www.malimora.com/fashion/?fashion=https://lkbx.me/rN0N&uid=wuabq6a67nnk6erl2s72o8fc
188.114.96.1200 OK 175 B URL HTTP/1.1 www.malimora.com/fashion/?fashion=https://lkbx.me/rN0N&uid=wuabq6a67nnk6erl2s72o8fc
IP 188.114.96.1:0
File type HTML document, ASCII text, with no line terminators
Hash 8b3ab03f53d4d0b0cc89706803f3c687
42bc7f71187641b1fe7cd51bc9094c325bdbe67c
e7651401d21eea9a62e12f491d87e781de78ebf700a74b0f8d1b4663cdf5658f
GET /fashion/?fashion=https://lkbx.me/rN0N&uid=wuabq6a67nnk6erl2s72o8fc HTTP/1.1
Host: www.malimora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 06:59:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: origin
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpT0SLAEfZKGNHIpcc5zrKlbCY586KrEmMSy2NsZxThXYWro%2B77hTL%2BGB6WyaFHMUirOkSc2T4VZwVzPOHPf2QQo5GtvNFcM1vNtG%2FiFc7RbpZwEK8u44NoMRGFdOmjXspuA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 788402d459c2b50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e6b7a72139d0ef7688330456e9be9a4c
e130a94e7d531768300071764dd1e81fee5bbbcb
d3818afd1493030105341b4cfb91037acbf27085c96068b3ef91c5071277c8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3818AFD1493030105341B4CFB91037ACBF27085C96068B3EF91C5071277C8E5"
Last-Modified: Mon, 09 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7317
Expires: Thu, 12 Jan 2023 09:01:40 GMT
Date: Thu, 12 Jan 2023 06:59:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4826412809ac0196f13ac1ef44e357e5
793c81d2f90cfaa245dc89fc7a6090cbee846b26
11be07342f3aa4e059ddc3149337895d55bc71e30ad045dc72e4cca4be4c6951
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11BE07342F3AA4E059DDC3149337895D55BC71E30AD045DC72E4CCA4BE4C6951"
Last-Modified: Wed, 11 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19126
Expires: Thu, 12 Jan 2023 12:18:29 GMT
Date: Thu, 12 Jan 2023 06:59:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 12 Jan 2023 06:41:50 GMT
content-type: application/json
age: 1073
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 718fc486cd6a70fcacc1653759703fae
bf60ba7a37d2deef1b7000e91cc88da586bb75ca
398d02e16da466ffe87b64ac34b007615951cca14d43610b4acd58bc2a5fadff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "398D02E16DA466FFE87B64AC34B007615951CCA14D43610B4ACD58BC2A5FADFF"
Last-Modified: Tue, 10 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19341
Expires: Thu, 12 Jan 2023 12:22:04 GMT
Date: Thu, 12 Jan 2023 06:59:43 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 12 Jan 2023 06:59:43 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: H8FZdgOo2K44DtHsAap39BlxBYRnMMZXnyz8cJgySPD3Q51RryOPc6kmwIfwq25wVLSsN2MjrWU=
x-amz-request-id: B8Q9QYFQA0BHBE2X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 12 Jan 2023 06:02:23 GMT
age: 3440
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.malimora.com/fashion/?fashion=https://lkbx.me/rN0N&uid=wuabq6a67nnk6erl2s72o8fc&tg_s=mr1&tg_rid=63bfafdf70894371277466
188.114.96.1302 Found 0 B URL HTTP/1.1 www.malimora.com/fashion/?fashion=https://lkbx.me/rN0N&uid=wuabq6a67nnk6erl2s72o8fc&tg_s=mr1&tg_rid=63bfafdf70894371277466
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fashion/?fashion=https://lkbx.me/rN0N&uid=wuabq6a67nnk6erl2s72o8fc&tg_s=mr1&tg_rid=63bfafdf70894371277466 HTTP/1.1
Host: www.malimora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 12 Jan 2023 06:59:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: origin
Location: https://lkbx.me/rN0N?uid=wuabq6a67nnk6erl2s72o8fc
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEPoan8tG1TXxoQGgm9l%2FJXiPT2RaCIP5mVZInaugc9iMCztnAjR0WH31FyJKJ4580tiViVPk3%2F%2Bfmbr3weGIEvOFYNzFA4ufB%2B9M5Y%2BFjbkfU2S0unNSupzu2WCqOVtba1Z"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 788402d67c9bb50f-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 12 Jan 2023 06:17:24 GMT
age: 2540
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ce604e6f88a42844a4ec7d404879bdcf
d462a2a194a67d39d091ff49c4435fdfc39b3e5b
9e0222bcc67f019bb5c61657fc921fc42aa0cd7a75f6b1358d05231c53cc26e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2131
Cache-Control: max-age=96157
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:44 GMT
Etag: "63be7c2a-1d7"
Expires: Fri, 13 Jan 2023 09:42:21 GMT
Last-Modified: Wed, 11 Jan 2023 09:06:50 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ed896b9484a711069e088081ea4bbbd4
53617dfa894f3ba85411b28bde3cb128ec6253d9
57fd9e7f9db0b3df6aaab35957616dd373a0f55c61946a850fc2606ba72b20aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:44 GMT
Etag: "63bdb47c-1d7"
Server: ECS (amb/6B76)
Content-Length: 471
push.services.mozilla.com/
35.166.82.242101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.166.82.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2YOW3ROgDV7vdTCbOZjZ0g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6wVYpCalrnoWUxLhCo94j+eP1lU=
www.awin1.com/cread.php?pref1=netcraftdigital.com%2F&awinmid=20923&awinaffid=685769&clickref=lb_fzzdex&p=https%3A%2F%2Fwww.xero.com%2Fuk%2F
2.21.192.211302 Moved Temporarily 0 B URL HTTP/1.1 www.awin1.com/cread.php?pref1=netcraftdigital.com%2F&awinmid=20923&awinaffid=685769&clickref=lb_fzzdex&p=https%3A%2F%2Fwww.xero.com%2Fuk%2F
IP 2.21.192.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cread.php?pref1=netcraftdigital.com%2F&awinmid=20923&awinaffid=685769&clickref=lb_fzzdex&p=https%3A%2F%2Fwww.xero.com%2Fuk%2F HTTP/1.1
Host: www.awin1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lkbx.me/
Cookie: bId=HLEX_628f00ae0f3690.47151114
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Allow: GET
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date: Thu, 12 Jan 2023 06:59:44 GMT
Connection: keep-alive
Set-Cookie: aw20923=685769|0|0|1673506784|lb_fzzdex|aw|0;domain=.awin1.com;path=/;expires=Saturday, 11-Feb-2023 06:59:44 UTC;Secure;SameSite=None
bId=HLEX_628f00ae0f3690.47151114;domain=.awin1.com;path=/;expires=Friday, 12-Jan-2024 06:59:44 UTC;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3549
Expires: Thu, 12 Jan 2023 07:58:54 GMT
Date: Thu, 12 Jan 2023 06:59:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3549
Expires: Thu, 12 Jan 2023 07:58:54 GMT
Date: Thu, 12 Jan 2023 06:59:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3549
Expires: Thu, 12 Jan 2023 07:58:54 GMT
Date: Thu, 12 Jan 2023 06:59:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f7ca4e6-30ce-4176-bdc0-c1c768327a5a.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f7ca4e6-30ce-4176-bdc0-c1c768327a5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5be19dbab0e6de72252ad1d0a918d14
dcaad5032b156502921ee6dd453ad9d6b94eceb7
cc359e0142be054d7fc5af545b0368e44a3f8f257aa8306cac903cc3ff7a3f64
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f7ca4e6-30ce-4176-bdc0-c1c768327a5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7572
x-amzn-requestid: e59fc954-0f07-43fd-bc9e-be0a6dbe0055
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPMAHpSIAMFc4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2be6-23038d0606616ad81dbd2de5;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:36:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K2UG8x2jCqfne8ZL7KyAvZf9eR33ye8BYSIevjQmu3c_Y_a19f3sgA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:51:55 GMT
age: 32870
etag: "dcaad5032b156502921ee6dd453ad9d6b94eceb7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd67c69ca-9ec6-4bbe-a3f5-c93dbd41ee8a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd67c69ca-9ec6-4bbe-a3f5-c93dbd41ee8a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bfaede0ec5c1894fa3d84aa518808a3b
aa818e5d8f177ac9b0ca2b024ea4e0f4fec8addd
55bc21364fec1b7a804be3cc2e15b8dbac2a57db91fe205dabe4bbd07d406b71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd67c69ca-9ec6-4bbe-a3f5-c93dbd41ee8a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11106
x-amzn-requestid: 66b715d8-a0aa-4145-839d-6426dab9246e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emB6WFDhIAMFZCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf16a8-0e4208857ce369c152511b28;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 20:06:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TgrJkTOrN4fvxCVLoUPtd7e5fqqG58xFkY6kHD0AFoqdBzq19QadKA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 00:39:41 GMT
age: 22804
etag: "aa818e5d8f177ac9b0ca2b024ea4e0f4fec8addd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e59b65e-133d-4564-94e3-e913d5a394ac.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e59b65e-133d-4564-94e3-e913d5a394ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c49e1d8385d23251cbd4ac2574545982
f283baf033327519c05c725f2319b9465f29b1d6
dc91b181ea0e78ff27bbac3e80f3f937fe9f067ef417f02fe0095ef10fdcd1d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e59b65e-133d-4564-94e3-e913d5a394ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10382
x-amzn-requestid: a9fc1c50-7606-46cb-b49e-62e765d0c88f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPC9GLfIAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2bac-3cbf968a6447542b6c931ac0;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:35:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XCcge2Ruz-j01PJpHpnOuCiaH8OQYiQjh-IQaQ18e875_qfgqzXzGw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:55:02 GMT
age: 32683
etag: "f283baf033327519c05c725f2319b9465f29b1d6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb89a11a1dca9a2924adf7e3712c6405
a881a7d88f08035b9e045f2bf73a4d9fabc640a0
8a0c9f295dd30123847eaed0ba8d4e7c2c6dea8b9c645fc70cdcb4fa8c082ee4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10579
x-amzn-requestid: 8760acae-f770-45e2-9639-53967ef1cdb2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPDWET4oAMFo-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2bae-153ebb3e4ec7d5045529ce0a;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:35:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FC9xd9brDeAOtHjXnkpSO0IOX1rLjGRVkuBguuwJ2xFDTq0x9-QtaQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:55:02 GMT
age: 32683
etag: "a881a7d88f08035b9e045f2bf73a4d9fabc640a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3827565b-0aea-4783-8036-edcf552d7427.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3827565b-0aea-4783-8036-edcf552d7427.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c6730c9fc73d829a0aa5583ea6cb28e
100e42d0224854635006b019a72cf68605e160f8
d29dee0111a6f8e75b0d0855fbfaaf72ff10417789154310729550ce74f06949
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3827565b-0aea-4783-8036-edcf552d7427.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8281
x-amzn-requestid: 9b572c46-926c-448d-a3ba-9b0eb18b31d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: egZ-cETQIAMFfQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bcd6c2-65bb767e6828f36b003713b6;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 03:08:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -sUnrh2FxnLkmbd6GyzVcO3gx2fEsoivq0udfND72o27LG1LwxzQGQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 04:18:16 GMT
age: 9689
etag: "100e42d0224854635006b019a72cf68605e160f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3573ee52-2f26-4d59-9c6b-3058a2df51d2.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3573ee52-2f26-4d59-9c6b-3058a2df51d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e14b05e7ffee91a3d54c4bf971fd19ca
90c6426313c98d437ca66e6ba674ba11e419a9d8
9c7bb1fc835615913bb99f2291759893331529d02577dd8f6d3c7357b9ee704f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3573ee52-2f26-4d59-9c6b-3058a2df51d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9652
x-amzn-requestid: bc619a58-6d22-4bfb-aced-5e7fd4572e20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPNlFmyoAMFVMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2bf0-10dc7a496df5d3971fe29eae;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:36:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: j4siXzGNe7eD-6IQZ1ewJIQJhGPusgnESKx0uV2R4xAJ1WBPYNfuFg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:54:10 GMT
age: 32735
etag: "90c6426313c98d437ca66e6ba674ba11e419a9d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.xero.com/_sec/cp_challenge/sec-3-8.css
104.110.12.226200 OK 626 B URL HTTP/2 www.xero.com/_sec/cp_challenge/sec-3-8.css
IP 104.110.12.226:0
File type ASCII text, with very long lines (609)
Hash ec0bdfd1860e1725d0b3b228112c2d4b
0cf48801ca53236e2dc0754736a016808e017a85
8cc346ef6338f55f6f4e854bb96b59c327ad36d4100a75bca588aac83937e67c
GET /_sec/cp_challenge/sec-3-8.css HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Jul 2022 16:26:53 GMT
etag: "5414e8605a62a0edec16ecf55619530cfc0ecf4f42e239dfbac2725f17ca5dec"
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
content-length: 626
cache-control: max-age=77490
expires: Fri, 13 Jan 2023 04:31:17 GMT
date: Thu, 12 Jan 2023 06:59:47 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-origin: *
akamai-grn: 0.af4d2417.1673506787.1ef70063
X-Firefox-Spdy: h2
www.xero.com/iR3GaEPgk/eG4jRQNGQ/iNrYSfp2r7ua/E0B3bzkhJAE/Yl8gfCk/wE14
104.110.12.226200 OK 76 kB URL HTTP/2 www.xero.com/iR3GaEPgk/eG4jRQNGQ/iNrYSfp2r7ua/E0B3bzkhJAE/Yl8gfCk/wE14
IP 104.110.12.226:0
Hash 7f91879945519022eb46e87d31f60f94
651ce86d1ac656c4f6b4b786494d28655b11b78d
1db5c1279b9336fb78c0519c47d824fd7f2310c80ad668c0b853af06b7749716
GET /iR3GaEPgk/eG4jRQNGQ/iNrYSfp2r7ua/E0B3bzkhJAE/Yl8gfCk/wE14 HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 05 Dec 2022 18:21:47 GMT
etag: "e2e9f08a8a39054b0812211f94b53d1e260799a140be02525091e6bd0c34c27d"
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
expires: Wed, 08 Feb 2023 10:28:41 GMT
date: Thu, 12 Jan 2023 06:59:47 GMT
content-length: 75490
cache-control: max-age=21600
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-origin: *
akamai-grn: 0.af4d2417.1673506787.1ef70062
link: <https://www.xero.com/_sec/cp_challenge/sec-3-8.css>; rel=preload; as=style, <https://www.xero.com/_sec/cp_challenge/sec-cpt-3-8.js>; rel=preload; as=script, <https://www.xero.com/iR3GaEPgk/eG4jRQNGQ/iNrYSfp2r7ua/E0B3bzkhJAE/Yl8gfCk/wE14>; rel=preload; as=script
set-cookie: _abck=0B3172FD68CCE21DD96DAEFAEFCF4FE5~-1~YAAQr00kF2VqTBqFAQAAWRLHpAk+ZgfBmGWG4nr7D0m7ty5P3FcgWDIjpyPY8kHrqiz3jjEnuxvlG6vl0YZl6kZKAnQxGDt+FFn+xv9e/m2jk6ZtgtGY5sxASdKfE1ogS/W+IqH67KwOgfX1c1hN9XOABG3xIWTbMvR6KXKKhEP7xGDOWXX+IH6VZxvvwxFKPJqf2twq1pxW1TqOJG+D+yw6qTOVXxsNuPOBvObmipTODjHH035ymSW4B1+gS83npaA4BLgR8UhQFjoiXM8z5tKR5Ws6k56tlh/PnBBaF8wOFttyZpA6mEwmA37WnijpCzq0z/WVnXFxTtELXc7KLBBZb3c8gA7U8L77eCW8leVwdWdONfHQwQUXog==~-1~-1~-1; Domain=.xero.com; Path=/; Expires=Fri, 12 Jan 2024 06:59:47 GMT; Max-Age=31536000; Secure
bm_sz=9F670F96CFA14EAE1E301C71FAF0DD59~YAAQr00kF2ZqTBqFAQAAWRLHpBKTbEC50okz61ed5+osAkNloBn7mMpq38lECVt3gmS2iUY4fIHyzak+VYYYJGQjYpLAYHeDy1O4U4wrqA/NudPE3RE2wBpZN0bST/UftaXMZI+c9b+AR7QsWWs6ZcFn9L9GYp04rlw1F51ynx5+3a798UV/3biZDkqM89KWNPK3HydMu+o/aa7IU1dm+XD5AO8rthx7Uhg+NqbV8TcO97LvPWWfhP+BfUBO79z4b6HryUcdCCIOykHCtq0R/GxA1bXq1HJTNFNXECjXppVj~3553604~3420472; Domain=.xero.com; Path=/; Expires=Thu, 12 Jan 2023 10:59:47 GMT; Max-Age=14400
X-Firefox-Spdy: h2
www.xero.com/_sec/cp_challenge/sec-cpt-3-8.js
104.110.12.226200 OK 3.7 kB URL HTTP/2 www.xero.com/_sec/cp_challenge/sec-cpt-3-8.js
IP 104.110.12.226:0
File type ASCII text, with very long lines (10670), with no line terminators
Hash 138680c93898e06f4beba5d117803da6
ba3620b039cf9e0d983760ae17e784f7f3bf15ea
e1497b53e02dcbdac598ec2a6ec667d28cfe2837d00026e97433c27d0cb296d9
GET /_sec/cp_challenge/sec-cpt-3-8.js HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 19 Jul 2022 16:26:56 GMT
etag: "f059fba7f6085cedb2c452ab600153ca152a9375ab403389af715807c55fe7a9"
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 3747
cache-control: max-age=41693
expires: Thu, 12 Jan 2023 18:34:40 GMT
date: Thu, 12 Jan 2023 06:59:47 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-origin: *
akamai-grn: 0.af4d2417.1673506787.1ef70064
X-Firefox-Spdy: h2
www.xero.com/content/dam/xero/pilot-images/campaign/active-campaigns/uk-healthy-business-hero-new.1646877481880.png
104.110.12.226200 OK 151 kB URL HTTP/2 www.xero.com/content/dam/xero/pilot-images/campaign/active-campaigns/uk-healthy-business-hero-new.1646877481880.png
IP 104.110.12.226:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 151 kB (151436 bytes)
Hash 6c041f11c8ef1a5bbb3886340fdb2a76
611f3e13276aba3d30718c66526825e2b5517f58
4424363f44b42d25f6a2f33d5ff618bf224f9eb07bc90a8e8ec1501f5a99fc2d
GET /content/dam/xero/pilot-images/campaign/active-campaigns/uk-healthy-business-hero-new.1646877481880.png HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: "79a8b-5d9d38af21100"
last-modified: Wed, 05 Oct 2022 00:16:41 GMT
server: Akamai Image Manager
x-serial: 940
x-check-cacheable: YES
content-length: 151436
content-type: image/webp
cache-control: no-transform, max-age=31536000
expires: Fri, 12 Jan 2024 06:59:47 GMT
date: Thu, 12 Jan 2023 06:59:47 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=9
access-control-allow-origin: *
akamai-grn: 0.af4d2417.1673506787.1ef70065
X-Firefox-Spdy: h2
s.go-mpulse.net/boomerang/DXWKX-5MGMF-RCUC3-85Q7G-8PZ8A
23.38.200.138200 OK 50 kB URL HTTP/2 s.go-mpulse.net/boomerang/DXWKX-5MGMF-RCUC3-85Q7G-8PZ8A
IP 23.38.200.138:0
File type C source, ASCII text, with very long lines (65103)
Hash 8991c3ec80ec8fbc41382a55679e3911
8cc8cee91d671038acd9e3ae611517d6801b0909
f55bacd4a20fef96f5c736a912d1947be85c268df18003395e511c1e860e8800
GET /boomerang/DXWKX-5MGMF-RCUC3-85Q7G-8PZ8A HTTP/1.1
Host: s.go-mpulse.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
content-encoding: br
last-modified: Thu, 29 Dec 2022 05:32:00 GMT
timing-allow-origin: *
vary: Accept-Encoding
content-length: 50393
date: Thu, 12 Jan 2023 06:59:47 GMT
X-Firefox-Spdy: h2
www.xero.com/static/1670816147/national2-web-regular.woff2
104.110.12.226200 OK 35 kB URL HTTP/2 www.xero.com/static/1670816147/national2-web-regular.woff2
IP 104.110.12.226:0
File type Web Open Font Format (Version 2), TrueType, length 34825, version 0.0\012- data
Hash 3b08eff4e35f8664f766dc9a9ccb7c65
42de1e6782ee87514139960b03bbe6db664738b8
b84c1765ea7a66d0442154107093e94221c50e0dcedc66a37411e56256cf77ac
GET /static/1670816147/national2-web-regular.woff2 HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Cookie: _abck=0B3172FD68CCE21DD96DAEFAEFCF4FE5~-1~YAAQr00kF2VqTBqFAQAAWRLHpAk+ZgfBmGWG4nr7D0m7ty5P3FcgWDIjpyPY8kHrqiz3jjEnuxvlG6vl0YZl6kZKAnQxGDt+FFn+xv9e/m2jk6ZtgtGY5sxASdKfE1ogS/W+IqH67KwOgfX1c1hN9XOABG3xIWTbMvR6KXKKhEP7xGDOWXX+IH6VZxvvwxFKPJqf2twq1pxW1TqOJG+D+yw6qTOVXxsNuPOBvObmipTODjHH035ymSW4B1+gS83npaA4BLgR8UhQFjoiXM8z5tKR5Ws6k56tlh/PnBBaF8wOFttyZpA6mEwmA37WnijpCzq0z/WVnXFxTtELXc7KLBBZb3c8gA7U8L77eCW8leVwdWdONfHQwQUXog==~-1~-1~-1; bm_sz=9F670F96CFA14EAE1E301C71FAF0DD59~YAAQr00kF2ZqTBqFAQAAWRLHpBKTbEC50okz61ed5+osAkNloBn7mMpq38lECVt3gmS2iUY4fIHyzak+VYYYJGQjYpLAYHeDy1O4U4wrqA/NudPE3RE2wBpZN0bST/UftaXMZI+c9b+AR7QsWWs6ZcFn9L9GYp04rlw1F51ynx5+3a798UV/3biZDkqM89KWNPK3HydMu+o/aa7IU1dm+XD5AO8rthx7Uhg+NqbV8TcO97LvPWWfhP+BfUBO79z4b6HryUcdCCIOykHCtq0R/GxA1bXq1HJTNFNXECjXppVj~3553604~3420472
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 3AVjL2NBcGRkZ7jHP7aI61dha9raPjLKkIQs/SQkTCUJ2FBunL0vd2A4etb5Oli+hElLWXl3/EI=
x-amz-request-id: TQXG0FWB55D6N5PJ
last-modified: Mon, 12 Dec 2022 04:04:10 GMT
etag: "3b08eff4e35f8664f766dc9a9ccb7c65"
accept-ranges: bytes
content-type: font/woff2
server: AmazonS3
content-length: 34825
cache-control: max-age=31536000
expires: Fri, 12 Jan 2024 06:59:48 GMT
date: Thu, 12 Jan 2023 06:59:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-origin: *
akamai-grn: 0.af4d2417.1673506788.1ef70075
X-Firefox-Spdy: h2
www.xero.com/static/1670816147/national2-web-bold.woff2
104.110.12.226200 OK 38 kB URL HTTP/2 www.xero.com/static/1670816147/national2-web-bold.woff2
IP 104.110.12.226:0
File type Web Open Font Format (Version 2), TrueType, length 37657, version 0.0\012- data
Hash 92dd62b0e9f8dcdf994cd07cbe7b543d
7a7cb6dd9200f42ac3b199d23aa6f023e2392dc8
a4edd0473c8a5002953f7fa4c7ac3fce78dfa8f94432fd389194d8db3211c49c
GET /static/1670816147/national2-web-bold.woff2 HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Cookie: _abck=0B3172FD68CCE21DD96DAEFAEFCF4FE5~-1~YAAQr00kF2VqTBqFAQAAWRLHpAk+ZgfBmGWG4nr7D0m7ty5P3FcgWDIjpyPY8kHrqiz3jjEnuxvlG6vl0YZl6kZKAnQxGDt+FFn+xv9e/m2jk6ZtgtGY5sxASdKfE1ogS/W+IqH67KwOgfX1c1hN9XOABG3xIWTbMvR6KXKKhEP7xGDOWXX+IH6VZxvvwxFKPJqf2twq1pxW1TqOJG+D+yw6qTOVXxsNuPOBvObmipTODjHH035ymSW4B1+gS83npaA4BLgR8UhQFjoiXM8z5tKR5Ws6k56tlh/PnBBaF8wOFttyZpA6mEwmA37WnijpCzq0z/WVnXFxTtELXc7KLBBZb3c8gA7U8L77eCW8leVwdWdONfHQwQUXog==~-1~-1~-1; bm_sz=9F670F96CFA14EAE1E301C71FAF0DD59~YAAQr00kF2ZqTBqFAQAAWRLHpBKTbEC50okz61ed5+osAkNloBn7mMpq38lECVt3gmS2iUY4fIHyzak+VYYYJGQjYpLAYHeDy1O4U4wrqA/NudPE3RE2wBpZN0bST/UftaXMZI+c9b+AR7QsWWs6ZcFn9L9GYp04rlw1F51ynx5+3a798UV/3biZDkqM89KWNPK3HydMu+o/aa7IU1dm+XD5AO8rthx7Uhg+NqbV8TcO97LvPWWfhP+BfUBO79z4b6HryUcdCCIOykHCtq0R/GxA1bXq1HJTNFNXECjXppVj~3553604~3420472
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-amz-id-2: WhGYu8D3UQwAN4gg5tJmVpUOKw/Tj96LyU8YiQub9EcrUidd9xFBc+U1YpdejuNFtflh8eOrmf0=
x-amz-request-id: TQXGHBNXRWYRGH76
last-modified: Mon, 12 Dec 2022 04:04:10 GMT
etag: "92dd62b0e9f8dcdf994cd07cbe7b543d"
accept-ranges: bytes
content-type: font/woff2
server: AmazonS3
content-length: 37657
cache-control: max-age=31536000
expires: Fri, 12 Jan 2024 06:59:48 GMT
date: Thu, 12 Jan 2023 06:59:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-origin: *
akamai-grn: 0.af4d2417.1673506788.1ef70076
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 65f0c0830d6be2391df2dd2bbbf75794
264ed8ddd824620623aef3d5f68b2c027bd356a6
22ba0a0556a92482dfb6f2664d15fda8faa0768b4abfe327e530e3c90b721cd5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-M5JB2B5
142.250.74.168200 OK 106 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M5JB2B5
IP 142.250.74.168:0
File type ASCII text, with very long lines (54141)
Size 106 kB (105858 bytes)
Hash d5da919f24a6f82858782d10ed273141
1e70dc2d8600a87fb94d57b26eb2401f78003c55
d7920b13f5867c7361706e7a159c591584b86d93b5e4c0bccd1fd9faac22b0f3
GET /gtm.js?id=GTM-M5JB2B5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 12 Jan 2023 06:59:48 GMT
expires: Thu, 12 Jan 2023 06:59:48 GMT
cache-control: private, max-age=900
last-modified: Thu, 12 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 105858
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.xero.com/content/dam/xero/pilot-images/features/pay-bills/Bills_thumb.1646877462710.jpg
104.110.12.226200 OK 14 kB URL HTTP/2 www.xero.com/content/dam/xero/pilot-images/features/pay-bills/Bills_thumb.1646877462710.jpg
IP 104.110.12.226:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1154x1154, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c7dfcbfaab1b92a072c4c6318aca1ef7
f743ecf9ad2cd5d8ca3efcfb96a5de4fc5e84175
fb2b94e9ad0c138bb6d176a6d712342bfb6b085d7df7f26cbb5667c5f8064296
GET /content/dam/xero/pilot-images/features/pay-bills/Bills_thumb.1646877462710.jpg HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Cookie: _abck=0B3172FD68CCE21DD96DAEFAEFCF4FE5~-1~YAAQr00kF2VqTBqFAQAAWRLHpAk+ZgfBmGWG4nr7D0m7ty5P3FcgWDIjpyPY8kHrqiz3jjEnuxvlG6vl0YZl6kZKAnQxGDt+FFn+xv9e/m2jk6ZtgtGY5sxASdKfE1ogS/W+IqH67KwOgfX1c1hN9XOABG3xIWTbMvR6KXKKhEP7xGDOWXX+IH6VZxvvwxFKPJqf2twq1pxW1TqOJG+D+yw6qTOVXxsNuPOBvObmipTODjHH035ymSW4B1+gS83npaA4BLgR8UhQFjoiXM8z5tKR5Ws6k56tlh/PnBBaF8wOFttyZpA6mEwmA37WnijpCzq0z/WVnXFxTtELXc7KLBBZb3c8gA7U8L77eCW8leVwdWdONfHQwQUXog==~-1~-1~-1; bm_sz=9F670F96CFA14EAE1E301C71FAF0DD59~YAAQr00kF2ZqTBqFAQAAWRLHpBKTbEC50okz61ed5+osAkNloBn7mMpq38lECVt3gmS2iUY4fIHyzak+VYYYJGQjYpLAYHeDy1O4U4wrqA/NudPE3RE2wBpZN0bST/UftaXMZI+c9b+AR7QsWWs6ZcFn9L9GYp04rlw1F51ynx5+3a798UV/3biZDkqM89KWNPK3HydMu+o/aa7IU1dm+XD5AO8rthx7Uhg+NqbV8TcO97LvPWWfhP+BfUBO79z4b6HryUcdCCIOykHCtq0R/GxA1bXq1HJTNFNXECjXppVj~3553604~3420472
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: "c6e09-5d9d389d02640"
last-modified: Thu, 17 Mar 2022 22:33:44 GMT
server: Akamai Image Manager
x-datastream-cache-status: 1
content-length: 13622
content-type: image/webp
cache-control: no-transform, max-age=31536000
expires: Fri, 12 Jan 2024 06:59:48 GMT
date: Thu, 12 Jan 2023 06:59:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=35
access-control-allow-origin: *
akamai-grn: 0.af4d2417.1673506788.1ef7007c
X-Firefox-Spdy: h2
www.xero.com/content/dam/xero/pilot-images/features/sales-tax/VAT-thumb.1646877485337.jpg
104.110.12.226200 OK 37 kB URL HTTP/2 www.xero.com/content/dam/xero/pilot-images/features/sales-tax/VAT-thumb.1646877485337.jpg
IP 104.110.12.226:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1154x1154, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 97e226bdd006e2320d5e6c1f10a0e8c1
c79713fea60c3738062ee35c7e5de07e697e5769
c125a41e1613dd8be7abfbf52e8eda48ee90fa21ba44ee204641938c8c1daacc
GET /content/dam/xero/pilot-images/features/sales-tax/VAT-thumb.1646877485337.jpg HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Cookie: _abck=0B3172FD68CCE21DD96DAEFAEFCF4FE5~-1~YAAQr00kF2VqTBqFAQAAWRLHpAk+ZgfBmGWG4nr7D0m7ty5P3FcgWDIjpyPY8kHrqiz3jjEnuxvlG6vl0YZl6kZKAnQxGDt+FFn+xv9e/m2jk6ZtgtGY5sxASdKfE1ogS/W+IqH67KwOgfX1c1hN9XOABG3xIWTbMvR6KXKKhEP7xGDOWXX+IH6VZxvvwxFKPJqf2twq1pxW1TqOJG+D+yw6qTOVXxsNuPOBvObmipTODjHH035ymSW4B1+gS83npaA4BLgR8UhQFjoiXM8z5tKR5Ws6k56tlh/PnBBaF8wOFttyZpA6mEwmA37WnijpCzq0z/WVnXFxTtELXc7KLBBZb3c8gA7U8L77eCW8leVwdWdONfHQwQUXog==~-1~-1~-1; bm_sz=9F670F96CFA14EAE1E301C71FAF0DD59~YAAQr00kF2ZqTBqFAQAAWRLHpBKTbEC50okz61ed5+osAkNloBn7mMpq38lECVt3gmS2iUY4fIHyzak+VYYYJGQjYpLAYHeDy1O4U4wrqA/NudPE3RE2wBpZN0bST/UftaXMZI+c9b+AR7QsWWs6ZcFn9L9GYp04rlw1F51ynx5+3a798UV/3biZDkqM89KWNPK3HydMu+o/aa7IU1dm+XD5AO8rthx7Uhg+NqbV8TcO97LvPWWfhP+BfUBO79z4b6HryUcdCCIOykHCtq0R/GxA1bXq1HJTNFNXECjXppVj~3553604~3420472
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: "ec22c-5d9d38ab50800"
last-modified: Tue, 22 Mar 2022 04:53:55 GMT
server: Akamai Image Manager
x-serial: 1582
x-check-cacheable: YES
x-datastream-cache-status: 1
content-length: 36738
content-type: image/webp
cache-control: no-transform, max-age=31536000
expires: Fri, 12 Jan 2024 06:59:48 GMT
date: Thu, 12 Jan 2023 06:59:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=25
access-control-allow-origin: *
akamai-grn: 0.af4d2417.1673506788.1ef7007e
X-Firefox-Spdy: h2
www.xero.com/content/dam/xero/pilot-images/features/expenses/Expenses_thumb.1646877463820.jpg
104.110.12.226200 OK 47 kB URL HTTP/2 www.xero.com/content/dam/xero/pilot-images/features/expenses/Expenses_thumb.1646877463820.jpg
IP 104.110.12.226:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1154x1154, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 179f81795a9b4d434be2b29e5981741e
9e9d1110addf614b9ff6c103b09a21b93a76cbcb
e8d540289cee1665e9fe8bf691a7512758c047b905c51deb3ac9d4890d53e138
GET /content/dam/xero/pilot-images/features/expenses/Expenses_thumb.1646877463820.jpg HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Cookie: _abck=0B3172FD68CCE21DD96DAEFAEFCF4FE5~-1~YAAQr00kF2VqTBqFAQAAWRLHpAk+ZgfBmGWG4nr7D0m7ty5P3FcgWDIjpyPY8kHrqiz3jjEnuxvlG6vl0YZl6kZKAnQxGDt+FFn+xv9e/m2jk6ZtgtGY5sxASdKfE1ogS/W+IqH67KwOgfX1c1hN9XOABG3xIWTbMvR6KXKKhEP7xGDOWXX+IH6VZxvvwxFKPJqf2twq1pxW1TqOJG+D+yw6qTOVXxsNuPOBvObmipTODjHH035ymSW4B1+gS83npaA4BLgR8UhQFjoiXM8z5tKR5Ws6k56tlh/PnBBaF8wOFttyZpA6mEwmA37WnijpCzq0z/WVnXFxTtELXc7KLBBZb3c8gA7U8L77eCW8leVwdWdONfHQwQUXog==~-1~-1~-1; bm_sz=9F670F96CFA14EAE1E301C71FAF0DD59~YAAQr00kF2ZqTBqFAQAAWRLHpBKTbEC50okz61ed5+osAkNloBn7mMpq38lECVt3gmS2iUY4fIHyzak+VYYYJGQjYpLAYHeDy1O4U4wrqA/NudPE3RE2wBpZN0bST/UftaXMZI+c9b+AR7QsWWs6ZcFn9L9GYp04rlw1F51ynx5+3a798UV/3biZDkqM89KWNPK3HydMu+o/aa7IU1dm+XD5AO8rthx7Uhg+NqbV8TcO97LvPWWfhP+BfUBO79z4b6HryUcdCCIOykHCtq0R/GxA1bXq1HJTNFNXECjXppVj~3553604~3420472
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: "2e23c-5ba4bb1272740"
last-modified: Mon, 04 Apr 2022 22:37:40 GMT
server: Akamai Image Manager
x-datastream-cache-status: 1
content-length: 46848
content-type: image/webp
cache-control: no-transform, max-age=31536000
expires: Fri, 12 Jan 2024 06:59:48 GMT
date: Thu, 12 Jan 2023 06:59:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=15
access-control-allow-origin: *
akamai-grn: 0.af4d2417.1673506788.1ef7007f
X-Firefox-Spdy: h2
www.xero.com/content/dam/xero/pilot-images/admin/icons/social-media/youtube-icon.svg
104.110.12.226200 OK 660 B URL HTTP/2 www.xero.com/content/dam/xero/pilot-images/admin/icons/social-media/youtube-icon.svg
IP 104.110.12.226:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1265)
Hash 2ac9519bdbf1539962fd065a57846688
b98a30d1c554980db029ff14840b971d55fea198
27ec31049dba7e27bee40e806daf3ec9dd78f1f10cf5d4762a5e651d5bee996c
GET /content/dam/xero/pilot-images/admin/icons/social-media/youtube-icon.svg HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Cookie: _abck=0B3172FD68CCE21DD96DAEFAEFCF4FE5~-1~YAAQr00kF2VqTBqFAQAAWRLHpAk+ZgfBmGWG4nr7D0m7ty5P3FcgWDIjpyPY8kHrqiz3jjEnuxvlG6vl0YZl6kZKAnQxGDt+FFn+xv9e/m2jk6ZtgtGY5sxASdKfE1ogS/W+IqH67KwOgfX1c1hN9XOABG3xIWTbMvR6KXKKhEP7xGDOWXX+IH6VZxvvwxFKPJqf2twq1pxW1TqOJG+D+yw6qTOVXxsNuPOBvObmipTODjHH035ymSW4B1+gS83npaA4BLgR8UhQFjoiXM8z5tKR5Ws6k56tlh/PnBBaF8wOFttyZpA6mEwmA37WnijpCzq0z/WVnXFxTtELXc7KLBBZb3c8gA7U8L77eCW8leVwdWdONfHQwQUXog==~-1~-1~-1; bm_sz=9F670F96CFA14EAE1E301C71FAF0DD59~YAAQr00kF2ZqTBqFAQAAWRLHpBKTbEC50okz61ed5+osAkNloBn7mMpq38lECVt3gmS2iUY4fIHyzak+VYYYJGQjYpLAYHeDy1O4U4wrqA/NudPE3RE2wBpZN0bST/UftaXMZI+c9b+AR7QsWWs6ZcFn9L9GYp04rlw1F51ynx5+3a798UV/3biZDkqM89KWNPK3HydMu+o/aa7IU1dm+XD5AO8rthx7Uhg+NqbV8TcO97LvPWWfhP+BfUBO79z4b6HryUcdCCIOykHCtq0R/GxA1bXq1HJTNFNXECjXppVj~3553604~3420472
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment; filename="youtube-icon.svg"
content-encoding: gzip
content-type: image/svg+xml
etag: "56c-5d9d3906de000-gzip"
last-modified: Thu, 10 Mar 2022 01:59:28 GMT
server: Apache
vary: Accept-Encoding
x-content-type-options: nosniff
x-dispatcher: dispatcher2uswest2
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 660
cache-control: max-age=2713
expires: Thu, 12 Jan 2023 07:45:01 GMT
date: Thu, 12 Jan 2023 06:59:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=128
access-control-allow-origin: *
akamai-grn: 0.af4d2417.1673506787.1ef70069
link: <https://www.xero.com/_sec/cp_challenge/sec-3-8.css>; rel=preload; as=style, <https://www.xero.com/_sec/cp_challenge/sec-cpt-3-8.js>; rel=preload; as=script, <https://www.xero.com/iR3GaEPgk/eG4jRQNGQ/iNrYSfp2r7ua/E0B3bzkhJAE/Yl8gfCk/wE14>; rel=preload; as=script
X-Firefox-Spdy: h2
www.xero.com/content/dam/xero/pilot-images/features/all-features/all-features-tile.1646877471195.jpg
104.110.12.226200 OK 26 kB URL HTTP/2 www.xero.com/content/dam/xero/pilot-images/features/all-features/all-features-tile.1646877471195.jpg
IP 104.110.12.226:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1154x1154, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 595c0975bfeefa5bc8f4942d64fea4a5
8909cff9bd7b1601176addd19fdbdd188a6b3fca
945f043a0c3a63e0a928654803b45555a3ac54708372a2b91cca6f820cad9e63
GET /content/dam/xero/pilot-images/features/all-features/all-features-tile.1646877471195.jpg HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Cookie: _abck=0B3172FD68CCE21DD96DAEFAEFCF4FE5~-1~YAAQr00kF2VqTBqFAQAAWRLHpAk+ZgfBmGWG4nr7D0m7ty5P3FcgWDIjpyPY8kHrqiz3jjEnuxvlG6vl0YZl6kZKAnQxGDt+FFn+xv9e/m2jk6ZtgtGY5sxASdKfE1ogS/W+IqH67KwOgfX1c1hN9XOABG3xIWTbMvR6KXKKhEP7xGDOWXX+IH6VZxvvwxFKPJqf2twq1pxW1TqOJG+D+yw6qTOVXxsNuPOBvObmipTODjHH035ymSW4B1+gS83npaA4BLgR8UhQFjoiXM8z5tKR5Ws6k56tlh/PnBBaF8wOFttyZpA6mEwmA37WnijpCzq0z/WVnXFxTtELXc7KLBBZb3c8gA7U8L77eCW8leVwdWdONfHQwQUXog==~-1~-1~-1; bm_sz=9F670F96CFA14EAE1E301C71FAF0DD59~YAAQr00kF2ZqTBqFAQAAWRLHpBKTbEC50okz61ed5+osAkNloBn7mMpq38lECVt3gmS2iUY4fIHyzak+VYYYJGQjYpLAYHeDy1O4U4wrqA/NudPE3RE2wBpZN0bST/UftaXMZI+c9b+AR7QsWWs6ZcFn9L9GYp04rlw1F51ynx5+3a798UV/3biZDkqM89KWNPK3HydMu+o/aa7IU1dm+XD5AO8rthx7Uhg+NqbV8TcO97LvPWWfhP+BfUBO79z4b6HryUcdCCIOykHCtq0R/GxA1bXq1HJTNFNXECjXppVj~3553604~3420472
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: "da49b-5d9d38a1c7180"
last-modified: Mon, 30 May 2022 15:53:35 GMT
server: Akamai Image Manager
x-serial: 268
x-check-cacheable: YES
content-length: 26458
content-type: image/webp
cache-control: no-transform, max-age=31536000
expires: Fri, 12 Jan 2024 06:59:48 GMT
date: Thu, 12 Jan 2023 06:59:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=4
access-control-allow-origin: *
akamai-grn: 0.af4d2417.1673506788.1ef70080
X-Firefox-Spdy: h2
www.xero.com/content/dam/xero/pilot-images/admin/icons/social-media/instagram-icon.svg
104.110.12.226200 OK 418 B URL HTTP/2 www.xero.com/content/dam/xero/pilot-images/admin/icons/social-media/instagram-icon.svg
IP 104.110.12.226:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (326)
Hash e8f4134a757d321fb8336c1cb79c9771
83e9c997aa9cb2796c7d73b3bc85efdb24e6c77c
21eac25e724ee5e78e29b452aafac7ec9a29f90d8d7d81ba010dac9dac2238c7
GET /content/dam/xero/pilot-images/admin/icons/social-media/instagram-icon.svg HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Cookie: _abck=0B3172FD68CCE21DD96DAEFAEFCF4FE5~-1~YAAQr00kF2VqTBqFAQAAWRLHpAk+ZgfBmGWG4nr7D0m7ty5P3FcgWDIjpyPY8kHrqiz3jjEnuxvlG6vl0YZl6kZKAnQxGDt+FFn+xv9e/m2jk6ZtgtGY5sxASdKfE1ogS/W+IqH67KwOgfX1c1hN9XOABG3xIWTbMvR6KXKKhEP7xGDOWXX+IH6VZxvvwxFKPJqf2twq1pxW1TqOJG+D+yw6qTOVXxsNuPOBvObmipTODjHH035ymSW4B1+gS83npaA4BLgR8UhQFjoiXM8z5tKR5Ws6k56tlh/PnBBaF8wOFttyZpA6mEwmA37WnijpCzq0z/WVnXFxTtELXc7KLBBZb3c8gA7U8L77eCW8leVwdWdONfHQwQUXog==~-1~-1~-1; bm_sz=9F670F96CFA14EAE1E301C71FAF0DD59~YAAQr00kF2ZqTBqFAQAAWRLHpBKTbEC50okz61ed5+osAkNloBn7mMpq38lECVt3gmS2iUY4fIHyzak+VYYYJGQjYpLAYHeDy1O4U4wrqA/NudPE3RE2wBpZN0bST/UftaXMZI+c9b+AR7QsWWs6ZcFn9L9GYp04rlw1F51ynx5+3a798UV/3biZDkqM89KWNPK3HydMu+o/aa7IU1dm+XD5AO8rthx7Uhg+NqbV8TcO97LvPWWfhP+BfUBO79z4b6HryUcdCCIOykHCtq0R/GxA1bXq1HJTNFNXECjXppVj~3553604~3420472
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment; filename="instagram-icon.svg"
content-encoding: gzip
content-type: image/svg+xml
etag: "35c-5d9d3906de000-gzip"
last-modified: Thu, 10 Mar 2022 01:59:28 GMT
server: Apache
vary: Accept-Encoding
x-content-type-options: nosniff
x-dispatcher: dispatcher1uswest2
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 418
cache-control: max-age=1973
expires: Thu, 12 Jan 2023 07:32:41 GMT
date: Thu, 12 Jan 2023 06:59:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=119
access-control-allow-origin: *
akamai-grn: 0.af4d2417.1673506787.1ef7006c
link: <https://www.xero.com/_sec/cp_challenge/sec-3-8.css>; rel=preload; as=style, <https://www.xero.com/_sec/cp_challenge/sec-cpt-3-8.js>; rel=preload; as=script, <https://www.xero.com/iR3GaEPgk/eG4jRQNGQ/iNrYSfp2r7ua/E0B3bzkhJAE/Yl8gfCk/wE14>; rel=preload; as=script
X-Firefox-Spdy: h2
www.xero.com/content/dam/xero/pilot-images/admin/icons/social-media/twitter-icon.svg
104.110.12.226200 OK 609 B URL HTTP/2 www.xero.com/content/dam/xero/pilot-images/admin/icons/social-media/twitter-icon.svg
IP 104.110.12.226:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1013)
Hash eebb63a5ca3a4347b977bbd2a715519e
558f992778c2747b1505731461bbdaa7abdb692c
7d9d4f2a0e6305ac8881378669e4a5033419eae8cd12c4321c65121295fa2af9
GET /content/dam/xero/pilot-images/admin/icons/social-media/twitter-icon.svg HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Cookie: _abck=0B3172FD68CCE21DD96DAEFAEFCF4FE5~-1~YAAQr00kF2VqTBqFAQAAWRLHpAk+ZgfBmGWG4nr7D0m7ty5P3FcgWDIjpyPY8kHrqiz3jjEnuxvlG6vl0YZl6kZKAnQxGDt+FFn+xv9e/m2jk6ZtgtGY5sxASdKfE1ogS/W+IqH67KwOgfX1c1hN9XOABG3xIWTbMvR6KXKKhEP7xGDOWXX+IH6VZxvvwxFKPJqf2twq1pxW1TqOJG+D+yw6qTOVXxsNuPOBvObmipTODjHH035ymSW4B1+gS83npaA4BLgR8UhQFjoiXM8z5tKR5Ws6k56tlh/PnBBaF8wOFttyZpA6mEwmA37WnijpCzq0z/WVnXFxTtELXc7KLBBZb3c8gA7U8L77eCW8leVwdWdONfHQwQUXog==~-1~-1~-1; bm_sz=9F670F96CFA14EAE1E301C71FAF0DD59~YAAQr00kF2ZqTBqFAQAAWRLHpBKTbEC50okz61ed5+osAkNloBn7mMpq38lECVt3gmS2iUY4fIHyzak+VYYYJGQjYpLAYHeDy1O4U4wrqA/NudPE3RE2wBpZN0bST/UftaXMZI+c9b+AR7QsWWs6ZcFn9L9GYp04rlw1F51ynx5+3a798UV/3biZDkqM89KWNPK3HydMu+o/aa7IU1dm+XD5AO8rthx7Uhg+NqbV8TcO97LvPWWfhP+BfUBO79z4b6HryUcdCCIOykHCtq0R/GxA1bXq1HJTNFNXECjXppVj~3553604~3420472
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment; filename="twitter-icon.svg"
content-encoding: gzip
content-type: image/svg+xml
etag: "470-5d9d390ba2b40-gzip"
last-modified: Thu, 10 Mar 2022 01:59:33 GMT
server: Apache
vary: Accept-Encoding
x-content-type-options: nosniff
x-dispatcher: dispatcher2uswest2
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 609
cache-control: max-age=1845
expires: Thu, 12 Jan 2023 07:30:33 GMT
date: Thu, 12 Jan 2023 06:59:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=135
access-control-allow-origin: *
akamai-grn: 0.af4d2417.1673506787.1ef7006b
link: <https://www.xero.com/_sec/cp_challenge/sec-3-8.css>; rel=preload; as=style, <https://www.xero.com/_sec/cp_challenge/sec-cpt-3-8.js>; rel=preload; as=script, <https://www.xero.com/iR3GaEPgk/eG4jRQNGQ/iNrYSfp2r7ua/E0B3bzkhJAE/Yl8gfCk/wE14>; rel=preload; as=script
X-Firefox-Spdy: h2
www.xero.com/content/dam/xero/pilot-images/admin/icons/social-media/facebook-icon.svg
104.110.12.226200 OK 443 B URL HTTP/2 www.xero.com/content/dam/xero/pilot-images/admin/icons/social-media/facebook-icon.svg
IP 104.110.12.226:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (654)
Hash 0a6426313ee66741fcdaca908aa28fb4
fbe789ed81568631b35e21e43a019a9a1229a942
4abe42afd9b4bd6b7d97dac8f0f5eb0a9a55b001c21805388718066a0fe0af94
GET /content/dam/xero/pilot-images/admin/icons/social-media/facebook-icon.svg HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Cookie: _abck=0B3172FD68CCE21DD96DAEFAEFCF4FE5~-1~YAAQr00kF2VqTBqFAQAAWRLHpAk+ZgfBmGWG4nr7D0m7ty5P3FcgWDIjpyPY8kHrqiz3jjEnuxvlG6vl0YZl6kZKAnQxGDt+FFn+xv9e/m2jk6ZtgtGY5sxASdKfE1ogS/W+IqH67KwOgfX1c1hN9XOABG3xIWTbMvR6KXKKhEP7xGDOWXX+IH6VZxvvwxFKPJqf2twq1pxW1TqOJG+D+yw6qTOVXxsNuPOBvObmipTODjHH035ymSW4B1+gS83npaA4BLgR8UhQFjoiXM8z5tKR5Ws6k56tlh/PnBBaF8wOFttyZpA6mEwmA37WnijpCzq0z/WVnXFxTtELXc7KLBBZb3c8gA7U8L77eCW8leVwdWdONfHQwQUXog==~-1~-1~-1; bm_sz=9F670F96CFA14EAE1E301C71FAF0DD59~YAAQr00kF2ZqTBqFAQAAWRLHpBKTbEC50okz61ed5+osAkNloBn7mMpq38lECVt3gmS2iUY4fIHyzak+VYYYJGQjYpLAYHeDy1O4U4wrqA/NudPE3RE2wBpZN0bST/UftaXMZI+c9b+AR7QsWWs6ZcFn9L9GYp04rlw1F51ynx5+3a798UV/3biZDkqM89KWNPK3HydMu+o/aa7IU1dm+XD5AO8rthx7Uhg+NqbV8TcO97LvPWWfhP+BfUBO79z4b6HryUcdCCIOykHCtq0R/GxA1bXq1HJTNFNXECjXppVj~3553604~3420472
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment; filename="facebook-icon.svg"
content-encoding: gzip
content-type: image/svg+xml
etag: "309-5d9d3906de000-gzip"
last-modified: Thu, 10 Mar 2022 01:59:28 GMT
server: Apache
vary: Accept-Encoding
x-content-type-options: nosniff
x-dispatcher: dispatcher2uswest2
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 443
cache-control: max-age=2468
expires: Thu, 12 Jan 2023 07:40:56 GMT
date: Thu, 12 Jan 2023 06:59:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=106
access-control-allow-origin: *
akamai-grn: 0.af4d2417.1673506788.1ef7006e
link: <https://www.xero.com/_sec/cp_challenge/sec-3-8.css>; rel=preload; as=style, <https://www.xero.com/_sec/cp_challenge/sec-cpt-3-8.js>; rel=preload; as=script, <https://www.xero.com/iR3GaEPgk/eG4jRQNGQ/iNrYSfp2r7ua/E0B3bzkhJAE/Yl8gfCk/wE14>; rel=preload; as=script
X-Firefox-Spdy: h2
www.xero.com/content/dam/xero/pilot-images/admin/icons/social-media/linkedin-icon.svg
104.110.12.226200 OK 500 B URL HTTP/2 www.xero.com/content/dam/xero/pilot-images/admin/icons/social-media/linkedin-icon.svg
IP 104.110.12.226:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (838)
Hash 53bd6adb3b628c3b492b6c5fe63b1a66
b2fab75ea42d685921556ac29ec745a3e4132e48
c55fafbfdddc6b23a51714391c8b56e3fe43e8a9edc57c0e8f713b4027f7161d
GET /content/dam/xero/pilot-images/admin/icons/social-media/linkedin-icon.svg HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Cookie: _abck=0B3172FD68CCE21DD96DAEFAEFCF4FE5~-1~YAAQr00kF2VqTBqFAQAAWRLHpAk+ZgfBmGWG4nr7D0m7ty5P3FcgWDIjpyPY8kHrqiz3jjEnuxvlG6vl0YZl6kZKAnQxGDt+FFn+xv9e/m2jk6ZtgtGY5sxASdKfE1ogS/W+IqH67KwOgfX1c1hN9XOABG3xIWTbMvR6KXKKhEP7xGDOWXX+IH6VZxvvwxFKPJqf2twq1pxW1TqOJG+D+yw6qTOVXxsNuPOBvObmipTODjHH035ymSW4B1+gS83npaA4BLgR8UhQFjoiXM8z5tKR5Ws6k56tlh/PnBBaF8wOFttyZpA6mEwmA37WnijpCzq0z/WVnXFxTtELXc7KLBBZb3c8gA7U8L77eCW8leVwdWdONfHQwQUXog==~-1~-1~-1; bm_sz=9F670F96CFA14EAE1E301C71FAF0DD59~YAAQr00kF2ZqTBqFAQAAWRLHpBKTbEC50okz61ed5+osAkNloBn7mMpq38lECVt3gmS2iUY4fIHyzak+VYYYJGQjYpLAYHeDy1O4U4wrqA/NudPE3RE2wBpZN0bST/UftaXMZI+c9b+AR7QsWWs6ZcFn9L9GYp04rlw1F51ynx5+3a798UV/3biZDkqM89KWNPK3HydMu+o/aa7IU1dm+XD5AO8rthx7Uhg+NqbV8TcO97LvPWWfhP+BfUBO79z4b6HryUcdCCIOykHCtq0R/GxA1bXq1HJTNFNXECjXppVj~3553604~3420472
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment; filename="linkedin-icon.svg"
content-encoding: gzip
content-type: image/svg+xml
etag: "3c1-5d9d3906de000-gzip"
last-modified: Thu, 10 Mar 2022 01:59:28 GMT
server: Apache
vary: Accept-Encoding
x-content-type-options: nosniff
x-dispatcher: dispatcher2uswest2
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 500
cache-control: max-age=786
expires: Thu, 12 Jan 2023 07:12:54 GMT
date: Thu, 12 Jan 2023 06:59:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=121
access-control-allow-origin: *
akamai-grn: 0.af4d2417.1673506787.1ef7006d
link: <https://www.xero.com/_sec/cp_challenge/sec-3-8.css>; rel=preload; as=style, <https://www.xero.com/_sec/cp_challenge/sec-cpt-3-8.js>; rel=preload; as=script, <https://www.xero.com/iR3GaEPgk/eG4jRQNGQ/iNrYSfp2r7ua/E0B3bzkhJAE/Yl8gfCk/wE14>; rel=preload; as=script
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 65f0c0830d6be2391df2dd2bbbf75794
264ed8ddd824620623aef3d5f68b2c027bd356a6
22ba0a0556a92482dfb6f2664d15fda8faa0768b4abfe327e530e3c90b721cd5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.xero.com/content/dam/xero/pilot-images/admin/icons/favicon/apple-touch-icon-144x144-precomposed.png
104.110.12.226200 OK 2.2 kB URL HTTP/2 www.xero.com/content/dam/xero/pilot-images/admin/icons/favicon/apple-touch-icon-144x144-precomposed.png
IP 104.110.12.226:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 64e037163bb335568ce8326ba37a33ce
7034cda6d46e4fdc3490f1080142b2c34fbdf582
17c84a395d852644c68b1bcbc48fa03cc5e90b1b2721620d20032d9ef653a358
GET /content/dam/xero/pilot-images/admin/icons/favicon/apple-touch-icon-144x144-precomposed.png HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Cookie: _abck=0B3172FD68CCE21DD96DAEFAEFCF4FE5~-1~YAAQr00kF2VqTBqFAQAAWRLHpAk+ZgfBmGWG4nr7D0m7ty5P3FcgWDIjpyPY8kHrqiz3jjEnuxvlG6vl0YZl6kZKAnQxGDt+FFn+xv9e/m2jk6ZtgtGY5sxASdKfE1ogS/W+IqH67KwOgfX1c1hN9XOABG3xIWTbMvR6KXKKhEP7xGDOWXX+IH6VZxvvwxFKPJqf2twq1pxW1TqOJG+D+yw6qTOVXxsNuPOBvObmipTODjHH035ymSW4B1+gS83npaA4BLgR8UhQFjoiXM8z5tKR5Ws6k56tlh/PnBBaF8wOFttyZpA6mEwmA37WnijpCzq0z/WVnXFxTtELXc7KLBBZb3c8gA7U8L77eCW8leVwdWdONfHQwQUXog==~-1~-1~-1; bm_sz=9F670F96CFA14EAE1E301C71FAF0DD59~YAAQr00kF2ZqTBqFAQAAWRLHpBKTbEC50okz61ed5+osAkNloBn7mMpq38lECVt3gmS2iUY4fIHyzak+VYYYJGQjYpLAYHeDy1O4U4wrqA/NudPE3RE2wBpZN0bST/UftaXMZI+c9b+AR7QsWWs6ZcFn9L9GYp04rlw1F51ynx5+3a798UV/3biZDkqM89KWNPK3HydMu+o/aa7IU1dm+XD5AO8rthx7Uhg+NqbV8TcO97LvPWWfhP+BfUBO79z4b6HryUcdCCIOykHCtq0R/GxA1bXq1HJTNFNXECjXppVj~3553604~3420472
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: "18e2-5b6a3ce159a40"
last-modified: Wed, 13 Oct 2021 12:26:51 GMT
server: Akamai Image Manager
unused62: 8096267
x-datastream-cache-status: 1
content-length: 2156
content-type: image/webp
cache-control: private, no-transform, max-age=40063
expires: Thu, 12 Jan 2023 18:07:31 GMT
date: Thu, 12 Jan 2023 06:59:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=33
access-control-allow-origin: *
akamai-grn: 0.af4d2417.1673506788.1ef700c7
X-Firefox-Spdy: h2
www.xero.com/content/dam/xero/pilot-images/admin/icons/favicon/favicon.ico
104.110.12.226200 OK 3.2 kB URL HTTP/2 www.xero.com/content/dam/xero/pilot-images/admin/icons/favicon/favicon.ico
IP 104.110.12.226:0
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 9515c41c079581a7dcab8f52f304066d
00f64eb27b46027c61e6ced1b710cf2477fd25ef
b77801b29fcef16468d48fc5c5deb001f9acda4a56c2742749c43c09a98546cd
GET /content/dam/xero/pilot-images/admin/icons/favicon/favicon.ico HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Cookie: _abck=0B3172FD68CCE21DD96DAEFAEFCF4FE5~-1~YAAQr00kF2VqTBqFAQAAWRLHpAk+ZgfBmGWG4nr7D0m7ty5P3FcgWDIjpyPY8kHrqiz3jjEnuxvlG6vl0YZl6kZKAnQxGDt+FFn+xv9e/m2jk6ZtgtGY5sxASdKfE1ogS/W+IqH67KwOgfX1c1hN9XOABG3xIWTbMvR6KXKKhEP7xGDOWXX+IH6VZxvvwxFKPJqf2twq1pxW1TqOJG+D+yw6qTOVXxsNuPOBvObmipTODjHH035ymSW4B1+gS83npaA4BLgR8UhQFjoiXM8z5tKR5Ws6k56tlh/PnBBaF8wOFttyZpA6mEwmA37WnijpCzq0z/WVnXFxTtELXc7KLBBZb3c8gA7U8L77eCW8leVwdWdONfHQwQUXog==~-1~-1~-1; bm_sz=9F670F96CFA14EAE1E301C71FAF0DD59~YAAQr00kF2ZqTBqFAQAAWRLHpBKTbEC50okz61ed5+osAkNloBn7mMpq38lECVt3gmS2iUY4fIHyzak+VYYYJGQjYpLAYHeDy1O4U4wrqA/NudPE3RE2wBpZN0bST/UftaXMZI+c9b+AR7QsWWs6ZcFn9L9GYp04rlw1F51ynx5+3a798UV/3biZDkqM89KWNPK3HydMu+o/aa7IU1dm+XD5AO8rthx7Uhg+NqbV8TcO97LvPWWfhP+BfUBO79z4b6HryUcdCCIOykHCtq0R/GxA1bXq1HJTNFNXECjXppVj~3553604~3420472
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/x-icon
etag: "3aee-5b6a3ce24dc80-gzip"
last-modified: Thu, 17 Dec 2020 07:18:58 GMT
server: Apache
vary: Accept-Encoding
x-content-type-options: nosniff
x-dispatcher: dispatcher2uswest2
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 3224
cache-control: max-age=1288
expires: Thu, 12 Jan 2023 07:21:16 GMT
date: Thu, 12 Jan 2023 06:59:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=51
access-control-allow-origin: *
akamai-grn: 0.af4d2417.1673506788.1ef700cb
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c66adf4d38cf3094064bef92dc1c84d0
82416715584c8508a8c5335020c494e847eb5fd3
f8aa40f0d3cda7b4c8fb0cc26a077927454893d757ae4104ad57e4fcf237c242
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.redditstatic.com/ads/pixel.js
151.101.65.140200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.65.140:0
File type ASCII text, with very long lines (25224)
Hash 3528fd00b652f61a266eb584d96f4fcc
d89e16aa1323c6c4f1ed3941122020684a599361
77efa9f2ddfdca7a45df37bbcd22fdaeb7b97161a2acd87e21eb78bdeaad1332
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
etag: "3528fd00b652f61a266eb584d96f4fcc"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 12 Jan 2023 06:59:48 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash bddf994fcc0df927e00912aea483147c
c1497bb31f8868d7da9ecf938d04be22ef603534
9e8f2a7245b8560144f40d992d5f73eb01b90b54a7f5c01e3950cacba47ea8b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5870
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:48 GMT
Last-Modified: Thu, 12 Jan 2023 05:21:58 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 27e1fe3c6ad950bbc72311e6e9c70dfd
eab969749daf2f0c2e5e5093d415517aebfb5902
3c31fa5b5b55d5c0dbe1f63843dfe991bcc099244f0342a75abc46996f0f178a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6157
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:48 GMT
Last-Modified: Thu, 12 Jan 2023 05:17:11 GMT
Server: ECS (amb/6BA9)
X-Cache: HIT
Content-Length: 279
9401320.fls.doubleclick.net/activityi;src=9401320;type=pagev0;cat=globa000;ord=1;num=2519057998071;gtm=2wg1a1;auiddc=802873212.1673506774;u1=%2Fuk%2F;u7=function(a)%7Ba.set(%22dimension%22%2Bb%2Ca.get(%22clientId%22))%7D;~oref=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5?
142.250.74.38200 OK 378 B URL HTTP/2 9401320.fls.doubleclick.net/activityi;src=9401320;type=pagev0;cat=globa000;ord=1;num=2519057998071;gtm=2wg1a1;auiddc=802873212.1673506774;u1=%2Fuk%2F;u7=function(a)%7Ba.set(%22dimension%22%2Bb%2Ca.get(%22clientId%22))%7D;~oref=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5?
IP 142.250.74.38:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (675), with no line terminators
Hash 54772f7b647a01d558fb3778b2c6af56
23b9cc8bd4266321e07ea04d12bcb6600115de26
1d641c2eef9e0495663466e90b8d3fc51ef8c87f2a2fcf63e9427f1c7b988965
GET /activityi;src=9401320;type=pagev0;cat=globa000;ord=1;num=2519057998071;gtm=2wg1a1;auiddc=802873212.1673506774;u1=%2Fuk%2F;u7=function(a)%7Ba.set(%22dimension%22%2Bb%2Ca.get(%22clientId%22))%7D;~oref=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5? HTTP/1.1
Host: 9401320.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 06:59:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 378
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 12-Jan-2023 07:14:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c66adf4d38cf3094064bef92dc1c84d0
82416715584c8508a8c5335020c494e847eb5fd3
f8aa40f0d3cda7b4c8fb0cc26a077927454893d757ae4104ad57e4fcf237c242
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.criteo.net/js/ld/ld.js
178.250.0.130200 OK 19 kB URL HTTP/2 static.criteo.net/js/ld/ld.js
IP 178.250.0.130:0
File type ASCII text, with very long lines (56576)
Hash c211464472829a8d9a8bfa2e141a82cf
2d141eb3604798ff7b206d3e3a413b2719e77c1b
6f03463a21506ec1418dd654aeff7835864e06a97c9cc66bc25465fd08381419
GET /js/ld/ld.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 12 Jan 2023 06:59:48 GMT
content-type: text/javascript
last-modified: Tue, 08 Nov 2022 15:05:46 GMT
etag: W/"636a704a-a8d9"
expires: Fri, 13 Jan 2023 06:59:48 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f31dece9b4f4b59b01e9decdb6f72e78
46fd775cceb0e76b4cb79df7fa9c374e16613475
cd8bdde64f60d006d9995620e6bbe66ab8f3b0c1ee155fcbd97bd9ab3098e4b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5137
Cache-Control: max-age=86948
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:48 GMT
Etag: "63be4c78-1d7"
Expires: Fri, 13 Jan 2023 07:08:56 GMT
Last-Modified: Wed, 11 Jan 2023 05:43:20 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
bat.bing.com/bat.js
204.79.197.200200 OK 12 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash d925a898de26295fdebfc90203ef46fa
77dd3f5893b76530e08058d50e8f9aef017e80c7
8f4a413fec7e48f5ac290f4596fef33b6396e7fb31080ec0203a5ec817d140c8
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11460
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
set-cookie: MUID=2C4E2D052B286C6828FC3F922ADD6D41; domain=.bing.com; expires=Tue, 06-Feb-2024 06:59:48 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3A031C3D7810413EA7847B97348F110D Ref B: OSL30EDGE0511 Ref C: 2023-01-12T06:59:48Z
date: Thu, 12 Jan 2023 06:59:48 GMT
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/up/pixie.js
151.101.65.108200 OK 3.3 kB URL HTTP/1.1 acdn.adnxs.com/dmp/up/pixie.js
IP 151.101.65.108:0
File type ASCII text, with very long lines (9139), with no line terminators
Hash 75b9af81e30e45403e6856566e888545
d013e9a47331447f32c2bdf6f35b286e711788f0
dd26e2e55783f6174ceea7c7a3b10e5af1c7fca56fc2543956a38b848f32a151
GET /dmp/up/pixie.js HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3340
Server: nginx/1.18.0 (Ubuntu)
Content-Type: application/javascript
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
ETag: W/"60b79de0-23b3"
Expires: Mon, 31 Oct 2022 05:58:51 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 12 Jan 2023 06:59:48 GMT
Age: 3508
X-Served-By: cache-lga21930-LGA, cache-bma1660-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 20605, 507
X-Timer: S1673506789.967148,VS0,VE0
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3b4c0e800eb76badb34a8c28d52b085e
01dcf7432a95bcace9cff3bec53ef1a266cdb17f
59edd95dd80b7d697e4a0ad55e9ef84ada16b729e4ef8b92a9a505989e893b3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.ads-twitter.com/uwt.js
151.101.244.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.244.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Thu, 12 Jan 2023 06:59:48 GMT
x-served-by: cache-iad-kiad7000089-IAD, cache-hel1410031-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 4aa5723e20bb937995d58baee63ccef3
4f4451ce70e0f1174447f509b9ecfae0030d69b8
a442ce52f0330fe4e1d6e25a76d9cf569cf7e649416caf201d0570a1cadf7de8
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: XKtcULdX+UiWonatxq9ZWd/N0/QO/Ah3qa+ua0Fejo6Y5dbsE3WeYi4S6kq8zPOEINFntqj2+ar7n2dnfu3C1A==
content-length: 27613
x-fb-trip-id: 1904183273
date: Thu, 12 Jan 2023 06:59:48 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 85ff946a6fdcac5ce6fc5ccacfdb2ab0
e7e1b4f574ac6f03c46833efa11b1b2c8e5e0c7d
6ad8f70cb3c6ede2ba4d2a47ce3baa9cb3b32b1da7b46d523546ef6a58d9be24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a16e9218cd839a04eac4e607b8322725
799036c0811294b0a32c959e944176e9917c4bcb
e998367d5c0ca58e0681dc2cbd41c0989cb133050274576425b20e2d282e1295
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6514
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:48 GMT
Etag: "63befabe-1d7"
Last-Modified: Thu, 12 Jan 2023 05:11:14 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/1023673485/?random=1673506773632&cv=11&fst=1673506773632&fmt=3&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&label=v0RbCOHw2eECEI2JkOgD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&ref=https%3A%2F%2Flkbx.me%2F&tiba=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&value=0&bttype=purchase&auid=802873212.1673506774&gcp=1&ct_cookie_present=1
142.250.74.34200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1023673485/?random=1673506773632&cv=11&fst=1673506773632&fmt=3&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&label=v0RbCOHw2eECEI2JkOgD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&ref=https%3A%2F%2Flkbx.me%2F&tiba=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&value=0&bttype=purchase&auid=802873212.1673506774&gcp=1&ct_cookie_present=1
IP 142.250.74.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1023673485/?random=1673506773632&cv=11&fst=1673506773632&fmt=3&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&label=v0RbCOHw2eECEI2JkOgD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&ref=https%3A%2F%2Flkbx.me%2F&tiba=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&value=0&bttype=purchase&auid=802873212.1673506774&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 06:59:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 12-Jan-2023 07:14:48 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f31dece9b4f4b59b01e9decdb6f72e78
46fd775cceb0e76b4cb79df7fa9c374e16613475
cd8bdde64f60d006d9995620e6bbe66ab8f3b0c1ee155fcbd97bd9ab3098e4b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5138
Cache-Control: max-age=86948
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:49 GMT
Etag: "63be4c78-1d7"
Expires: Fri, 13 Jan 2023 07:08:57 GMT
Last-Modified: Wed, 11 Jan 2023 05:43:20 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
www.google.com/pagead/1p-conversion/1023673485/?random=1673506773632&cv=11&fst=1673506773632&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&label=v0RbCOHw2eECEI2JkOgD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&ref=https%3A%2F%2Flkbx.me%2F&tiba=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&value=0&bttype=purchase&auid=802873212.1673506774&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.132302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/1023673485/?random=1673506773632&cv=11&fst=1673506773632&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&label=v0RbCOHw2eECEI2JkOgD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&ref=https%3A%2F%2Flkbx.me%2F&tiba=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&value=0&bttype=purchase&auid=802873212.1673506774&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.132:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1023673485/?random=1673506773632&cv=11&fst=1673506773632&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&label=v0RbCOHw2eECEI2JkOgD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&ref=https%3A%2F%2Flkbx.me%2F&tiba=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&value=0&bttype=purchase&auid=802873212.1673506774&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 06:59:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/1023673485/?random=1673506773632&cv=11&fst=1673506773632&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&label=v0RbCOHw2eECEI2JkOgD&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&ref=https%3A%2F%2Flkbx.me%2F&tiba=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&value=0&bttype=purchase&auid=802873212.1673506774&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3b4c0e800eb76badb34a8c28d52b085e
01dcf7432a95bcace9cff3bec53ef1a266cdb17f
59edd95dd80b7d697e4a0ad55e9ef84ada16b729e4ef8b92a9a505989e893b3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9ee9070e153bc0be89878860ca024177
a207ab2c4efdf959110cdbf0ca1e2a4ad41ca2a4
0bbd0335d60ede5782096cc8dc60293f60c24fc0c6285b33f2a9663615afc66d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 562769c5d097a9af02ef8a9e771b90c4
0f3a885f7800acf0bedc3709e5289eb34a83407f
bb650a08b3f21bb4a00aafea5b5644aff2e62f56ca0db766dbc19fe55f57b37c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 12 Jan 2023 06:59:49 GMT
Last-Modified: Thu, 12 Jan 2023 06:30:10 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IospLt_nh8tHjheKjYrpPOlE2f1ABWWllPAnpwr50Q7by4mJte1trA==
Age: 1779
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
54.230.111.99200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 54.230.111.99:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 12 Jan 2023 04:04:58 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cj2IWSqnvRb-RNWuKXz35mxdIuHjQPwumVgkrVrbwT1NolzPeSI6Vw==
age: 10491
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/events.js
44.209.218.223301 Moved Permanently 65 B URL HTTP/1.1 tags.srv.stackadapt.com/events.js
IP 44.209.218.223:0
File type HTML document, ASCII text
Hash f80e89783ec551e69632712d99fd2224
a760361995b52b09f655a2bb469d7dd464619692
c052ddf9a69031b36e27713dfc2ca1d3494de9e0436c5bb35d17d92dac2c61bd
GET /events.js HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
Date: Thu, 12 Jan 2023 06:59:49 GMT
Location: https://qvdt3feo.com/events.js
Content-Length: 65
Connection: keep-alive
www.xero.com/iR3GaEPgk/eG4jRQNGQ/iNrYSfp2r7ua/E0B3bzkhJAE/Yl8gfCk/wE14
104.110.12.226201 Created 18 B URL HTTP/2 www.xero.com/iR3GaEPgk/eG4jRQNGQ/iNrYSfp2r7ua/E0B3bzkhJAE/Yl8gfCk/wE14
IP 104.110.12.226:0
File type JSON data\012- , ASCII text
Hash 78b25f4f8b72d4f5826b1d665a46de1d
2703ab1d8a2b3ff3c63a72c2ef50ff1b49ca45c8
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
POST /iR3GaEPgk/eG4jRQNGQ/iNrYSfp2r7ua/E0B3bzkhJAE/Yl8gfCk/wE14 HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5NjIwMTciLCJhcCI6IjEwMjMzODUxNjAiLCJpZCI6ImRiYjdlNGI4OTFmMmEzMzciLCJ0ciI6ImNmODdlMWVlZjJkZjYxMGUxNjA4YzA3NjI5Yjg1NzQwIiwidGkiOjE2NzM1MDY3NzMyNjEsInRrIjoiMjk5MDE4NyJ9fQ==
traceparent: 00-cf87e1eef2df610e1608c07629b85740-dbb7e4b891f2a337-01
tracestate: 2990187@nr=0-1-1962017-1023385160-dbb7e4b891f2a337----1673506773261
Content-Type: text/plain;charset=UTF-8
Content-Length: 2741
Origin: https://www.xero.com
Connection: keep-alive
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Cookie: _abck=0B3172FD68CCE21DD96DAEFAEFCF4FE5~-1~YAAQr00kF2VqTBqFAQAAWRLHpAk+ZgfBmGWG4nr7D0m7ty5P3FcgWDIjpyPY8kHrqiz3jjEnuxvlG6vl0YZl6kZKAnQxGDt+FFn+xv9e/m2jk6ZtgtGY5sxASdKfE1ogS/W+IqH67KwOgfX1c1hN9XOABG3xIWTbMvR6KXKKhEP7xGDOWXX+IH6VZxvvwxFKPJqf2twq1pxW1TqOJG+D+yw6qTOVXxsNuPOBvObmipTODjHH035ymSW4B1+gS83npaA4BLgR8UhQFjoiXM8z5tKR5Ws6k56tlh/PnBBaF8wOFttyZpA6mEwmA37WnijpCzq0z/WVnXFxTtELXc7KLBBZb3c8gA7U8L77eCW8leVwdWdONfHQwQUXog==~-1~-1~-1; bm_sz=9F670F96CFA14EAE1E301C71FAF0DD59~YAAQr00kF2ZqTBqFAQAAWRLHpBKTbEC50okz61ed5+osAkNloBn7mMpq38lECVt3gmS2iUY4fIHyzak+VYYYJGQjYpLAYHeDy1O4U4wrqA/NudPE3RE2wBpZN0bST/UftaXMZI+c9b+AR7QsWWs6ZcFn9L9GYp04rlw1F51ynx5+3a798UV/3biZDkqM89KWNPK3HydMu+o/aa7IU1dm+XD5AO8rthx7Uhg+NqbV8TcO97LvPWWfhP+BfUBO79z4b6HryUcdCCIOykHCtq0R/GxA1bXq1HJTNFNXECjXppVj~3553604~3420472
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 201 Created
content-length: 18
x_req_id: 640e9a86-d079-48c9-b18f-804c1b85a478
date: Thu, 12 Jan 2023 06:59:49 GMT
content-type: application/json
vary: Origin
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
server-timing: edge; dur=3, origin; dur=1162, cdn-cache; desc=MISS
access-control-allow-origin: https://www.xero.com, *
akamai-grn: 0.af4d2417.1673506788.1ef70092
link: <https://www.xero.com/_sec/cp_challenge/sec-3-8.css>; rel=preload; as=style, <https://www.xero.com/_sec/cp_challenge/sec-cpt-3-8.js>; rel=preload; as=script, <https://www.xero.com/iR3GaEPgk/eG4jRQNGQ/iNrYSfp2r7ua/E0B3bzkhJAE/Yl8gfCk/wE14>; rel=preload; as=script
set-cookie: _abck=0B3172FD68CCE21DD96DAEFAEFCF4FE5~0~YAAQr00kF5FqTBqFAQAA3BfHpAnM/3sojsCESJjS8XNtqDEb5ED3BSQ4vjocexOKEJtQSiIxQcA6pVIy3wRGGVI8Pf7m3uC+hXi0XufnMNR/z3lZpNVfZZkdHWUmflStns/1Pt10tpG/GkGNXbI6XQQ2osrsq/VW7qE4qNAkdRs8KLBvLUJPGJWOWC7kSsnsyEtRcrlUU4wPStg87vtLRehno83FudM7rNvjan43POpYzsfClWgFTdsOn7OeAiJ3wMmjJm7mNIPN5TqzMOaHeKbgQHsMCmDdbcJYNNrZo8ja1FogP8DvQxMhUAiAmXe+19fZ3Guv9iw4se1SPJg7S+PDLVXOVut/f5z75JkoRonR+oT9DjAWrGs1OUgRO3qCErXVYkr5p29jpITkckBqjUJh1nG9y6A=~-1~||1-GZBEaXOFYa-1-10-1000-2||~-1; Domain=.xero.com; Path=/; Expires=Fri, 12 Jan 2024 06:59:49 GMT; Max-Age=31536000; Secure
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7d08acac201f2068d544f4eef111454f
f43ddf196d1ad5d9531081064fd69063281eecd3
a8b5eab1112465bfa399f7376ce79ef944b5e5ba150f6b47564cef53beee589d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4918
Cache-Control: max-age=88145
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:49 GMT
Etag: "63be5200-1d7"
Expires: Fri, 13 Jan 2023 07:28:54 GMT
Last-Modified: Wed, 11 Jan 2023 06:06:56 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=C593280E560020957F000101%40AdobeOrg&d_nsid=0&ts=1673506774834
34.251.47.116200 OK 309 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=C593280E560020957F000101%40AdobeOrg&d_nsid=0&ts=1673506774834
IP 34.251.47.116:0
File type JSON data\012- , ASCII text, with very long lines (363), with no line terminators
Hash 8ca4c849337fc644b2807d7720676d67
47cd3daefb716ce7b7ca78c7558395c7a89342e7
26d9728577d9da9b63cfa5f7db1d9eb9787e0f46f364ea742e87fb44456438a4
GET /id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=C593280E560020957F000101%40AdobeOrg&d_nsid=0&ts=1673506774834 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.xero.com
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.xero.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-0ba8f5f7e.edge-irl1.demdex.com 1 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=75633763490479648193773852275729538943; Max-Age=15552000; Expires=Tue, 11 Jul 2023 06:59:49 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: A8eXFoYfRl8=
Content-Length: 309
Connection: keep-alive
cdn.linkedin.oribi.io/partner/206915/domain/xero.com/token
54.230.111.78200 OK 134 B URL HTTP/2 cdn.linkedin.oribi.io/partner/206915/domain/xero.com/token
IP 54.230.111.78:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bc368687da80a42fd28ca80b414f7a9c
a986ae0334b3c0ab8d22311db219e2b21d7884c7
0e3bc92138383c2d08b32558d0939bdaaa01fce69cc9a12240c666790b77fe15
GET /partner/206915/domain/xero.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xero.com
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Thu, 12 Jan 2023 00:20:19 GMT
access-control-allow-origin: *
cache-control: public, max-age=28676
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6d1CObh8_Lk7mddQERmi-e1ohnkSrqFDZhJE6hiHJDBXbt3RBD49zQ==
age: 23970
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=4becd84a00006400050b6782
54.230.111.99200 OK 3.3 kB URL HTTP/2 widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=4becd84a00006400050b6782
IP 54.230.111.99:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12963)
Hash 2922a85ce6caf46f828c097bf7aa1036
afedbac8e6480a8c59cc6ca3359381731f75795b
12d369c3d585d564678ed15f99b53dad29faa1e05475825ccd0e8f4c50cfb779
GET /trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=4becd84a00006400050b6782 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 3267
last-modified: Tue, 04 Oct 2022 10:24:57 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 12 Jan 2023 03:04:50 GMT
cache-control: max-age=86400
etag: "2922a85ce6caf46f828c097bf7aa1036"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dp4YbX12wMR7SXPh6wEpRgYnELq7R8zshZyAfDYRAg-zYDG3Sa9khQ==
age: 14100
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 18e4bb4c5d61ef658677d304e6e3bfbd
a4540cec22acb886d68fa2a2f03897897c051632
0339de8f0fe5bd29e1f16f08d5416e3101e1efd23b1d3246b8d4a598cc7eac46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4687
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:50 GMT
Last-Modified: Thu, 12 Jan 2023 05:41:43 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313
s.yimg.com/wi/config/10175613.json
87.248.119.251200 OK 2 B URL HTTP/2 s.yimg.com/wi/config/10175613.json
IP 87.248.119.251:0
ASN #203220 Yahoo! UK Services Limited
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /wi/config/10175613.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xero.com
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: XK14JJ35JXKX5ZFK
x-amz-id-2: oPJHcMnpIxpJ5zvhIzTe00ZQiNApSjpb7GBSfI4Swk8if6SbNsffLy7uMaDbDAciFg7FGChDYH4=
content-type: application/json
date: Thu, 12 Jan 2023 06:08:00 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 3110
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 369a4ab78242abec248f6b88008a1399
4375b764b0924e68be4cd510f47a82be045576b1
964e5a697a13aebd30c22e520ff45ec6a8de1286913d2fde1edd88f57c9bf47c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 369a4ab78242abec248f6b88008a1399
4375b764b0924e68be4cd510f47a82be045576b1
964e5a697a13aebd30c22e520ff45ec6a8de1286913d2fde1edd88f57c9bf47c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.yimg.com/wi/ytc.js
87.248.119.251200 OK 6.3 kB IP 87.248.119.251:0
ASN #203220 Yahoo! UK Services Limited
Hash f47f52c8b758436bebd4dd62dbcddf89
6de7a5307feaa62247433990436e507ec525f688
0eafa1e96593b62652ad05a069454670215c9f2eddfe52c41320b5b9cfeb9dde
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PNjLQijx9W/NJyL74nVBv8Pt1vAukm3L9c7l9DeuF4PmbMsd8EV2/0q8kn94KLUbeXj0jp22t08=
x-amz-request-id: N9BZTXK49DY9ZJ03
date: Thu, 12 Jan 2023 06:59:34 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 16
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=9401320;type=pagev0;cat=globa000;ord=1;num=2519057998071;gtm=2wg1a1;auiddc=802873212.1673506774;u1=%2Fuk%2F;u7=function(a)%7Ba.set(%22dimension%22%2Bb%2Ca.get(%22clientId%22))%7D;~oref=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
142.250.74.34200 OK 377 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=9401320;type=pagev0;cat=globa000;ord=1;num=2519057998071;gtm=2wg1a1;auiddc=802873212.1673506774;u1=%2Fuk%2F;u7=function(a)%7Ba.set(%22dimension%22%2Bb%2Ca.get(%22clientId%22))%7D;~oref=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (674), with no line terminators
Hash 25e62b114f8ac4e137058e0f57b8ce97
54d29d6228fb87f36fe0ddcd6783237559457221
459424e23eac0b8d3f7055809de5cd21038a6d18c15f6e60420c39ab1265a1ac
GET /ddm/fls/i/src=9401320;type=pagev0;cat=globa000;ord=1;num=2519057998071;gtm=2wg1a1;auiddc=802873212.1673506774;u1=%2Fuk%2F;u7=function(a)%7Ba.set(%22dimension%22%2Bb%2Ca.get(%22clientId%22))%7D;~oref=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9401320.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 06:59:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 377
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js
54.230.111.99200 OK 30 kB URL HTTP/2 widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js
IP 54.230.111.99:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (64281), with no line terminators
Hash 5b76b943a9533254775b33e002b1c884
4c884b91ed0762c5380da136c5d09edb9b4fbd14
003b5a563be7a0444ca3be97ace94a5b4ec478009ffa159767c5873ee61e5bdb
GET /trustboxes/53aa8912dec7e10d38f59f36/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=4becd84a00006400050b6782
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 29756
last-modified: Tue, 04 Oct 2022 10:24:58 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Thu, 12 Jan 2023 01:15:32 GMT
cache-control: max-age=86400
etag: "5b76b943a9533254775b33e002b1c884"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _Bk7Xh1uC6sWBstW6KwFIGSQEwEGEgOOr7LXGi0RpXdxmKdRVbMPWQ==
age: 20659
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 369a4ab78242abec248f6b88008a1399
4375b764b0924e68be4cd510f47a82be045576b1
964e5a697a13aebd30c22e520ff45ec6a8de1286913d2fde1edd88f57c9bf47c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t.co/i/adsct?bci=3&eci=2&event_id=84102485-b269-42f5-90d0-51c28d8753c0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8f342ef7-1d5c-495a-9383-48692da3e394&tw_document_href=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyd4e&type=javascript&version=2.3.29
104.244.42.133200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=84102485-b269-42f5-90d0-51c28d8753c0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8f342ef7-1d5c-495a-9383-48692da3e394&tw_document_href=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyd4e&type=javascript&version=2.3.29
IP 104.244.42.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=84102485-b269-42f5-90d0-51c28d8753c0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8f342ef7-1d5c-495a-9383-48692da3e394&tw_document_href=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyd4e&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 06:59:49 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=898793bd-0094-4fcb-a437-4a5509ac4b7e; Max-Age=63072000; Expires=Sat, 11 Jan 2025 06:59:50 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 381fed92dff6c475
strict-transport-security: max-age=0
x-response-time: 104
x-connection-hash: e608e0ec53be1ebcc833c3e3e9594dd6fcefa897b1259ab23b2ade9f6dbd27b3
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b74439432bea2f73ba866ff819a02714
9bb2d4ae790dfa9f1721b71f248276b15e152bdf
1b68e32ab1afdc1bea5e9d96e07baa5347290f7e3fd8bc2e1a1b32312227305c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.zenaps.com/alt.php?mid=20923&sv=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
2.21.192.211200 OK 140 B URL HTTP/1.1 www.zenaps.com/alt.php?mid=20923&sv=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
IP 2.21.192.211:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 5bd5e5f4d73152b5e075f66ec4a45290
3617f543df770e17d2b458f9319b63fdf15e8217
66a8fc2d460a3647293c50f860a0192744f5164211c8d80af9f84d475957c0ea
GET /alt.php?mid=20923&sv=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5 HTTP/1.1
Host: www.zenaps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 140
Date: Thu, 12 Jan 2023 06:59:50 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default
adservice.google.no/ddm/fls/i/src=9401320;type=pagev0;cat=globa000;ord=1;num=2519057998071;gtm=2wg1a1;auiddc=802873212.1673506774;u1=%2Fuk%2F;u7=function(a)%7Ba.set(%22dimension%22%2Bb%2Ca.get(%22clientId%22))%7D;~oref=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
142.250.74.2200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=9401320;type=pagev0;cat=globa000;ord=1;num=2519057998071;gtm=2wg1a1;auiddc=802873212.1673506774;u1=%2Fuk%2F;u7=function(a)%7Ba.set(%22dimension%22%2Bb%2Ca.get(%22clientId%22))%7D;~oref=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=9401320;type=pagev0;cat=globa000;ord=1;num=2519057998071;gtm=2wg1a1;auiddc=802873212.1673506774;u1=%2Fuk%2F;u7=function(a)%7Ba.set(%22dimension%22%2Bb%2Ca.get(%22clientId%22))%7D;~oref=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 06:59:50 GMT
expires: Thu, 12 Jan 2023 06:59:50 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=9401320;type=pagev0;cat=globa002;match_id=94474ae8-dba6-4147-885e-64043e30e5ba;ord=1;num=9326892233197;gtm=2od1a1;auiddc=802873212.1673506774;u1=%2Fuk%2F;~oref=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
142.250.74.2200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=9401320;type=pagev0;cat=globa002;match_id=94474ae8-dba6-4147-885e-64043e30e5ba;ord=1;num=9326892233197;gtm=2od1a1;auiddc=802873212.1673506774;u1=%2Fuk%2F;~oref=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=9401320;type=pagev0;cat=globa002;match_id=94474ae8-dba6-4147-885e-64043e30e5ba;ord=1;num=9326892233197;gtm=2od1a1;auiddc=802873212.1673506774;u1=%2Fuk%2F;~oref=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 06:59:50 GMT
expires: Thu, 12 Jan 2023 06:59:50 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 41e24a0cfd139513105cdf694b82da27
34be64d972fe555b75ab895175b3b0619253f06a
9a5c64fef0280bbbdb7fd9bed8f304dbc5f4a0fbd018b80e6ae8ad8893a7ca74
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.zenaps.com/m/20923.gif
2.21.192.211200 OK 43 B URL HTTP/1.1 www.zenaps.com/m/20923.gif
IP 2.21.192.211:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /m/20923.gif HTTP/1.1
Host: www.zenaps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zenaps.com/alt.php?mid=20923&sv=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 43
Expires: 0
Pragma: no-cache
Allow: GET
ETag: 20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Cache-Control: max-age=0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date: Thu, 12 Jan 2023 06:59:50 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash d441460b4e8e5aaa6f99eaf824c6f5e7
6249e8040df11386bec23124dc63f56af17c3b25
452bfb8834c7a26faece3f2202e0bd4203b97e322b9e7180d8bc470a59f3e54a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1264
Cache-Control: max-age=105391
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:50 GMT
Etag: "63bea3a5-139"
Expires: Fri, 13 Jan 2023 12:16:21 GMT
Last-Modified: Wed, 11 Jan 2023 11:55:17 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
c.go-mpulse.net/api/config.json?key=DXWKX-5MGMF-RCUC3-85Q7G-8PZ8A&d=www.xero.com&t=5578356&v=1.720.0&sl=0&si=92169b18-f9cc-4d4f-83d3-5228bd358d92-rod236&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=534172
23.38.200.138200 OK 609 B URL HTTP/1.1 c.go-mpulse.net/api/config.json?key=DXWKX-5MGMF-RCUC3-85Q7G-8PZ8A&d=www.xero.com&t=5578356&v=1.720.0&sl=0&si=92169b18-f9cc-4d4f-83d3-5228bd358d92-rod236&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=534172
IP 23.38.200.138:0
File type JSON data\012- , ASCII text, with very long lines (1359), with no line terminators
Hash 670adc0051bcbd59289da1d741103a9c
eede8c01e60f4d335585eaa490ff18170d488986
c18002fb9c5eaa34ef1998a44208517fa94991988f62b5e5e8f40aa0006d5e5d
GET /api/config.json?key=DXWKX-5MGMF-RCUC3-85Q7G-8PZ8A&d=www.xero.com&t=5578356&v=1.720.0&sl=0&si=92169b18-f9cc-4d4f-83d3-5228bd358d92-rod236&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=534172 HTTP/1.1
Host: c.go-mpulse.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xero.com
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Timing-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 12 Jan 2023 06:59:50 GMT
Content-Length: 609
Connection: keep-alive
Content-Type: application/json
www.xero.com/api/events/v1/
104.110.12.226202 Accepted 0 B URL HTTP/2 www.xero.com/api/events/v1/
IP 104.110.12.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/events/v1/ HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
content-type: text/plain
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5NjIwMTciLCJhcCI6IjEwMjMzODUxNjAiLCJpZCI6IjNhYjk1NGJlNWFkNmRhNWEiLCJ0ciI6IjMzOTIyNWRlY2Q2YmY5YmFlMWZiZjgyZWI4ODk4YzgwIiwidGkiOjE2NzM1MDY3NzQ4MjYsInRrIjoiMjk5MDE4NyJ9fQ==
traceparent: 00-339225decd6bf9bae1fbf82eb8898c80-3ab954be5ad6da5a-01
tracestate: 2990187@nr=0-1-1962017-1023385160-3ab954be5ad6da5a----1673506774826
Origin: https://www.xero.com
Content-Length: 469
Connection: keep-alive
Cookie: _abck=0B3172FD68CCE21DD96DAEFAEFCF4FE5~0~YAAQr00kF5FqTBqFAQAA3BfHpAnM/3sojsCESJjS8XNtqDEb5ED3BSQ4vjocexOKEJtQSiIxQcA6pVIy3wRGGVI8Pf7m3uC+hXi0XufnMNR/z3lZpNVfZZkdHWUmflStns/1Pt10tpG/GkGNXbI6XQQ2osrsq/VW7qE4qNAkdRs8KLBvLUJPGJWOWC7kSsnsyEtRcrlUU4wPStg87vtLRehno83FudM7rNvjan43POpYzsfClWgFTdsOn7OeAiJ3wMmjJm7mNIPN5TqzMOaHeKbgQHsMCmDdbcJYNNrZo8ja1FogP8DvQxMhUAiAmXe+19fZ3Guv9iw4se1SPJg7S+PDLVXOVut/f5z75JkoRonR+oT9DjAWrGs1OUgRO3qCErXVYkr5p29jpITkckBqjUJh1nG9y6A=~-1~||1-GZBEaXOFYa-1-10-1000-2||~-1; bm_sz=9F670F96CFA14EAE1E301C71FAF0DD59~YAAQr00kF2ZqTBqFAQAAWRLHpBKTbEC50okz61ed5+osAkNloBn7mMpq38lECVt3gmS2iUY4fIHyzak+VYYYJGQjYpLAYHeDy1O4U4wrqA/NudPE3RE2wBpZN0bST/UftaXMZI+c9b+AR7QsWWs6ZcFn9L9GYp04rlw1F51ynx5+3a798UV/3biZDkqM89KWNPK3HydMu+o/aa7IU1dm+XD5AO8rthx7Uhg+NqbV8TcO97LvPWWfhP+BfUBO79z4b6HryUcdCCIOykHCtq0R/GxA1bXq1HJTNFNXECjXppVj~3553604~3420472; _gcl_au=1.1.802873212.1673506774
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 202 Accepted
content-type: application/json
content-length: 0
x-amzn-requestid: cc75ecd8-0532-4929-96f7-67ce4d447a45
x-amz-apigw-id: enhsAE4KIAMF4FA=
x-amzn-trace-id: Root=1-63bfafe6-22f176cc3fad45520fb8e3c4
x-amz-cf-pop: ORD58-P7
x-amz-cf-id: 8asS77n-Y28UqznMUe0Lf9gN2DC-AYLE5pAIpk5QRF02ndxB-bbpJA==
cache-control: max-age=3565
expires: Thu, 12 Jan 2023 07:59:15 GMT
date: Thu, 12 Jan 2023 06:59:50 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=504, origin; dur=106
access-control-allow-origin: *
akamai-grn: 0.af4d2417.1673506789.1ef701f2
link: <https://www.xero.com/_sec/cp_challenge/sec-3-8.css>; rel=preload; as=style, <https://www.xero.com/_sec/cp_challenge/sec-cpt-3-8.js>; rel=preload; as=script, <https://www.xero.com/iR3GaEPgk/eG4jRQNGQ/iNrYSfp2r7ua/E0B3bzkhJAE/Yl8gfCk/wE14>; rel=preload; as=script
set-cookie: ak_bmsc=883477717E23467D06769D5F307D9FE6~000000000000000000000000000000~YAAQr00kF7xqTBqFAQAAxhvHpBLyBybY9SHu5Q8jZG5Vle1leJ2KkkyYnHD+IDiBM/bgVJTppVSSsEOLFk9WE9VJYTGcNl2ZNrnsvPRNmatE5hsN3Mlbafx0IizDpk8dhtYTVEByBaKo5mKhQFRNYhQIu+NMuM9TentwOSkfVuW8MJD4U7zf1E/pOoQWIR7AQfzPIBVCUPpXRkqSYTMXRVsmAR1nJxZ3PYvHkuQ3QRZAaVKLd/hXQOEa/cUagWwMe1JMk8Qyos4jc2P+d+ot86Aky72ZVbkRGdBonWSt092UCS67X6J9xt7FRPnT8fwKA62AaT4LSqnQMemdABzWYhjihkMtHApE3f6O9IkD4eN1KrKXXBL/Ju4CjOgN0R3jfKKiy3lbJA==; Domain=.xero.com; Path=/; Expires=Thu, 12 Jan 2023 08:59:49 GMT; Max-Age=7199; HttpOnly
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxImpression?locale=en-NZ&styleHeight=100%25&styleWidth=100%25&theme=light&tags=product&stars=4%2C5&schemaType=Organization&sku=Xero&name=Xero&url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&referrer=https%3A%2F%2Flkbx.me%2F&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4becd84a00006400050b6782&widgetId=53aa8912dec7e10d38f59f36
54.230.111.99204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=en-NZ&styleHeight=100%25&styleWidth=100%25&theme=light&tags=product&stars=4%2C5&schemaType=Organization&sku=Xero&name=Xero&url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&referrer=https%3A%2F%2Flkbx.me%2F&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4becd84a00006400050b6782&widgetId=53aa8912dec7e10d38f59f36
IP 54.230.111.99:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=en-NZ&styleHeight=100%25&styleWidth=100%25&theme=light&tags=product&stars=4%2C5&schemaType=Organization&sku=Xero&name=Xero&url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&referrer=https%3A%2F%2Flkbx.me%2F&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4becd84a00006400050b6782&widgetId=53aa8912dec7e10d38f59f36 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=4becd84a00006400050b6782
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Thu, 12 Jan 2023 06:59:49 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OgiqedK1VrEBmbqmhjIPA9NCJluRIYYWJHVMLkOcv5TJKM0jr6oySQ==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash a16093a4145eeb3e8e0a51cfdad107fe
f11fbd784e52cbe308c90872ad31a77b2e07a6be
02c460e80ba2d8f4fb408b56d5037e396d4354e9a6a0d5555b3e7b1b7bf688ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 388
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:50 GMT
Etag: "63bebb5e-139"
Last-Modified: Thu, 12 Jan 2023 06:53:22 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 06:59:49 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=x15vIl80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQjYyOE0lMkJ3d3BsOE5OdkFESVNaczc1Y1FTYkVtQ2NPNGhXVFhVNmNJSkNH; expires=Tue, 06 Feb 2024 06:59:50 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 351227
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash dc49064232182779cb7f3672579e4cc6
e08e8ad54c9120fb6f1da8a583d6e4c9f28b481a
a7fc73762574c588debf359b4255cd97874be1d97cb4746d90c1f329c1ce290b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6292
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:50 GMT
Last-Modified: Thu, 12 Jan 2023 05:14:58 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 93ed158cb6be5ff2524073fefb66a4e9
64a3c98d857b25d6398a4adddd71288ba7b9caa6
6a2289ccb77a533869fffcb29a4967f81922c09a282523c131e7bf664d4b1870
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4116
Cache-Control: max-age=149259
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:50 GMT
Etag: "63bf43dd-138"
Expires: Sat, 14 Jan 2023 00:27:29 GMT
Last-Modified: Wed, 11 Jan 2023 23:18:53 GMT
Server: ECS (amb/6BA9)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash dc49064232182779cb7f3672579e4cc6
e08e8ad54c9120fb6f1da8a583d6e4c9f28b481a
a7fc73762574c588debf359b4255cd97874be1d97cb4746d90c1f329c1ce290b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6292
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:50 GMT
Last-Modified: Thu, 12 Jan 2023 05:14:58 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313
xerolimited.sc.omtrdc.net/id?d_visid_ver=5.0.0&d_fieldgroup=A&mcorgid=C593280E560020957F000101%40AdobeOrg&mid=75641054101649888373769778809705742409&ts=1673506775497
13.37.25.97200 OK 2 B URL HTTP/2 xerolimited.sc.omtrdc.net/id?d_visid_ver=5.0.0&d_fieldgroup=A&mcorgid=C593280E560020957F000101%40AdobeOrg&mid=75641054101649888373769778809705742409&ts=1673506775497
IP 13.37.25.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /id?d_visid_ver=5.0.0&d_fieldgroup=A&mcorgid=C593280E560020957F000101%40AdobeOrg&mid=75641054101649888373769778809705742409&ts=1673506775497 HTTP/1.1
Host: xerolimited.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.xero.com
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.xero.com
access-control-allow-credentials: true
date: Thu, 12 Jan 2023 06:59:50 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
xero.demdex.net/dest5.html?d_nsid=0
52.210.27.62200 OK 2.8 kB URL HTTP/1.1 xero.demdex.net/dest5.html?d_nsid=0
IP 52.210.27.62:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: xero.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Thu, 12 Jan 2023 06:59:50 GMT
DCS: dcs-prod-irl1-2-v045-0c67d0b74.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:22:23 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: LvkGNgdGQcQ=
Content-Length: 2791
Connection: keep-alive
xero.demdex.net/event?d_dil_ver=9.4&_ts=1673506774841
52.210.27.62200 OK 184 B URL HTTP/1.1 xero.demdex.net/event?d_dil_ver=9.4&_ts=1673506774841
IP 52.210.27.62:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d423c9a71fd1f753241c113b470e71c0
ad61f3b492eb5a79c08e6132e8268a1b697f0a40
c48ffb157192d7810641a7a41dbebe8e5d8e4fa91f9f523e50011262490f3bdf
POST /event?d_dil_ver=9.4&_ts=1673506774841 HTTP/1.1
Host: xero.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 481
Origin: https://www.xero.com
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.xero.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-0a4852727.edge-irl1.demdex.com 10 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=75633763490479648193773852275729538943; Max-Age=15552000; Expires=Tue, 11 Jul 2023 06:59:50 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: IPXtB1dZStc=
Content-Length: 184
Connection: keep-alive
ag.gbc.criteo.com/newidsd
178.250.6.169200 OK 347 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.169:0
File type JSON data\012- , ASCII text, with very long lines (381), with no line terminators
Hash 7741bbd1cd934b13de836b6bda504b1d
5fb1e044efc47b7f72b28f3dfa7e7a6887f51519
1f8ab3243bfdeeebe500e23de4a2458af407a5e966b7bc7355883034366f3003
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 06:59:50 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 123323
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 40c97cd4702792e23be8682b91ddec78
c7a949721b7f8e6ed343d878e17845643aea6183
058ddc8a43fc9b1f902b7a2ef921684937814cef1e28a560684665fc9e1d6128
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gem.gbc.criteo.com/newidsd
185.235.84.192200 OK 328 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.192:0
File type JSON data\012- , ASCII text, with very long lines (366), with no line terminators
Hash 08b207c21739ba4e8399e8388a249988
dbaa80cde749f4d140d54a707174a697f9e5aa16
411cfdaaa4dbd6062ae733b204260d5a08d5c784673fd11fbe04924d252d0f89
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 06:59:50 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 72997
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.xero.com/iR3GaEPgk/eG4jRQNGQ/iNrYSfp2r7ua/E0B3bzkhJAE/Yl8gfCk/wE14
104.110.12.226201 Created 18 B URL HTTP/2 www.xero.com/iR3GaEPgk/eG4jRQNGQ/iNrYSfp2r7ua/E0B3bzkhJAE/Yl8gfCk/wE14
IP 104.110.12.226:0
File type JSON data\012- , ASCII text
Hash 78b25f4f8b72d4f5826b1d665a46de1d
2703ab1d8a2b3ff3c63a72c2ef50ff1b49ca45c8
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
POST /iR3GaEPgk/eG4jRQNGQ/iNrYSfp2r7ua/E0B3bzkhJAE/Yl8gfCk/wE14 HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5NjIwMTciLCJhcCI6IjEwMjMzODUxNjAiLCJpZCI6IjdmOTVkNjZjYWQyOTY4NjIiLCJ0ciI6IjdlY2I3NmZjMDQxNGU1Yzc3YjkxMDZkYmQ0YWQ3ZGQwIiwidGkiOjE2NzM1MDY3NzU0ODQsInRrIjoiMjk5MDE4NyJ9fQ==
traceparent: 00-7ecb76fc0414e5c77b9106dbd4ad7dd0-7f95d66cad296862-01
tracestate: 2990187@nr=0-1-1962017-1023385160-7f95d66cad296862----1673506775484
Content-Type: text/plain;charset=UTF-8
Content-Length: 3518
Origin: https://www.xero.com
Connection: keep-alive
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Cookie: _abck=0B3172FD68CCE21DD96DAEFAEFCF4FE5~0~YAAQr00kF5FqTBqFAQAA3BfHpAnM/3sojsCESJjS8XNtqDEb5ED3BSQ4vjocexOKEJtQSiIxQcA6pVIy3wRGGVI8Pf7m3uC+hXi0XufnMNR/z3lZpNVfZZkdHWUmflStns/1Pt10tpG/GkGNXbI6XQQ2osrsq/VW7qE4qNAkdRs8KLBvLUJPGJWOWC7kSsnsyEtRcrlUU4wPStg87vtLRehno83FudM7rNvjan43POpYzsfClWgFTdsOn7OeAiJ3wMmjJm7mNIPN5TqzMOaHeKbgQHsMCmDdbcJYNNrZo8ja1FogP8DvQxMhUAiAmXe+19fZ3Guv9iw4se1SPJg7S+PDLVXOVut/f5z75JkoRonR+oT9DjAWrGs1OUgRO3qCErXVYkr5p29jpITkckBqjUJh1nG9y6A=~-1~||1-GZBEaXOFYa-1-10-1000-2||~-1; bm_sz=9F670F96CFA14EAE1E301C71FAF0DD59~YAAQr00kF2ZqTBqFAQAAWRLHpBKTbEC50okz61ed5+osAkNloBn7mMpq38lECVt3gmS2iUY4fIHyzak+VYYYJGQjYpLAYHeDy1O4U4wrqA/NudPE3RE2wBpZN0bST/UftaXMZI+c9b+AR7QsWWs6ZcFn9L9GYp04rlw1F51ynx5+3a798UV/3biZDkqM89KWNPK3HydMu+o/aa7IU1dm+XD5AO8rthx7Uhg+NqbV8TcO97LvPWWfhP+BfUBO79z4b6HryUcdCCIOykHCtq0R/GxA1bXq1HJTNFNXECjXppVj~3553604~3420472; _gcl_au=1.1.802873212.1673506774; AMCV_C593280E560020957F000101%40AdobeOrg=870038026%7CMCIDTS%7C19370%7CvVersion%7C5.0.0; _rdt_uuid=1673506774980.d3e4bc57-b4de-4f0d-bbfd-06bfad8b9245; _aw_m_20923=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5; reimagined=1; _ga_Q622B96ZEQ=GS1.1.1673506775.1.0.1673506775.60.0.0; _ga=GA1.1.1090314769.1673506775; _uetsid=ac3dd3b0924611ed97788ba41471c28c; _uetvid=ac3e14b0924611ed90ea95f6434fc846; ak_bmsc=883477717E23467D06769D5F307D9FE6~000000000000000000000000000000~YAAQr00kF7xqTBqFAQAAxhvHpBLyBybY9SHu5Q8jZG5Vle1leJ2KkkyYnHD+IDiBM/bgVJTppVSSsEOLFk9WE9VJYTGcNl2ZNrnsvPRNmatE5hsN3Mlbafx0IizDpk8dhtYTVEByBaKo5mKhQFRNYhQIu+NMuM9TentwOSkfVuW8MJD4U7zf1E/pOoQWIR7AQfzPIBVCUPpXRkqSYTMXRVsmAR1nJxZ3PYvHkuQ3QRZAaVKLd/hXQOEa/cUagWwMe1JMk8Qyos4jc2P+d+ot86Aky72ZVbkRGdBonWSt092UCS67X6J9xt7FRPnT8fwKA62AaT4LSqnQMemdABzWYhjihkMtHApE3f6O9IkD4eN1KrKXXBL/Ju4CjOgN0R3jfKKiy3lbJA==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 201 Created
content-length: 18
x_req_id: 6cc43eef-e7c9-47e0-b211-4b4ad29b1410
date: Thu, 12 Jan 2023 06:59:50 GMT
content-type: application/json
vary: Origin
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
server-timing: edge; dur=5, origin; dur=430, cdn-cache; desc=MISS
access-control-allow-origin: https://www.xero.com, *
akamai-grn: 0.af4d2417.1673506790.1ef7026b
link: <https://www.xero.com/_sec/cp_challenge/sec-3-8.css>; rel=preload; as=style, <https://www.xero.com/_sec/cp_challenge/sec-cpt-3-8.js>; rel=preload; as=script, <https://www.xero.com/iR3GaEPgk/eG4jRQNGQ/iNrYSfp2r7ua/E0B3bzkhJAE/Yl8gfCk/wE14>; rel=preload; as=script
set-cookie: _abck=0B3172FD68CCE21DD96DAEFAEFCF4FE5~0~YAAQr00kF9BqTBqFAQAAqR3HpAkyV7zTam3M7HyTM47YD1TEL/8WQxLqGlxuuz5IYmIdttYvfdCLSKbMzp14CSzWNZ/oWLt6pi9vdChQrteNfWtC091zJGHjikRGZ3/5D+gYcDIkpcIGKSNXFPnxy/YZp4G3V6gCQ9h9fNVE3zS7jHxX6r7+8ocrG9lgJ4Bxjgh0Q6vhxSH/kk301DgQPVBD8aZcDMNJFeB+2qDTSlkuYupa9cuCt62KsLpAnLizpLA0zb0Y/cpHhMFckMyvU8+2pT2zAQBlSiJD8kHjqEO7Jp+oT+Wdu33DrXXgqkzyX9tFyS/eC8JVWrB55hxnc0/wPRDAvrAi8+SXB4u2hiqhHYaPDKBxD9Z6w6kPHhG2U10cN5mAf5CENXNKVhMNDAnnJzQrzJ0=~-1~||-1||~-1; Domain=.xero.com; Path=/; Expires=Fri, 12 Jan 2024 06:59:50 GMT; Max-Age=31536000; Secure
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-Q622B96ZEQ>m=2oe1a1&_p=122773301&_gaz=1&cid=1090314769.1673506775&ul=en-us&sr=1280x1024&_s=1&dl=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&sid=1673506775&sct=1&seg=0&dr=https%3A%2F%2Flkbx.me%2F&dt=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&en=page_view&_fv=1&_nsi=1&_ss=1&ep.site_version=reimagined&ep.site_country_code=uk&up.xid=94474ae8-dba6-4147-885e-64043e30e5ba
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-Q622B96ZEQ>m=2oe1a1&_p=122773301&_gaz=1&cid=1090314769.1673506775&ul=en-us&sr=1280x1024&_s=1&dl=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&sid=1673506775&sct=1&seg=0&dr=https%3A%2F%2Flkbx.me%2F&dt=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&en=page_view&_fv=1&_nsi=1&_ss=1&ep.site_version=reimagined&ep.site_country_code=uk&up.xid=94474ae8-dba6-4147-885e-64043e30e5ba
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-Q622B96ZEQ>m=2oe1a1&_p=122773301&_gaz=1&cid=1090314769.1673506775&ul=en-us&sr=1280x1024&_s=1&dl=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&sid=1673506775&sct=1&seg=0&dr=https%3A%2F%2Flkbx.me%2F&dt=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&en=page_view&_fv=1&_nsi=1&_ss=1&ep.site_version=reimagined&ep.site_country_code=uk&up.xid=94474ae8-dba6-4147-885e-64043e30e5ba HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xero.com
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.xero.com
date: Thu, 12 Jan 2023 06:59:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=4009585&tm=gtm002&Ver=2&mid=5d6c1ed4-5c85-4912-ba4f-062c3f1d3c9b&sid=ac3dd3b0924611ed97788ba41471c28c&vid=ac3e14b0924611ed90ea95f6434fc846&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&p=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&r=https%3A%2F%2Flkbx.me%2F<=3532&evt=pageLoad&sv=1&rn=55735
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=4009585&tm=gtm002&Ver=2&mid=5d6c1ed4-5c85-4912-ba4f-062c3f1d3c9b&sid=ac3dd3b0924611ed97788ba41471c28c&vid=ac3e14b0924611ed90ea95f6434fc846&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&p=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&r=https%3A%2F%2Flkbx.me%2F<=3532&evt=pageLoad&sv=1&rn=55735
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=4009585&tm=gtm002&Ver=2&mid=5d6c1ed4-5c85-4912-ba4f-062c3f1d3c9b&sid=ac3dd3b0924611ed97788ba41471c28c&vid=ac3e14b0924611ed90ea95f6434fc846&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&p=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&r=https%3A%2F%2Flkbx.me%2F<=3532&evt=pageLoad&sv=1&rn=55735 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0953FB36C58366100C7BE9A1C4766708; domain=.bing.com; expires=Tue, 06-Feb-2024 06:59:50 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3D1478F3EDFE4EFB96A24E95E22D6799 Ref B: OSL30EDGE0511 Ref C: 2023-01-12T06:59:50Z
date: Thu, 12 Jan 2023 06:59:50 GMT
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 12 Jan 2023 06:41:08 GMT
expires: Thu, 12 Jan 2023 08:41:08 GMT
cache-control: public, max-age=7200
age: 1123
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash d9e314ca3e8b5b3f0d94c5d7aa85fc1b
d8e16c1cecf82ef607c2974c77847d9e9f32c70a
1e79bb936b6bb2014040dc66afd33d13a70a3e84e6f11c49df8c11edf30f4473
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6309
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:51 GMT
Last-Modified: Thu, 12 Jan 2023 05:14:42 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 312
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 41e24a0cfd139513105cdf694b82da27
34be64d972fe555b75ab895175b3b0619253f06a
9a5c64fef0280bbbdb7fd9bed8f304dbc5f4a0fbd018b80e6ae8ad8893a7ca74
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/4009585.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/4009585.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/4009585.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=227B76CE932D63BD3C25645992D86260; domain=.bing.com; expires=Tue, 06-Feb-2024 06:59:50 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 18B56884FDF34706995032D02CABAE28 Ref B: OSL30EDGE0511 Ref C: 2023-01-12T06:59:50Z
date: Thu, 12 Jan 2023 06:59:50 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 41e24a0cfd139513105cdf694b82da27
34be64d972fe555b75ab895175b3b0619253f06a
9a5c64fef0280bbbdb7fd9bed8f304dbc5f4a0fbd018b80e6ae8ad8893a7ca74
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ib.adnxs.com/pixie?e=LandingPage&pi=a8c07fef-3f0b-43ec-b0fb-3e4bc99c03b5&it=1673506774992&v=0.0.20&u=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&r=https%3A%2F%2Flkbx.me%2F&st=1673506774991&et=1673506774992&if=0
185.89.210.141200 OK 42 B URL HTTP/1.1 ib.adnxs.com/pixie?e=LandingPage&pi=a8c07fef-3f0b-43ec-b0fb-3e4bc99c03b5&it=1673506774992&v=0.0.20&u=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&r=https%3A%2F%2Flkbx.me%2F&st=1673506774991&et=1673506774992&if=0
IP 185.89.210.141:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixie?e=LandingPage&pi=a8c07fef-3f0b-43ec-b0fb-3e4bc99c03b5&it=1673506774992&v=0.0.20&u=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&r=https%3A%2F%2Flkbx.me%2F&st=1673506774991&et=1673506774992&if=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 12 Jan 2023 06:59:51 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q622B96ZEQ&cid=1090314769.1673506775>m=2oe1a1&aip=1&z=1323370265
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q622B96ZEQ&cid=1090314769.1673506775>m=2oe1a1&aip=1&z=1323370265
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q622B96ZEQ&cid=1090314769.1673506775>m=2oe1a1&aip=1&z=1323370265 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 06:59:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=206915&time=1673506774988&url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=206915&time=1673506774988&url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=206915&time=1673506774988&url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5 HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D206915%26time%3D1673506774988%26url%3Dhttps%253A%252F%252Fwww.xero.com%252Fuk%252F%253Futm_source%253Dawin%2526utm_medium%253Daffiliate%2526utm_campaign%253Duk-d-smb_Linkbux%2526awc%253D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQK3Y3UYoHTc_QAAAYWkxx6ApsX2tkUV6W398vNfnY7P9YyOB02G_UIUlBNwEjCUhQgMy9GEGuiKCQ; Max-Age=2592000; Expires=Sat, 11 Feb 2023 06:59:51 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQK7i0B5KXBBWQAAAYWkxx6A1IPZ858CW8jG2Lh45bmPWAYtZOtHXL3VlmjMR8Af7yni8qskLe0B1KaUMA_LCA; Max-Age=2592000; Expires=Sat, 11 Feb 2023 06:59:51 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&31e12470-6f04-4697-8734-3e5c0047cf2a"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 12-Jan-2024 06:59:51 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2467:u=1:x=1:i=1673506791:t=1673593191:v=2:sig=AQEZw1FbBB6B_DK11xaOBDvxN2KY4lPh"; Expires=Fri, 13 Jan 2023 06:59:51 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXyC6nO9/qxlbrF4gYtzA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 0A4190D602B447498AFE52220DA658F8 Ref B: OSL30EDGE0309 Ref C: 2023-01-12T06:59:50Z
date: Thu, 12 Jan 2023 06:59:51 GMT
content-length: 0
X-Firefox-Spdy: h2
lkbx.me/rN0N?uid=wuabq6a67nnk6erl2s72o8fc
47.89.248.255200 OK 567 B URL HTTP/2 lkbx.me/rN0N?uid=wuabq6a67nnk6erl2s72o8fc
IP 47.89.248.255:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62dab7ac8a377d9129ef30deb56c52b0
4aef3801096b1ccf4661a3dc9ca9f2b9488ba4c2
bf50846cc87176d3e804a3dfd267d93b2ed86d61a98a935e9b8bd99c4cc5a5e6
Analyzer Verdict Alert fortinet Phishing
GET /rN0N?uid=wuabq6a67nnk6erl2s72o8fc HTTP/1.1
Host: lkbx.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 06:59:44 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: discuz_2132_saltkey=VCOA9aN6; expires=Sat, 11-Feb-2023 06:59:44 GMT; Max-Age=2592000; path=/; secure; httponly
discuz_2132_lang=en; path=/; secure
discuz_2132_lang=en; path=/; secure
content-encoding: gzip
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=122773301&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&dr=https%3A%2F%2Flkbx.me%2F&ul=en-us&de=UTF-8&dt=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&sd=24-bit&sr=1280x1024&vp=1140x836&je=0&_u=YADAAEABAAAAACgEK~&jid=824208101&gjid=1405497797&cid=1090314769.1673506775&tid=UA-3776042-30&_gid=1782670516.1673506776&_r=1>m=2wg1a1M5JB2B5&cd18=uk&cd23=1&cd24=Free%20Trial&cd28=none%20selected&cd7=1090314769.1673506775&z=772654431
142.250.74.110200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=122773301&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&dr=https%3A%2F%2Flkbx.me%2F&ul=en-us&de=UTF-8&dt=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&sd=24-bit&sr=1280x1024&vp=1140x836&je=0&_u=YADAAEABAAAAACgEK~&jid=824208101&gjid=1405497797&cid=1090314769.1673506775&tid=UA-3776042-30&_gid=1782670516.1673506776&_r=1>m=2wg1a1M5JB2B5&cd18=uk&cd23=1&cd24=Free%20Trial&cd28=none%20selected&cd7=1090314769.1673506775&z=772654431
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j98&a=122773301&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&dr=https%3A%2F%2Flkbx.me%2F&ul=en-us&de=UTF-8&dt=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&sd=24-bit&sr=1280x1024&vp=1140x836&je=0&_u=YADAAEABAAAAACgEK~&jid=824208101&gjid=1405497797&cid=1090314769.1673506775&tid=UA-3776042-30&_gid=1782670516.1673506776&_r=1>m=2wg1a1M5JB2B5&cd18=uk&cd23=1&cd24=Free%20Trial&cd28=none%20selected&cd7=1090314769.1673506775&z=772654431 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.xero.com
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.xero.com
date: Thu, 12 Jan 2023 06:59:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1673506774982&id=t2_ewwvmnuh&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=d3e4bc57-b4de-4f0d-bbfd-06bfad8b9245&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
151.101.193.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1673506774982&id=t2_ewwvmnuh&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=d3e4bc57-b4de-4f0d-bbfd-06bfad8b9245&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
IP 151.101.193.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1673506774982&id=t2_ewwvmnuh&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=d3e4bc57-b4de-4f0d-bbfd-06bfad8b9245&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Thu, 12 Jan 2023 06:59:51 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1673506774980&id=t2_ewwvmnuh&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=d3e4bc57-b4de-4f0d-bbfd-06bfad8b9245&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
151.101.193.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1673506774980&id=t2_ewwvmnuh&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=d3e4bc57-b4de-4f0d-bbfd-06bfad8b9245&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8
IP 151.101.193.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1673506774980&id=t2_ewwvmnuh&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=d3e4bc57-b4de-4f0d-bbfd-06bfad8b9245&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_1967aea8 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Thu, 12 Jan 2023 06:59:51 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.7 kB IP 192.124.249.23:0
Hash 1d61bbb42a2ae020722d0095504ca2cf
47a273ae001bfdc3d251699deb18d0456fd50645
d381b8161832664c513db459795d739a1220d75939db055d3e5affccb303658f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 68
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 12 Jan 2023 06:59:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1731
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 11 Jan 2023 23:29:48 GMT
Expires: Thu, 12 Jan 2023 23:29:48 GMT
ETag: "47a273ae001bfdc3d251699deb18d0456fd50645"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 18c08c488545f7d41fe9b7596d60aa46
144ba45d024aa11cf25b7f425a42904a4df28cb7
cf9eb1468ab9e13d46b8014da2b2609e8eabc8a8229b42560075cbb6425b49e0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6467
Cache-Control: max-age=131109
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:51 GMT
Etag: "63bef3c9-1d7"
Expires: Fri, 13 Jan 2023 19:25:00 GMT
Last-Modified: Wed, 11 Jan 2023 17:37:13 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 49d15953bb681c501a580cec9354b714
8434b3b1ea0a933e0ee6ee38d864fdd93cec679c
69e8e3b6b66a903f7e1b82ad00a1076dc0db910c3c438e35f104f40063ecbd6a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 12 Jan 2023 06:59:51 GMT
Last-Modified: Thu, 12 Jan 2023 05:36:02 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4eMFid3ocz0It-o1QeQGHxh8m2SpTpeApaMMMUjPFh1zX8bF_6brBg==
Age: 5029
sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2012%20Jan%202023%2006%3A59%3A35%20GMT&n=0&b=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&.yp=10175613&f=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&e=https%3A%2F%2Flkbx.me%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2012%20Jan%202023%2006%3A59%3A35%20GMT&n=0&b=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&.yp=10175613&f=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&e=https%3A%2F%2Flkbx.me%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Thu%2C%2012%20Jan%202023%2006%3A59%3A35%20GMT&n=0&b=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&.yp=10175613&f=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&e=https%3A%2F%2Flkbx.me%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 06:59:51 GMT
expires: Thu, 12 Jan 2023 06:59:51 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBOevv2MCEDj8Wu6Qmt4Fm0CMJhn3zpcFEgEBAQEBwWPJYwAAAAAA_eMAAA&S=AQAAAl9vz5ZzCMUokwCMU8bJkdk; Expires=Fri, 12 Jan 2024 12:59:51 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
the.sciencebehindecommerce.com/d9core
52.49.81.2200 11 kB URL HTTP/1.1 the.sciencebehindecommerce.com/d9core
IP 52.49.81.2:0
File type ASCII text, with very long lines (10825), with no line terminators
Hash f34bb87f345e9d26cc7455a6d7fdfcae
0bfbda90cd8351557a6cc06c8cd8fbfe919f51f9
3c8a0a8cd01d73e42c1336f002355b51e4cd0c432df86a14843a5983d061cdab
GET /d9core HTTP/1.1
Host: the.sciencebehindecommerce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,SERVER
Access-Control-Allow-Origin: the.sciencebehindecommerce.com
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=172800
Content-Type: application/javascript;charset=utf-8
Date: Thu, 12 Jan 2023 06:59:50 GMT
ETag: 5bc31bf7d4a298e1bef9d35fce222bfc
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Server: Apache/2.4.52 () OpenSSL/1.0.2k-fips
Content-Length: 10825
Connection: keep-alive
xerolimited.tt.omtrdc.net/rest/v1/delivery?client=xerolimited&version=2.3.1&sessionId=f5df91ee-3e74-45a8-9887-076239d7e504
52.50.213.80200 OK 0 B URL HTTP/2 xerolimited.tt.omtrdc.net/rest/v1/delivery?client=xerolimited&version=2.3.1&sessionId=f5df91ee-3e74-45a8-9887-076239d7e504
IP 52.50.213.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /rest/v1/delivery?client=xerolimited&version=2.3.1&sessionId=f5df91ee-3e74-45a8-9887-076239d7e504 HTTP/1.1
Host: xerolimited.tt.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cache-control,pragma
Referer: https://www.xero.com/
Origin: https://www.xero.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 06:59:51 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.xero.com
access-control-allow-methods: POST
access-control-allow-headers: cache-control, pragma
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
X-Firefox-Spdy: h2
cm.everesttech.net/cm/dd?d_uuid=75633763490479648193773852275729538943
54.229.62.148302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=75633763490479648193773852275729538943
IP 54.229.62.148:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=75633763490479648193773852275729538943 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Thu, 12 Jan 2023 06:59:51 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y7_v5wAAAL_dcQNe; Domain=.everesttech.net; Expires=Fri, 12-Jan-2024 06:59:51 GMT; Path=/
everest_session_v2="Y7@v5wAAAL@ddANe"; Version=1; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y7_v5wAAAL_dcQNe
Server: AMO-cookiemap/1.1
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=84102485-b269-42f5-90d0-51c28d8753c0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8f342ef7-1d5c-495a-9383-48692da3e394&tw_document_href=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyd4e&type=javascript&version=2.3.29
104.244.42.67200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=84102485-b269-42f5-90d0-51c28d8753c0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8f342ef7-1d5c-495a-9383-48692da3e394&tw_document_href=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyd4e&type=javascript&version=2.3.29
IP 104.244.42.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=84102485-b269-42f5-90d0-51c28d8753c0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8f342ef7-1d5c-495a-9383-48692da3e394&tw_document_href=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyd4e&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 06:59:50 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_7XpDgJ9nzy53axIu4C5JEQ=="; Max-Age=63072000; Expires=Sat, 11 Jan 2025 06:59:51 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: c43897dd04257a28
strict-transport-security: max-age=631138519
x-response-time: 105
x-connection-hash: 5804cab5dbe5dfd8bf8b485db10ce8cd06f309e4a771543d96c169c6722ff80f
X-Firefox-Spdy: h2
pixel.quantserve.com/pixel;r=1154433260;labels=_fp.event.Default;rf=0;a=p-W92Yh-Yvb160e;url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5;ref=https%3A%2F%2Flkbx.me%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1282654184-1673506774996;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230104143059;cm=;gdpr=0;d=xero.com;dst=0;et=1673506776125;tzo=0;ogl=type.website%2Csite_name.Xero%2Ctitle.Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%2Cdescription.Xero%20online%20accounting%20software%20for%20your%20business%20connects%20you%20to%20your%20bank%252C%20acc%2Curl.https%3A%2F%2Fwww%252Exero%252Ecom%2Fuk%2F%2Cimage.https%3A%2F%2Fwww%252Exero%252Ecom%2Fcontent%2Fdam%2Fxero%2Fpilot-images%2Fopengraph%2Fopengraph-xero%252Epng;ses=2a9fbc38-e8ae-4bf7-a63d-98ffeeb480f1
91.228.74.159200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1154433260;labels=_fp.event.Default;rf=0;a=p-W92Yh-Yvb160e;url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5;ref=https%3A%2F%2Flkbx.me%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1282654184-1673506774996;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230104143059;cm=;gdpr=0;d=xero.com;dst=0;et=1673506776125;tzo=0;ogl=type.website%2Csite_name.Xero%2Ctitle.Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%2Cdescription.Xero%20online%20accounting%20software%20for%20your%20business%20connects%20you%20to%20your%20bank%252C%20acc%2Curl.https%3A%2F%2Fwww%252Exero%252Ecom%2Fuk%2F%2Cimage.https%3A%2F%2Fwww%252Exero%252Ecom%2Fcontent%2Fdam%2Fxero%2Fpilot-images%2Fopengraph%2Fopengraph-xero%252Epng;ses=2a9fbc38-e8ae-4bf7-a63d-98ffeeb480f1
IP 91.228.74.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1154433260;labels=_fp.event.Default;rf=0;a=p-W92Yh-Yvb160e;url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5;ref=https%3A%2F%2Flkbx.me%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1282654184-1673506774996;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230104143059;cm=;gdpr=0;d=xero.com;dst=0;et=1673506776125;tzo=0;ogl=type.website%2Csite_name.Xero%2Ctitle.Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%2Cdescription.Xero%20online%20accounting%20software%20for%20your%20business%20connects%20you%20to%20your%20bank%252C%20acc%2Curl.https%3A%2F%2Fwww%252Exero%252Ecom%2Fuk%2F%2Cimage.https%3A%2F%2Fwww%252Exero%252Ecom%2Fcontent%2Fdam%2Fxero%2Fpilot-images%2Fopengraph%2Fopengraph-xero%252Epng;ses=2a9fbc38-e8ae-4bf7-a63d-98ffeeb480f1 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 12 Jan 2023 06:59:51 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=63bfafe7-3423a-f56d8-fb054; expires=Mon, 12-Feb-2024 06:59:51 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=303901320544451&ev=PageView&dl=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&rl=https%3A%2F%2Flkbx.me%2F&if=false&ts=1673506776207&sw=1280&sh=1024&v=2.9.91&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1673506776205.596937538&it=1673506775007&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=303901320544451&ev=PageView&dl=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&rl=https%3A%2F%2Flkbx.me%2F&if=false&ts=1673506776207&sw=1280&sh=1024&v=2.9.91&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1673506776205.596937538&it=1673506775007&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=303901320544451&ev=PageView&dl=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&rl=https%3A%2F%2Flkbx.me%2F&if=false&ts=1673506776207&sw=1280&sh=1024&v=2.9.91&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1673506776205.596937538&it=1673506775007&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Jan 2023 06:59:51 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=303901320544451&ev=Global%20-%20All%20Reimagined%20Page%20Views&dl=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&rl=https%3A%2F%2Flkbx.me%2F&if=false&ts=1673506776213&sw=1280&sh=1024&v=2.9.91&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1673506776205.596937538&it=1673506775007&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=303901320544451&ev=Global%20-%20All%20Reimagined%20Page%20Views&dl=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&rl=https%3A%2F%2Flkbx.me%2F&if=false&ts=1673506776213&sw=1280&sh=1024&v=2.9.91&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1673506776205.596937538&it=1673506775007&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=303901320544451&ev=Global%20-%20All%20Reimagined%20Page%20Views&dl=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&rl=https%3A%2F%2Flkbx.me%2F&if=false&ts=1673506776213&sw=1280&sh=1024&v=2.9.91&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1673506776205.596937538&it=1673506775007&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Jan 2023 06:59:51 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=303901320544451&ev=referrerSource&dl=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&rl=https%3A%2F%2Flkbx.me%2F&if=false&ts=1673506776210&cd[utm_source]=awin&cd[utm_medium]=affiliate&cd[utm_campaign]=uk-d-smb_Linkbux&cd[hostname]=lkbx.me&sw=1280&sh=1024&v=2.9.91&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1673506776205.596937538&it=1673506775007&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=303901320544451&ev=referrerSource&dl=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&rl=https%3A%2F%2Flkbx.me%2F&if=false&ts=1673506776210&cd[utm_source]=awin&cd[utm_medium]=affiliate&cd[utm_campaign]=uk-d-smb_Linkbux&cd[hostname]=lkbx.me&sw=1280&sh=1024&v=2.9.91&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1673506776205.596937538&it=1673506775007&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=303901320544451&ev=referrerSource&dl=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&rl=https%3A%2F%2Flkbx.me%2F&if=false&ts=1673506776210&cd[utm_source]=awin&cd[utm_medium]=affiliate&cd[utm_campaign]=uk-d-smb_Linkbux&cd[hostname]=lkbx.me&sw=1280&sh=1024&v=2.9.91&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1673506776205.596937538&it=1673506775007&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Jan 2023 06:59:51 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash be9a0b9d73acc421e250cf496d8790ae
49d152da8d9fbd3ab7a72c6e9bd9551dc6b71fd2
fb4f60f4af7c925990f9e6529449cf24065ebb9666f994de53f9fa7fc1c9e009
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 12 Jan 2023 06:59:51 GMT
Last-Modified: Thu, 12 Jan 2023 05:32:38 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oDTUX8-sAll6tI79ysYgcyv0VMoKbESag6XJ6jcqLuhHpg05n7IbZw==
Age: 5233
the.sciencebehindecommerce.com/lgc
52.49.81.2200 0 B URL HTTP/1.1 the.sciencebehindecommerce.com/lgc
IP 52.49.81.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /lgc HTTP/1.1
Host: the.sciencebehindecommerce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1321
Origin: https://www.xero.com
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,POST,SERVER
Access-Control-Allow-Origin: https://www.xero.com
Date: Thu, 12 Jan 2023 06:59:50 GMT
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Server: Apache/2.4.52 () OpenSSL/1.0.2k-fips
set-cookie: _D9J=171527165dd74c6e8a016d4a452b2ccc; path=/; Max-Age=31536000; Expires=Fri, 12-Jan-2024 06:59:51 UTC; SameSite=None;Secure;Domain=sciencebehindecommerce.com
Content-Length: 0
Connection: keep-alive
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D206915%26time%3D1673506774988%26url%3Dhttps%253A%252F%252Fwww.xero.com%252Fuk%252F%253Futm_source%253Dawin%2526utm_medium%253Daffiliate%2526utm_campaign%253Duk-d-smb_Linkbux%2526awc%253D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D206915%26time%3D1673506774988%26url%3Dhttps%253A%252F%252Fwww.xero.com%252Fuk%252F%253Futm_source%253Dawin%2526utm_medium%253Daffiliate%2526utm_campaign%253Duk-d-smb_Linkbux%2526awc%253D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D206915%26time%3D1673506774988%26url%3Dhttps%253A%252F%252Fwww.xero.com%252Fuk%252F%253Futm_source%253Dawin%2526utm_medium%253Daffiliate%2526utm_campaign%253Duk-d-smb_Linkbux%2526awc%253D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.xero.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=206915&time=1673506774988&url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&fbb831e7-08b7-4463-8ba5-0b3c9e5afc0a"; Domain=.linkedin.com; Expires=Fri, 12-Jan-2024 06:59:51 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&202301120659519f6986f1-aba2-488c-87fd-07fb280e6c0aAQG_uZ3cLPiDfQy1bRuGD97eENo7sYnj"; Domain=.www.linkedin.com; Expires=Fri, 12-Jan-2024 06:59:51 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzM1MDY3OTE7MjswMjGTPvEstEpmZWoRbTjhLfcPRsH/nrIrXS3l9vJWwiarlA==; Domain=.linkedin.com; Expires=Tue, 11 Jul 2023 06:59:51 GMT; Path=/; Secure; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2467:u=1:x=1:i=1673506791:t=1673593191:v=2:sig=AQEZw1FbBB6B_DK11xaOBDvxN2KY4lPh"; Expires=Fri, 13 Jan 2023 06:59:51 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXyC6nSeVjxamJ1TTql2Q==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B7F0921EEED243ACA8EC302DEB43EF41 Ref B: OSL30EDGE0309 Ref C: 2023-01-12T06:59:51Z
date: Thu, 12 Jan 2023 06:59:51 GMT
content-length: 0
X-Firefox-Spdy: h2
api.company-target.com/api/v2/ip.json?referrer=https%3A%2F%2Flkbx.me%2F&page=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&page_title=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK
54.230.111.40200 OK 717 B URL HTTP/2 api.company-target.com/api/v2/ip.json?referrer=https%3A%2F%2Flkbx.me%2F&page=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&page_title=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK
IP 54.230.111.40:0
File type JSON data\012- , ASCII text, with very long lines (3669), with no line terminators
Hash d796aa7d447734f5a67476afa7811d36
97b5abc7729af653d734d72f3a2bdc8fc75881ed
1d9e554f5111d090eac66e42fd9421d564458b80f03e84b0cf7e15d48ae0a49b
POST /api/v2/ip.json?referrer=https%3A%2F%2Flkbx.me%2F&page=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&page_title=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK HTTP/1.1
Host: api.company-target.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 63
Origin: https://www.xero.com
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json;charset=utf-8
date: Thu, 12 Jan 2023 06:59:51 GMT
server: nginx
access-control-allow-origin: https://www.xero.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
identification-source: CENTRAL
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Wed, 11 Jan 2023 06:59:51 GMT
vary: Accept-Encoding, Origin
content-encoding: gzip
request-id: f57106da-e66b-4573-aa4e-7bfb81010ff2
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sGpTipt2VcoT1vulq22H9Htij4FIrUcL7uBN9_MTTYvH0D7dVLgA8w==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash c050fe2ce0f66482d0903e07dcf984b3
458356c623de93b24ae03602ae524b6f2c443fc1
bf2d39b98ebeb36671f62a834d3a7bd620fb0b16c928d7c7c3da7f3e0a92f842
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 12 Jan 2023 06:59:51 GMT
Last-Modified: Thu, 12 Jan 2023 05:28:20 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gmnFZqoWLEIsxiB4KDwDCN8EvlhQkXVtf6w_RW0cIDlr_PoO09PsKQ==
Age: 5491
match.prod.bidr.io/cookie-sync/demandbase
54.76.69.248303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/demandbase
IP 54.76.69.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/demandbase HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Thu, 12 Jan 2023 06:59:51 GMT
location: https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Thu, 12 Jan 2023 07:09:51 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash bd1827f425fa89be7c21b7af7240f77d
bf037796abdb0f85a5c994b149b725e899da356d
c13e6fc9bde6243a03616255880ee3c42a13052eb8df12dc9693e1d4f7b7913c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 06:59:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 11 Jan 2023 13:42:57 GMT
Expires: Wed, 18 Jan 2023 13:42:56 GMT
Etag: "bf037796abdb0f85a5c994b149b725e899da356d"
Cache-Control: max-age=541984,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78840305a9120b65-OSL
px.ads.linkedin.com/collect?v=2&fmt=js&pid=206915&time=1673506774988&url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=206915&time=1673506774988&url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=206915&time=1673506774988&url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.xero.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&0da0e103-37f5-495f-886b-d0ba3a881b62"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 12-Jan-2024 06:59:51 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2444:u=1:x=1:i=1673506791:t=1673593191:v=2:sig=AQHrTiP_58T4F_MyMuEKGB6Lb1_UqK5j"; Expires=Fri, 13 Jan 2023 06:59:51 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXyC6nVByNsppNHlTeaPw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: ECC2FEBE325E431F81C7E9A1DF808C41 Ref B: OSL30EDGE0309 Ref C: 2023-01-12T06:59:51Z
date: Thu, 12 Jan 2023 06:59:51 GMT
content-length: 0
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/sa.css
44.209.218.223200 OK 27 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.css
IP 44.209.218.223:0
Hash 83f5ba33314db5f218488a5a51da1455
87a21689afa235c4c65437334085be4bf5cca170
3f100e5e6ff270dadb43b44878f0118a2389dee0d844acc102b5179d70a824dc
GET /sa.css HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: text/css
Date: Thu, 12 Jan 2023 06:59:51 GMT
Content-Length: 27
Connection: keep-alive
id.rlcdn.com/464526.gif
35.244.174.68451 Unavailable For Legal Reasons 0 B IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /464526.gif HTTP/1.1
Host: id.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 451 Unavailable For Legal Reasons
date: Thu, 12 Jan 2023 06:59:51 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.xero.com/api/events/v1/
104.110.12.226202 Accepted 0 B URL HTTP/2 www.xero.com/api/events/v1/
IP 104.110.12.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/events/v1/ HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
content-type: text/plain
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5NjIwMTciLCJhcCI6IjEwMjMzODUxNjAiLCJpZCI6ImM3YmU3OGJhN2M0YmJkNDEiLCJ0ciI6IjQ0NzQ5MzgwZTk0NTcxZTYxZmQ0YWY3MTBkZmYwZjIwIiwidGkiOjE2NzM1MDY3NzY0NjcsInRrIjoiMjk5MDE4NyJ9fQ==
traceparent: 00-44749380e94571e61fd4af710dff0f20-c7be78ba7c4bbd41-01
tracestate: 2990187@nr=0-1-1962017-1023385160-c7be78ba7c4bbd41----1673506776467
Origin: https://www.xero.com
Content-Length: 472
Connection: keep-alive
Cookie: _abck=0B3172FD68CCE21DD96DAEFAEFCF4FE5~0~YAAQr00kF9BqTBqFAQAAqR3HpAkyV7zTam3M7HyTM47YD1TEL/8WQxLqGlxuuz5IYmIdttYvfdCLSKbMzp14CSzWNZ/oWLt6pi9vdChQrteNfWtC091zJGHjikRGZ3/5D+gYcDIkpcIGKSNXFPnxy/YZp4G3V6gCQ9h9fNVE3zS7jHxX6r7+8ocrG9lgJ4Bxjgh0Q6vhxSH/kk301DgQPVBD8aZcDMNJFeB+2qDTSlkuYupa9cuCt62KsLpAnLizpLA0zb0Y/cpHhMFckMyvU8+2pT2zAQBlSiJD8kHjqEO7Jp+oT+Wdu33DrXXgqkzyX9tFyS/eC8JVWrB55hxnc0/wPRDAvrAi8+SXB4u2hiqhHYaPDKBxD9Z6w6kPHhG2U10cN5mAf5CENXNKVhMNDAnnJzQrzJ0=~-1~||-1||~-1; bm_sz=9F670F96CFA14EAE1E301C71FAF0DD59~YAAQr00kF2ZqTBqFAQAAWRLHpBKTbEC50okz61ed5+osAkNloBn7mMpq38lECVt3gmS2iUY4fIHyzak+VYYYJGQjYpLAYHeDy1O4U4wrqA/NudPE3RE2wBpZN0bST/UftaXMZI+c9b+AR7QsWWs6ZcFn9L9GYp04rlw1F51ynx5+3a798UV/3biZDkqM89KWNPK3HydMu+o/aa7IU1dm+XD5AO8rthx7Uhg+NqbV8TcO97LvPWWfhP+BfUBO79z4b6HryUcdCCIOykHCtq0R/GxA1bXq1HJTNFNXECjXppVj~3553604~3420472; _gcl_au=1.1.802873212.1673506774; AMCV_C593280E560020957F000101%40AdobeOrg=870038026%7CMCIDTS%7C19370%7CMCMID%7C75641054101649888373769778809705742409%7CMCAAMLH-1674111575%7C6%7CMCAAMB-1674111575%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-1748500309%7CMCOPTOUT-1673513975s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.0.0; _rdt_uuid=1673506774980.d3e4bc57-b4de-4f0d-bbfd-06bfad8b9245; _aw_m_20923=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5; reimagined=1; _ga_Q622B96ZEQ=GS1.1.1673506775.1.0.1673506775.60.0.0; _ga=GA1.2.1090314769.1673506775; _uetsid=ac3dd3b0924611ed97788ba41471c28c; _uetvid=ac3e14b0924611ed90ea95f6434fc846; ak_bmsc=883477717E23467D06769D5F307D9FE6~000000000000000000000000000000~YAAQr00kF7xqTBqFAQAAxhvHpBLyBybY9SHu5Q8jZG5Vle1leJ2KkkyYnHD+IDiBM/bgVJTppVSSsEOLFk9WE9VJYTGcNl2ZNrnsvPRNmatE5hsN3Mlbafx0IizDpk8dhtYTVEByBaKo5mKhQFRNYhQIu+NMuM9TentwOSkfVuW8MJD4U7zf1E/pOoQWIR7AQfzPIBVCUPpXRkqSYTMXRVsmAR1nJxZ3PYvHkuQ3QRZAaVKLd/hXQOEa/cUagWwMe1JMk8Qyos4jc2P+d+ot86Aky72ZVbkRGdBonWSt092UCS67X6J9xt7FRPnT8fwKA62AaT4LSqnQMemdABzWYhjihkMtHApE3f6O9IkD4eN1KrKXXBL/Ju4CjOgN0R3jfKKiy3lbJA==; AMCVS_C593280E560020957F000101%40AdobeOrg=1; ln_or=eyIyMDY5MTUiOiJkIn0%3D; aam_xero=seg%3D22283268; aam_pilot=seg%3D21533205%2Cseg%3D21533231%2C%3D21689188; aam_uuid=75633763490479648193773852275729538943; cto_bundle=nJBrjF9TeHB4RGtxUEFHNThaejhJcHMzQTI3WUF0NkhRJTJGa25wdGFMNTduN2JBTSUyQk1FMUpaNmMxTmVnUGV6TTBXTElmOG5OYXVEYVZ6Q0Z1bjJxbUh0S2t3enI2cWtacXAwWVVFaVI2WFlWTlNuMmtWMWJrRndxUyUyQnNPQUc2YTdDaWklMkJu; _gid=GA1.2.1782670516.1673506776; _gat_UA-3776042-30=1; _fbp=fb.1.1673506776205.596937538; __qca=P0-1282654184-1673506774996
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 202 Accepted
content-type: application/json
content-length: 0
x-amzn-requestid: 672f2b86-5536-430e-ae77-c98225b000f8
x-amz-apigw-id: enhsNFpoIAMF8yA=
x-amzn-trace-id: Root=1-63bfafe7-4474754c03fc27196dda03ac
x-amz-cf-pop: ORD58-P7
x-amz-cf-id: kjBwBFKtohM0NGZcA2cEk_bc_ZSPvjy7fLMkui7mqW2dIDVp7Yxqlg==
cache-control: max-age=3600
expires: Thu, 12 Jan 2023 07:59:51 GMT
date: Thu, 12 Jan 2023 06:59:51 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=164, origin; dur=124
access-control-allow-origin: *
akamai-grn: 0.af4d2417.1673506791.1ef70350
link: <https://www.xero.com/_sec/cp_challenge/sec-3-8.css>; rel=preload; as=style, <https://www.xero.com/_sec/cp_challenge/sec-cpt-3-8.js>; rel=preload; as=script, <https://www.xero.com/iR3GaEPgk/eG4jRQNGQ/iNrYSfp2r7ua/E0B3bzkhJAE/Yl8gfCk/wE14>; rel=preload; as=script
set-cookie: bm_sv=873AB0749533F0F7388ED185C5243815~YAAQr00kF/RqTBqFAQAAAyHHpBII21M59G/uOAewLu1LV1sQ/gRthuKhQ6PoiYFn+8YU1ywZnxa8AtR4iXy1c+inIvSLrxxaPagtk8695z/17NBj8vv+uoE0tAKQ3pGqLsIVpulyQ2WLIF67Dwe7ReROnLi85gnW95CEsxOH2syELNROHwTI6plCKPKQ+DJUBJwUPX595KbkIYoVfEIYP4wLH0boN6VM0uxSuHvpCCDOVMAD0wLPir0rZQkwyQ==~1; Domain=.xero.com; Path=/; Expires=Thu, 12 Jan 2023 08:59:51 GMT; Max-Age=7200; Secure
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y7_v5wAAAL_dcQNe
34.251.47.116200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y7_v5wAAAL_dcQNe
IP 34.251.47.116:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y7_v5wAAAL_dcQNe HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.xero.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-08dd6474c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: BJn/7kUDSmc=
Content-Length: 59
Connection: keep-alive
match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
54.76.69.248303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
IP 54.76.69.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/demandbase?_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.xero.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Thu, 12 Jan 2023 06:59:51 GMT
location: https://segments.company-target.com/log?vendor=choca&user_id=
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash bd1827f425fa89be7c21b7af7240f77d
bf037796abdb0f85a5c994b149b725e899da356d
c13e6fc9bde6243a03616255880ee3c42a13052eb8df12dc9693e1d4f7b7913c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 06:59:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 11 Jan 2023 13:42:57 GMT
Expires: Wed, 18 Jan 2023 13:42:56 GMT
Etag: "bf037796abdb0f85a5c994b149b725e899da356d"
Cache-Control: max-age=541984,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 788403074a030b65-OSL
segments.company-target.com/log?vendor=choca&user_id=
54.230.111.90303 See Other 0 B URL HTTP/1.1 segments.company-target.com/log?vendor=choca&user_id=
IP 54.230.111.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log?vendor=choca&user_id= HTTP/1.1
Host: segments.company-target.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.xero.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Content-Length: 0
Connection: keep-alive
Date: Thu, 12 Jan 2023 06:59:51 GMT
trace-id: 0f48a6442dca6914
Vary: Origin
Location: /validateCookie?vendor=choca&user_id=&verifyHash=d366cbf82b31e9e83b3d50cc780809ce36325098
Set-Cookie: tuuid=69f1dddd-87e7-469a-94cc-09b6ae6e4e6c; Max-Age=63072000; Expires=Sat, 11 Jan 2025 06:59:51 GMT; SameSite=None; Path=/; Domain=.company-target.com; Secure; HTTPOnly
tuuid_lu=1673506791; Max-Age=63072000; Expires=Sat, 11 Jan 2025 06:59:51 GMT; SameSite=None; Path=/; Domain=.company-target.com; Secure; HTTPOnly
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WYR9dUCJct9oj9SG8KiH6bgueA67Kyq1JA5BhW9eFxGuhoPqCnI8tw==
tags.srv.stackadapt.com/saq_pxl?uid=XVsUfradtXcBUl5XS45ldg&is_js=true&landing_url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&t=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&tip=IaHCPHBRXYlKp9peFaLI2xfgjiG4dMLFBKTAO8wHfzs&host=https://www.xero.com&sa-user-id-v2=s%253A.o6W7wkJsHSTU4%252BLlDruZ%252FwNjVcUZZMvakQpSatDoAgo&sa-user-id=s%253A.o6W7wkJsHSTU4%252BLlDruZ%252FwNjVcUZZMvakQpSatDoAgo
44.209.218.223200 OK 116 B URL HTTP/1.1 tags.srv.stackadapt.com/saq_pxl?uid=XVsUfradtXcBUl5XS45ldg&is_js=true&landing_url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&t=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&tip=IaHCPHBRXYlKp9peFaLI2xfgjiG4dMLFBKTAO8wHfzs&host=https://www.xero.com&sa-user-id-v2=s%253A.o6W7wkJsHSTU4%252BLlDruZ%252FwNjVcUZZMvakQpSatDoAgo&sa-user-id=s%253A.o6W7wkJsHSTU4%252BLlDruZ%252FwNjVcUZZMvakQpSatDoAgo
IP 44.209.218.223:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9dfac332ba53300dd79d5a6f96476423
524143eea918b40e128ec00d93275251bb0ab618
58de1c15604e1d625ad854d74c6bc52d7eedc99bd77d10a968771f88c9f8301c
GET /saq_pxl?uid=XVsUfradtXcBUl5XS45ldg&is_js=true&landing_url=https%3A%2F%2Fwww.xero.com%2Fuk%2F%3Futm_source%3Dawin%26utm_medium%3Daffiliate%26utm_campaign%3Duk-d-smb_Linkbux%26awc%3D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&t=Accounting%20Software%20%E2%80%93%20Do%20Beautiful%20Business%20%7C%20Xero%20UK&tip=IaHCPHBRXYlKp9peFaLI2xfgjiG4dMLFBKTAO8wHfzs&host=https://www.xero.com&sa-user-id-v2=s%253A.o6W7wkJsHSTU4%252BLlDruZ%252FwNjVcUZZMvakQpSatDoAgo&sa-user-id=s%253A.o6W7wkJsHSTU4%252BLlDruZ%252FwNjVcUZZMvakQpSatDoAgo HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xero.com
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://www.xero.com
Content-Type: text/plain; charset=utf-8
Date: Thu, 12 Jan 2023 06:59:51 GMT
Set-Cookie: sa-user-id=s%3A0-497a07ab-47cf-45c8-5922-64e14cb25892.qXKAYGGQUREUGOASzPeunqP0cGE4zKJF1pBnlir82kc; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3ASXoHq0fPRchZImThTLJYkltaKpo.JZedLYtLbGAiR8lFh7R5qjP2uEpJ1hyIV4cSHX%2FT8EQ; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 116
Connection: keep-alive
tags.srv.stackadapt.com/sa.jpeg
44.209.218.223200 OK 651 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.jpeg
IP 44.209.218.223:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1x1, components 3\012- data
Hash f8cc552a5afb33a9d92f7d053a6692a4
2017adc21e96a713261ea5b2b75e16743e6d6762
3cf7ec27bfedb704ff6b1b18b8241aacfa4d9b55ebdaa8235a48d3883802ccb0
GET /sa.jpeg HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.xero.com/
Origin: https://www.xero.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: image/jpeg
Date: Thu, 12 Jan 2023 06:59:52 GMT
Content-Length: 651
Connection: keep-alive
segments.company-target.com/validateCookie?vendor=choca&user_id=&verifyHash=d366cbf82b31e9e83b3d50cc780809ce36325098
54.230.111.90204 No Content 0 B URL HTTP/1.1 segments.company-target.com/validateCookie?vendor=choca&user_id=&verifyHash=d366cbf82b31e9e83b3d50cc780809ce36325098
IP 54.230.111.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /validateCookie?vendor=choca&user_id=&verifyHash=d366cbf82b31e9e83b3d50cc780809ce36325098 HTTP/1.1
Host: segments.company-target.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.xero.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Connection: keep-alive
Date: Thu, 12 Jan 2023 06:59:52 GMT
trace-id: 2a9b0c3714cf82ca
Vary: Origin
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4fouINBehy7Dt_GnSbHmzB6DBMyQWER9eCOIm6F3RfmV7-y-wxBnuw==
js-agent.newrelic.com/nr-spa-1210.min.js
151.101.130.137200 OK 16 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1210.min.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (32003)
Hash 7dc43edf7b434d3ee43d7c33026b7e84
69276d47de19be73cc7479084441f333e28542cd
7d613080c1440eba0ce5f3f4327abcc5849b225746444bb2c5de2f2849a76c71
GET /nr-spa-1210.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: qVEGqI/FjBSX/aGnQeDGqTze4hmCzm5HrdMXHL3frl7niesPO+nM6fZYvia6KUygTNZhqFVFfe8=
x-amz-request-id: 0VBZCTVTFQ55DEJR
last-modified: Tue, 22 Jun 2021 22:47:08 GMT
etag: "d5eff122d09ab2c851fb1780f0287cbf"
x-amz-version-id: S2ZWAVF_bOLxH9dSP4fxyD9xCbMCwnq9
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 12 Jan 2023 06:59:52 GMT
via: 1.1 varnish
x-served-by: cache-bma1637-BMA
x-cache: HIT
x-cache-hits: 17
x-timer: S1673506792.171081,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 15563
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3ca5721f829b2d9769695a2d18e0a4b0
4bafce6869fa0fe36f6260523d2d983c58bf1631
764b01aaf50dc7c53df08e861aaf02a6b6c8e6f11fa73faf4be75924c58a8a52
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "764B01AAF50DC7C53DF08E861AAF02A6B6C8E6F11FA73FAF4BE75924C58A8A52"
Last-Modified: Wed, 11 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3044
Expires: Thu, 12 Jan 2023 07:50:36 GMT
Date: Thu, 12 Jan 2023 06:59:52 GMT
Connection: keep-alive
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 6c10e1bc1cb169a0956b3aaa429ef42b
153b13388b19bff5fa246d9414aa8e1d21e8fd1f
6e3aaf6187720fdd991b22ed027cad7a30db7ced5e1fa0e3abe9dbaee23a9218
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 12 Jan 2023 06:59:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 11 Jan 2023 23:32:50 GMT
Expires: Thu, 12 Jan 2023 23:32:50 GMT
ETag: "153b13388b19bff5fa246d9414aa8e1d21e8fd1f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
matching.ivitrack.com/sync?realm=criteo&uid=k-0EeKq_Q4F4eM_tbt80yH5tJmCE9ZJpHiTAlB4g
34.117.157.22200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-0EeKq_Q4F4eM_tbt80yH5tJmCE9ZJpHiTAlB4g
IP 34.117.157.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-0EeKq_Q4F4eM_tbt80yH5tJmCE9ZJpHiTAlB4g HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Thu, 12 Jan 2023 06:59:51 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
02179914.akstat.io/
23.38.200.138204 No Content 0 B IP 23.38.200.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 02179914.akstat.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 17601
Origin: https://www.xero.com
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://www.xero.com
x-xss-protection: 0
access-control-allow-credentials: true
timing-allow-origin: *
content-type: image/gif
expires: Thu, 12 Jan 2023 06:59:52 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 12 Jan 2023 06:59:52 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3ca5721f829b2d9769695a2d18e0a4b0
4bafce6869fa0fe36f6260523d2d983c58bf1631
764b01aaf50dc7c53df08e861aaf02a6b6c8e6f11fa73faf4be75924c58a8a52
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "764B01AAF50DC7C53DF08E861AAF02A6B6C8E6F11FA73FAF4BE75924C58A8A52"
Last-Modified: Wed, 11 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3044
Expires: Thu, 12 Jan 2023 07:50:36 GMT
Date: Thu, 12 Jan 2023 06:59:52 GMT
Connection: keep-alive
02179914.akstat.io/
23.38.200.138204 No Content 0 B IP 23.38.200.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 02179914.akstat.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1687
Origin: https://www.xero.com
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://www.xero.com
x-xss-protection: 0
access-control-allow-credentials: true
timing-allow-origin: *
content-type: image/gif
expires: Thu, 12 Jan 2023 06:59:52 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 12 Jan 2023 06:59:52 GMT
X-Firefox-Spdy: h2
tag.demandbase.com/4cdf254ff02939a3.min.js
54.230.111.54200 OK 18 kB URL HTTP/2 tag.demandbase.com/4cdf254ff02939a3.min.js
IP 54.230.111.54:0
File type ASCII text, with very long lines (31940)
Hash 0d3755159d70e1e28b7ea5ad9a712c43
bc6beb5fe3f6647fef395204d9ac031472bf281d
8fb59a82a291dbe66152cdc6b283d19b66b7f762d5766bcfe8539a11f8d8519b
GET /4cdf254ff02939a3.min.js HTTP/1.1
Host: tag.demandbase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
last-modified: Wed, 26 Oct 2022 08:56:53 GMT
x-amz-version-id: jx7mT5slWIimvSqft91E.3p3vzRXTnUs
server: AmazonS3
content-encoding: gzip
date: Thu, 12 Jan 2023 06:01:16 GMT
cache-control: public, max-age=3600
etag: W/"c7f9300710c429499af3a850c712b59c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KQpEGcM9UpLTeh2cIh3_90pkHeindvTa68GgQquw6UPf0gKqw5Dybg==
age: 3516
strict-transport-security: max-age=63072000; includeSubDomains; preload
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
178.250.0.157302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 12 Jan 2023 06:59:52 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 837410
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-K-pMavQ4F4eM_tbt80yH5tJmCE_FYSh5Z4Xn2w
23.38.200.22200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-K-pMavQ4F4eM_tbt80yH5tJmCE_FYSh5Z4Xn2w
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=crt&ovsid=k-K-pMavQ4F4eM_tbt80yH5tJmCE_FYSh5Z4Xn2w HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3165083923580290000V10; Expires=Fri, 12 Jan 2024 06:59:52 GMT; domain=.media.net; Path=/;
data-c-ts=1673506792;Expires=Sat, 11 Feb 2023 06:59:52 GMT;path=/;domain=.media.net;
data-c=k-K-pMavQ4F4eM_tbt80yH5tJmCE_FYSh5Z4Xn2w~~3;Expires=Sat, 11 Feb 2023 06:59:52 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Thu, 12 Jan 2023 06:59:52 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 12 Jan 2023 06:59:52 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0336e8d402673b0ec709576eb826d374
78d3fd732786d2474e16ac4887348f5aaec6d856
feec8b790ff33583fa14c191057e80fc9156ef297fb3c4f7e520f83d561b54bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 06:59:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
qvdt3feo.com/events.js
44.194.94.225200 OK 0 B IP 44.194.94.225:0
GET /events.js HTTP/1.1
Host: qvdt3feo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.xero.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 06:59:51 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=5
content-encoding: gzip
X-Firefox-Spdy: h2
sslwidget.criteo.com/event?a=70220&v=5.12.3&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Flkbx.me&p1=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p2=e%3Ddis&adce=1&bundle=nJBrjF9TeHB4RGtxUEFHNThaejhJcHMzQTI3WUF0NkhRJTJGa25wdGFMNTduN2JBTSUyQk1FMUpaNmMxTmVnUGV6TTBXTElmOG5OYXVEYVZ6Q0Z1bjJxbUh0S2t3enI2cWtacXAwWVVFaVI2WFlWTlNuMmtWMWJrRndxUyUyQnNPQUc2YTdDaWklMkJu&tld=xero.com&fu=https%253A%252F%252Fwww.xero.com%252Fuk%252F%253Futm_source%253Dawin%2526utm_medium%253Daffiliate%2526utm_campaign%253Duk-d-smb_Linkbux%2526awc%253D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&pu=https%253A%252F%252Flkbx.me%252F&dtycbr=47511
178.250.0.163200 OK 0 B URL HTTP/2 sslwidget.criteo.com/event?a=70220&v=5.12.3&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Flkbx.me&p1=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p2=e%3Ddis&adce=1&bundle=nJBrjF9TeHB4RGtxUEFHNThaejhJcHMzQTI3WUF0NkhRJTJGa25wdGFMNTduN2JBTSUyQk1FMUpaNmMxTmVnUGV6TTBXTElmOG5OYXVEYVZ6Q0Z1bjJxbUh0S2t3enI2cWtacXAwWVVFaVI2WFlWTlNuMmtWMWJrRndxUyUyQnNPQUc2YTdDaWklMkJu&tld=xero.com&fu=https%253A%252F%252Fwww.xero.com%252Fuk%252F%253Futm_source%253Dawin%2526utm_medium%253Daffiliate%2526utm_campaign%253Duk-d-smb_Linkbux%2526awc%253D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&pu=https%253A%252F%252Flkbx.me%252F&dtycbr=47511
IP 178.250.0.163:0
GET /event?a=70220&v=5.12.3&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Flkbx.me&p1=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p2=e%3Ddis&adce=1&bundle=nJBrjF9TeHB4RGtxUEFHNThaejhJcHMzQTI3WUF0NkhRJTJGa25wdGFMNTduN2JBTSUyQk1FMUpaNmMxTmVnUGV6TTBXTElmOG5OYXVEYVZ6Q0Z1bjJxbUh0S2t3enI2cWtacXAwWVVFaVI2WFlWTlNuMmtWMWJrRndxUyUyQnNPQUc2YTdDaWklMkJu&tld=xero.com&fu=https%253A%252F%252Fwww.xero.com%252Fuk%252F%253Futm_source%253Dawin%2526utm_medium%253Daffiliate%2526utm_campaign%253Duk-d-smb_Linkbux%2526awc%253D20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&pu=https%253A%252F%252Flkbx.me%252F&dtycbr=47511 HTTP/1.1
Host: sslwidget.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 06:59:50 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 17081940
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.159200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.159:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 06:59:49 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "WQX8ubvDGl3DCUDHzxu0sA=="
expires: Thu, 19 Jan 2023 06:59:49 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=www.xero.com&origin=onetag
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?topUrl=www.xero.com&origin=onetag
IP 178.250.0.157:0
GET /syncframe?topUrl=www.xero.com&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 06:59:50 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=9fac3aba-c070-4ebb-b6f0-38f89bf7f675; expires=Tue, 06 Feb 2024 06:59:49 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 712146
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
104.110.12.226200 OK 0 B URL HTTP/2 www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
IP 104.110.12.226:0
GET /uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5 HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lkbx.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-type: text/html;charset=utf-8
etag: "5e1f4-5f208eba6235e-gzip"
link: <https://www.xero.com/iR3GaEPgk/eG4jRQNGQ/iNrYSfp2r7ua/E0B3bzkhJAE/Yl8gfCk/wE14>; rel=preload; as=script, <https://www.xero.com/_sec/cp_challenge/sec-3-8.css>; rel=preload; as=style, <https://www.xero.com/_sec/cp_challenge/sec-cpt-3-8.js>; rel=preload; as=script
akamai-grn: 0.af4d2417.1673506785.1ef6ff07
access-control-allow-origin: *
server-timing: edge; dur=173, cdn-cache; desc=HIT
vary: Accept-Encoding
x-akamai-transformed: 9 56755 0 pmb=mTOE,3mRUM,1
x-vhost: publish
x-frame-options: SAMEORIGIN
x-dispatcher: dispatcher1uswest2
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=1046
expires: Thu, 12 Jan 2023 07:17:13 GMT
date: Thu, 12 Jan 2023 06:59:47 GMT
X-Firefox-Spdy: h2
www.xero.com/static/1670816147/js/bundle.js
104.110.12.226200 OK 0 B URL HTTP/2 www.xero.com/static/1670816147/js/bundle.js
IP 104.110.12.226:0
GET /static/1670816147/js/bundle.js HTTP/1.1
Host: www.xero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-amz-id-2: WML28D6J3rAg5m1x3+kT+ifICpt326rZ21JLt4v7RfdWYBtnPFb3wEpCGaRW/Mh1C4IHaBLG43U=
x-amz-request-id: TQXSJH0S75J5XPGP
last-modified: Mon, 12 Dec 2022 04:04:10 GMT
etag: "2ca2743422291d10269dde0e728e11fc"
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Fri, 12 Jan 2024 06:59:48 GMT
date: Thu, 12 Jan 2023 06:59:48 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=2
access-control-allow-origin: *
akamai-grn: 0.af4d2417.1673506787.1ef70066
X-Firefox-Spdy: h2
www.dwin1.com/20923.js
54.230.111.8200 OK 0 B IP 54.230.111.8:0
GET /20923.js HTTP/1.1
Host: www.dwin1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
x-amz-replication-status: COMPLETED
last-modified: Fri, 06 Jan 2023 12:03:40 GMT
x-amz-version-id: v3JRuDPMLO65IoH_XIAluMpeHsIPKj3B
server: AmazonS3
content-encoding: gzip
date: Thu, 12 Jan 2023 06:59:48 GMT
cache-control: max-age=600, s-maxage=600
etag: W/"8d84baf6b45f7ba43435f27cb78bb73b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cvQ8S2OWMUivT5-rMqOC8yl1-zm2SgjGfwmupP48X93nrpFnFvosaQ==
age: 502
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-W92Yh-Yvb160e.js
54.230.111.47200 OK 0 B URL HTTP/2 rules.quantcount.com/rules-p-W92Yh-Yvb160e.js
IP 54.230.111.47:0
GET /rules-p-W92Yh-Yvb160e.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 13 Oct 2022 15:29:21 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
date: Thu, 12 Jan 2023 06:19:00 GMT
cache-control: max-age=3600
etag: W/"6eafacfe7d21f1b942a0d5e1d14679ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VvRHFc3oSvAWv9FzEkOdX_qRSrxG1QDbXog56LNsDhEsDp3DPR33Pg==
age: 2626
X-Firefox-Spdy: h2
xerolimited.tt.omtrdc.net/rest/v1/delivery?client=xerolimited&version=2.3.1&sessionId=f5df91ee-3e74-45a8-9887-076239d7e504
52.50.213.80200 OK 0 B URL HTTP/2 xerolimited.tt.omtrdc.net/rest/v1/delivery?client=xerolimited&version=2.3.1&sessionId=f5df91ee-3e74-45a8-9887-076239d7e504
IP 52.50.213.80:0
POST /rest/v1/delivery?client=xerolimited&version=2.3.1&sessionId=f5df91ee-3e74-45a8-9887-076239d7e504 HTTP/1.1
Host: xerolimited.tt.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.xero.com/
pragma: no-cache
cache-control: no-cache
content-type: text/plain
Origin: https://www.xero.com
Content-Length: 495
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 12 Jan 2023 06:59:51 GMT
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
access-control-allow-origin: https://www.xero.com
access-control-allow-credentials: true
x-request-id: 64c3d01b5ec6af468d5e7aed70cd7966
timing-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
content-encoding: gzip
X-Firefox-Spdy: h2
widget.trustpilot.com/trustbox-data/53aa8912dec7e10d38f59f36?businessUnitId=4becd84a00006400050b6782&locale=en-NZ&reviewStars=4%2C5&reviewTagValue=product&includeReviews=true&reviewsPerPage=15
54.230.111.99200 OK 0 B URL HTTP/2 widget.trustpilot.com/trustbox-data/53aa8912dec7e10d38f59f36?businessUnitId=4becd84a00006400050b6782&locale=en-NZ&reviewStars=4%2C5&reviewTagValue=product&includeReviews=true&reviewsPerPage=15
IP 54.230.111.99:0
GET /trustbox-data/53aa8912dec7e10d38f59f36?businessUnitId=4becd84a00006400050b6782&locale=en-NZ&reviewStars=4%2C5&reviewTagValue=product&includeReviews=true&reviewsPerPage=15 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=4becd84a00006400050b6782
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: public,max-age=1800
content-encoding: gzip
date: Thu, 12 Jan 2023 06:31:23 GMT
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
etag: "1d7296bfc9f2436e14bebf2ec5f0eaa6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VOmeenq2NlsKDTVQWxlmPTDpwdvB0nfPmn6vfFPRQnNMZGgscLYL_A==
age: 1707
X-Firefox-Spdy: h2
tracking.g2crowd.com/attribution_tracking/conversions/4647.js?p=https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&e=undefined
104.18.31.73200 OK 0 B URL HTTP/2 tracking.g2crowd.com/attribution_tracking/conversions/4647.js?p=https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&e=undefined
IP 104.18.31.73:0
GET /attribution_tracking/conversions/4647.js?p=https://www.xero.com/uk/?utm_source=awin&utm_medium=affiliate&utm_campaign=uk-d-smb_Linkbux&awc=20923_1673506784_e6901f2c334e2a86eb35fca2637d2bb5&e=undefined HTTP/1.1
Host: tracking.g2crowd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 06:59:49 GMT
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
x-request-id: 5fa30545-8ae8-4548-8617-d2203ba0d3d1
x-runtime: 0.003003
strict-transport-security: max-age=604800
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-cache-status: DYNAMIC
set-cookie: _session_id=8b5da2ee1c27999ef1a3bd478fd6f38e; path=/; expires=Thu, 26 Jan 2023 06:59:49 GMT; HttpOnly; secure; SameSite=None
__cf_bm=pIsFkFjbSYBhSf7pFgDSNneb_a2vVi_ZzydyreFboCM-1673506789-0-AUj1eqQNEvl+BEpz1P+1STihBlCJHfzGaMvlNSlRsm25h9h+tH2PwrUz1FMQ3xeXBLtTD0esEeJiipm24SX8v+4=; path=/; expires=Thu, 12-Jan-23 07:29:49 GMT; domain=.g2crowd.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 788402f50dc2fabc-OSL
content-encoding: br
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=x15vIl80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQjYyOE0lMkJ3d3BsOE5OdkFESVNaczc1Y1FTYkVtQ2NPNGhXVFhVNmNJSkNH
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 12 Jan 2023 06:59:50 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=igHCn180M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQjYyOE0lMkJ3d3BsOE5OdkFESVNaczc0T1Zzd1UxJTJCaDJQSzJyNjZGdFZINEE; expires=Tue, 06 Feb 2024 06:59:50 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 377453
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2