chunk-vendors.js HTTP/1.1 Host: embed.tawk.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://clatid.io Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Thu, 23 Mar 2023 04:09:45 GMT content-type: application/javascript last-modified: Tue, 21 Mar 2023 03:06:13 GMT etag: W/"27a109773b0fdd12c9737166eb5719c2" age: 124428 access-control-allow-origin: * cache-control: public, max-age=2592000, immutable x-cache-status: HIT strict-transport-security: max-age=0; includeSubDomains; preload cf-cache-status: HIT vary: Accept-Encoding x-content-type-options: nosniff server: cloudflare cf-ray: 7ac3d21bfe9eb4ee-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	unpkg.com/aos@2.3.1/dist/aos.css	104.16.122.175	200 OK	0 B
URL HTTP/2 unpkg.com/aos@2.3.1/dist/aos.css IP 104.16.122.175:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /aos@2.3.1/dist/aos.css HTTP/1.1 Host: unpkg.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Thu, 23 Mar 2023 04:09:44 GMT content-type: text/css; charset=utf-8 access-control-allow-origin: * cache-control: public, max-age=31536000 last-modified: Thu, 17 May 2018 22:11:13 GMT etag: W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA" via: 1.1 fly.io fly-request-id: 01G754J040XBCARD93ACQA76A4-fra cf-cache-status: HIT age: 22588257 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 7ac3d2149c4bb4f3-OSL content-encoding: br X-Firefox-Spdy: h2

	embed.tawk.to/5fb6212e920fc91564c878d5/default	104.22.25.131	200 OK	0 B
URL HTTP/2 embed.tawk.to/5fb6212e920fc91564c878d5/default IP 104.22.25.131:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /5fb6212e920fc91564c878d5/default HTTP/1.1 Host: embed.tawk.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://clatid.io Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Thu, 23 Mar 2023 04:09:45 GMT content-type: application/x-javascript access-control-allow-origin: * cache-control: public, max-age=7200, s-maxage=3600 etag: W/"stable-v4-64191eaee7b" vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains; preload cf-cache-status: REVALIDATED x-content-type-options: nosniff server: cloudflare cf-ray: 7ac3d2175c07b4ee-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2`

	fonts.googleapis.com/css?family=Josefin+Sans:300,300i,400,400i,600,600i,700,700i	142.250.74.74	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Josefin+Sans:300,300i,400,400i,600,600i,700,700i IP 142.250.74.74:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Josefin+Sans:300,300i,400,400i,600,600i,700,700i HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Thu, 23 Mar 2023 04:09:44 GMT date: Thu, 23 Mar 2023 04:09:44 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	cdn.quilljs.com/1.3.6/quill.snow.css	216.24.57.253	200 OK	0 B
URL HTTP/2 cdn.quilljs.com/1.3.6/quill.snow.css IP 216.24.57.253:0 ASN #397273 RENDER File type Size 0 B (0 bytes) Hash HTTP Headers `GET /1.3.6/quill.snow.css HTTP/1.1 Host: cdn.quilljs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Thu, 23 Mar 2023 04:09:44 GMT content-type: text/css; charset=utf-8 cf-ray: 7ac3d214bba3b503-OSL access-control-allow-origin: * cache-control: public, max-age=604800 etag: W/"9b536bda67650c506df72197baec4c01" last-modified: Tue, 16 Mar 2021 22:22:46 UTC vary: Accept-Encoding cf-cache-status: DYNAMIC cache-tag: srv-c18iup3jbvmedckps0k0 cloudflare-cdn-cache-control: public, max-age=300 x-content-type-options: nosniff server: cloudflare content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js	104.16.87.20	200 OK	0 B
URL HTTP/2 cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js IP 104.16.87.20:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1 Host: cdn.jsdelivr.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://clatid.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Thu, 23 Mar 2023 04:09:46 GMT content-type: application/javascript; charset=utf-8 access-control-allow-origin: * access-control-expose-headers: * timing-allow-origin: * cache-control: public, max-age=31536000, s-maxage=31536000, immutable cross-origin-resource-policy: cross-origin x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU" x-served-by: cache-fra-eddf8230136-FRA, cache-yyz4541-YYZ x-cache: HIT, HIT vary: Accept-Encoding alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status: HIT age: 2489764 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDPiXctGG44c3Q07KR%2F5OmX9aanniMaIUW3mt8jnT5JyHGv4WH80XyuXRbUp%2Fv%2FRaJpp%2FfCD50n6keQi2UI9FfLv77LWD3Kbqy%2F9nxbYtFQAA9q1%2BHoe9FdiND7udOQQFec%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7ac3d22238f2b50c-OSL content-encoding: br X-Firefox-Spdy: h2

	clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_campaign=432&utm_content=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_medium=email&utm_source=newsletter&utm_term=campaign-432	104.21.56.4	200 OK	0 B
URL HTTP/2 clatid.io/webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_campaign=432&utm_content=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_medium=email&utm_source=newsletter&utm_term=campaign-432 IP 104.21.56.4:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /webinar/irs-releases-new-2023-forms-w-4-w-4r-and-publications-15-amp-15-t?slid=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_campaign=432&utm_content=SlC9x_G1z1KQGsQGnu0U7pxI4mg&utm_medium=email&utm_source=newsletter&utm_term=campaign-432 HTTP/1.1 Host: clatid.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 200 OK date: Thu, 23 Mar 2023 04:09:44 GMT content-type: text/html; charset=UTF-8 x-powered-by: PHP/7.4.26 expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache set-cookie: PHPSESSID=h5g7rlmr9n4at55ms5p543non8; path=/ vary: Accept-Encoding,User-Agent cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWHbxRCas%2F2Ol5RuJ3DO0FzAjjnRqAOv5VQEy7iO8OjtYZqaVhH8mPm%2BRFML5X%2FqlKnUQf7ruaJlMBq08cq0tjWtcmnSzq4SGSSf51ghW9%2FRJ41FJMQAaWRNnkI%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7ac3d213084bb512-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (28)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML