jackbequickbooks.com/
15.197.142.173301 Moved Permanently 69 B IP 15.197.142.173:0
File type HTML document, ASCII text
Hash 0be078d929ffb595c9893b4ee4de9402
3b390ef8f862a2a5cc6004f3dba906237899be1d
33e9230c7280aea3cc106f2b1225f59765d2f6698e9644124bac956b5845d415
GET / HTTP/1.1
Host: jackbequickbooks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 30 Jan 2023 13:43:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 69
Connection: keep-alive
Location: https://www.financialf.com/support
Server: ip-100-74-2-150.eu-west-2.compute.internal
X-Request-Id: d0205d14-078a-4a3b-b138-5bf64e2a0638
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12023
Expires: Mon, 30 Jan 2023 17:03:55 GMT
Date: Mon, 30 Jan 2023 13:43:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15929
Expires: Mon, 30 Jan 2023 18:09:01 GMT
Date: Mon, 30 Jan 2023 13:43:32 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 13:35:43 GMT
content-type: application/json
age: 469
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11165
Expires: Mon, 30 Jan 2023 16:49:37 GMT
Date: Mon, 30 Jan 2023 13:43:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ThbW1n8xkb/milBYmeopjRMfaTRGdGSwQzoHkoua3T/Kjjm050JAJYNkzZCP/Mz6zu/Il62Xni2+NjkTwQrSCg==
x-amz-request-id: SVJ7M5VTJE4GQHMW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 12:50:44 GMT
age: 3168
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:43:32 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.financialf.com/support
198.49.23.145200 OK 15 kB URL HTTP/2 www.financialf.com/support
IP 198.49.23.145:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15388)
Hash b040d00444269e4a22489ecd627bc875
ecb12ae88fa5761b35a6b6293193e4bee82bceac
37b632b25fc70f011b68b42384763eb9b26a81107c4e520ed2a36a36f450ce55
GET /support HTTP/1.1
Host: www.financialf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
accept-ranges: bytes
age: 638
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Mon, 30 Jan 2023 13:32:53 GMT
etag: W/"3636a6bc16222e6adb23dcb434ad68f7--gzip"
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Squarespace
set-cookie: crumb=BVCyyhA6b7zDMzQ2ZmM5NDhhY2M4YTMyMDQ3N2MwNDIyYTYzZTZj;Path=/
strict-transport-security: max-age=0
vary: Accept-Encoding
x-content-type-options: nosniff
x-contextid: TM11ApY7/3suD2XOe
content-length: 15151
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 12:49:04 GMT
age: 3268
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 698f00d6646a025148eea00586ed98a5
282030ec7c66514647d917586a1c6462046707dc
abbbb6fedf883f3bc33af23e0cadf0dafa155c4e1fe25d8766b965fb5b91b87b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6437
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:32 GMT
Last-Modified: Mon, 30 Jan 2023 11:56:15 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10797
Expires: Mon, 30 Jan 2023 16:43:29 GMT
Date: Mon, 30 Jan 2023 13:43:32 GMT
Connection: keep-alive
assets.squarespace.com/universal/styles-compressed/commerce-42e904b2189a7c1684dd6-min.en-US.css
104.88.26.232200 OK 6.8 kB URL HTTP/1.1 assets.squarespace.com/universal/styles-compressed/commerce-42e904b2189a7c1684dd6-min.en-US.css
IP 104.88.26.232:0
File type ASCII text, with very long lines (17437), with no line terminators
Hash 5f7edc78741eba31a70f333bcf16efef
4cabcc8563f688b38691814662ef882a8fa06515
e8c91c224b3c24e55395030de9adeae5cd1b212b470232938a6af008d50d1c06
GET /universal/styles-compressed/commerce-42e904b2189a7c1684dd6-min.en-US.css HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Mon, 27 Jun 2022 22:26:20 GMT
ETag: "5f7edc78741eba31a70f333bcf16efef"
Content-Type: text/css
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Length: 6764
Server: UploadServer
Cache-Control: public, max-age=3600
Expires: Mon, 30 Jan 2023 14:43:32 GMT
Date: Mon, 30 Jan 2023 13:43:32 GMT
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
172.217.21.170200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 172.217.21.170:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 07:28:22 GMT
expires: Fri, 26 Jan 2024 07:28:22 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 368110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-5b018debf7976019a67bf-min.en-US.js
104.88.26.232200 OK 19 kB URL HTTP/1.1 assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-5b018debf7976019a67bf-min.en-US.js
IP 104.88.26.232:0
File type ASCII text, with very long lines (45105)
Hash 931f7c2c99416e9ee0ec23b0998b4385
427659387172b8d4cbacc2aebcc0ae86a2b6ac7d
9ad201613c64671e4bbe5c222b197cd18d39df94dc640bd586b4624af7450017
GET /universal/scripts-compressed/extract-css-runtime-5b018debf7976019a67bf-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.financialf.com
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Length: 18910
Server: UploadServer
Last-Modified: Fri, 27 Jan 2023 22:46:07 GMT
ETag: "931f7c2c99416e9ee0ec23b0998b4385"
Content-Type: text/javascript
Cache-Control: public, max-age=3600
Expires: Mon, 30 Jan 2023 14:43:32 GMT
Date: Mon, 30 Jan 2023 13:43:32 GMT
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-c6a38111aec507149cb3d-min.en-US.js
104.88.26.232200 OK 24 kB URL HTTP/1.1 assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-c6a38111aec507149cb3d-min.en-US.js
IP 104.88.26.232:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ed50d686d52e72628c6a3bead3317fef
3f92303562b81a10265770d4e03bbb025389395b
3e3d52e4084223b62d01144a3cb828c47df819da2d2dd704bde4673be0abb6dc
GET /universal/scripts-compressed/cldr-resource-pack-c6a38111aec507149cb3d-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.financialf.com
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 18 Jan 2023 14:53:02 GMT
ETag: "ed50d686d52e72628c6a3bead3317fef"
Content-Type: text/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Length: 24388
Server: UploadServer
Cache-Control: public, max-age=3600
Expires: Mon, 30 Jan 2023 14:43:32 GMT
Date: Mon, 30 Jan 2023 13:43:32 GMT
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
use.typekit.net/ik/DRqMvtbFknIBITu3NHzrzijRXrEBvctxTnV8q1IEjnGfeTvIfFHN4UJLFRbh52jhWD9ujQ9ajQJ3ZQsKw26UwR6ojQjhwAjtwy7HMkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0-cND-YmyOAlCjWJldhjU-PoDSWmyScmDSeBRZPoRdhXCHKoDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0dcmXOeBDOcu8OeZTdcB0jh8ydej0jhNlOeTzShyujPundeBkOANcwAq0SaBujW48Sagyjh90jhNlOeUzjhBC-eNDifUDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOYiaikoyjamTiY8Djhy8ZYmC-Ao1OcFzdPUaiaS0jAFu-WsoShFGZAsude80Zko0ZWbCiaiaOcBDOcu8OYiaikoc-AoydcFTjAUcOcFzdPUaiaS0-cND-YmyOAlCjWJldhjU-PoDSWmyScmDSeBRZPoRdhXCiaiaO1FUiABkZWF3jAF8ShFGZAsude80ZkoRdhXK2YgkdayTdAIldcNhjPG4f5J7IMMjMkMfH6qJn3IbMg6IJMJ7fbKlMsMMeMj6MKG4fJCgIMMjgkMfH6qJ7bIbMg6JJMJ7fbRRHyMMeMX6MKG4fOMgIMMj2KMfH6qJRMIbMg6sJMHbMLLsDZXe.js
95.101.11.120200 OK 6.9 kB URL HTTP/2 use.typekit.net/ik/DRqMvtbFknIBITu3NHzrzijRXrEBvctxTnV8q1IEjnGfeTvIfFHN4UJLFRbh52jhWD9ujQ9ajQJ3ZQsKw26UwR6ojQjhwAjtwy7HMkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0-cND-YmyOAlCjWJldhjU-PoDSWmyScmDSeBRZPoRdhXCHKoDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0dcmXOeBDOcu8OeZTdcB0jh8ydej0jhNlOeTzShyujPundeBkOANcwAq0SaBujW48Sagyjh90jhNlOeUzjhBC-eNDifUDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOYiaikoyjamTiY8Djhy8ZYmC-Ao1OcFzdPUaiaS0jAFu-WsoShFGZAsude80Zko0ZWbCiaiaOcBDOcu8OYiaikoc-AoydcFTjAUcOcFzdPUaiaS0-cND-YmyOAlCjWJldhjU-PoDSWmyScmDSeBRZPoRdhXCiaiaO1FUiABkZWF3jAF8ShFGZAsude80ZkoRdhXK2YgkdayTdAIldcNhjPG4f5J7IMMjMkMfH6qJn3IbMg6IJMJ7fbKlMsMMeMj6MKG4fJCgIMMjgkMfH6qJ7bIbMg6JJMJ7fbRRHyMMeMX6MKG4fOMgIMMj2KMfH6qJRMIbMg6sJMHbMLLsDZXe.js
IP 95.101.11.120:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (2489)
Hash 3f848c545355b0877e2b2dcde59d1007
c370b0ec47008aefd4e9468a19f1a798f88729e3
1c0804d05a66bb397515a62c3f888f4bb70cbd384eb51bdcf24231916dfb781c
GET /ik/DRqMvtbFknIBITu3NHzrzijRXrEBvctxTnV8q1IEjnGfeTvIfFHN4UJLFRbh52jhWD9ujQ9ajQJ3ZQsKw26UwR6ojQjhwAjtwy7HMkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0-cND-YmyOAlCjWJldhjU-PoDSWmyScmDSeBRZPoRdhXCHKoDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0dcmXOeBDOcu8OeZTdcB0jh8ydej0jhNlOeTzShyujPundeBkOANcwAq0SaBujW48Sagyjh90jhNlOeUzjhBC-eNDifUDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOYiaikoyjamTiY8Djhy8ZYmC-Ao1OcFzdPUaiaS0jAFu-WsoShFGZAsude80Zko0ZWbCiaiaOcBDOcu8OYiaikoc-AoydcFTjAUcOcFzdPUaiaS0-cND-YmyOAlCjWJldhjU-PoDSWmyScmDSeBRZPoRdhXCiaiaO1FUiABkZWF3jAF8ShFGZAsude80ZkoRdhXK2YgkdayTdAIldcNhjPG4f5J7IMMjMkMfH6qJn3IbMg6IJMJ7fbKlMsMMeMj6MKG4fJCgIMMjgkMfH6qJ7bIbMg6JJMJ7fbRRHyMMeMX6MKG4fOMgIMMj2KMfH6qJRMIbMg6sJMHbMLLsDZXe.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 6858
date: Mon, 30 Jan 2023 13:43:32 GMT
X-Firefox-Spdy: h2
static1.squarespace.com/static/ta/5016d42984ae3ecc9e018d91/1670/scripts/site-bundle.js
104.88.26.232200 OK 28 kB URL HTTP/2 static1.squarespace.com/static/ta/5016d42984ae3ecc9e018d91/1670/scripts/site-bundle.js
IP 104.88.26.232:0
File type Unicode text, UTF-8 text, with very long lines (32081), with LF, NEL line terminators
Hash a701008e1254b8980348ddc68652f8bd
df5e9dc282570051c6db0f8710059057cee9cfee
9ad330a001160b09dc1caaa2526f5d02d83767e8250b4de7934d21e7f5506fbc
GET /static/ta/5016d42984ae3ecc9e018d91/1670/scripts/site-bundle.js HTTP/1.1
Host: static1.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
pragma: cache
server: Squarespace
strict-transport-security: max-age=0
timing-allow-origin: *
x-content-type-options: nosniff
x-contextid: 9ItIeEAK/WFPHZKpr
content-length: 28545
cache-control: public, max-age=91258561
date: Mon, 30 Jan 2023 13:43:32 GMT
vary: Accept-Encoding, "Accept-Encoding"
tracepoint: "Akamai"
X-Firefox-Spdy: h2
assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-fd2acc815706e38fcfdf0-min.en-US.js
104.88.26.232200 OK 82 kB URL HTTP/1.1 assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-fd2acc815706e38fcfdf0-min.en-US.js
IP 104.88.26.232:0
File type ASCII text, with very long lines (65202)
Hash c7db15035020752c23874ffad6594fb7
6b9a1745bf7dada475358d4cbdb9dfa4f6d5393f
524bac3cd54e26cd73c0fa3a4fbece0198ab0180defc7a4ad93e287a080defa2
GET /universal/scripts-compressed/common-vendors-stable-fd2acc815706e38fcfdf0-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.financialf.com
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Length: 81885
Server: UploadServer
Last-Modified: Wed, 18 Jan 2023 14:51:49 GMT
ETag: "c7db15035020752c23874ffad6594fb7"
Content-Type: text/javascript
Cache-Control: public, max-age=3600
Expires: Mon, 30 Jan 2023 14:43:32 GMT
Date: Mon, 30 Jan 2023 13:43:32 GMT
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
assets.squarespace.com/@sqs/polyfiller/1.6/modern.js
104.88.26.232200 OK 42 kB URL HTTP/1.1 assets.squarespace.com/@sqs/polyfiller/1.6/modern.js
IP 104.88.26.232:0
File type Unicode text, UTF-8 text, with very long lines (43878), with NEL line terminators
Hash fe0d53a94823df972dbf107bf190771a
0ae461e408323c0dd10c6ccfb0a673c6d0a173bf
8cb58343dcef08e359f0abd73b1218780ca7ea4eab16f2d9d43ffc272ad91206
GET /@sqs/polyfiller/1.6/modern.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.financialf.com
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Mon, 31 Oct 2022 21:19:57 GMT
ETag: "fe0d53a94823df972dbf107bf190771a"
Content-Type: text/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Length: 42447
Server: UploadServer
Cache-Control: public, max-age=3600
Expires: Mon, 30 Jan 2023 14:43:32 GMT
Date: Mon, 30 Jan 2023 13:43:32 GMT
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
www.googletagmanager.com/gtag/js?id=AW-962116671
142.250.74.168200 OK 51 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-962116671
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash cd5be68e62dab562da328706250d308a
3bc4252faa0561754d4de209c916e6a2213fd460
f89b0c91e482db3f1e20a64e54d7c66908c4114b0c2e0fbf1d6b758ff9a627a7
GET /gtag/js?id=AW-962116671 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 13:43:32 GMT
expires: Mon, 30 Jan 2023 13:43:32 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Jan 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50831
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
assets.squarespace.com/universal/scripts-compressed/performance-0f5642c830ad27845ce87-min.en-US.js
104.88.26.232200 OK 69 kB URL HTTP/1.1 assets.squarespace.com/universal/scripts-compressed/performance-0f5642c830ad27845ce87-min.en-US.js
IP 104.88.26.232:0
File type ASCII text, with very long lines (57959)
Hash 0aabe7e7cfdb64b60fe8a714d627a462
87d237b3ec46fdd2d78814786a471bf5d8f43e63
509124ac2b187fbdec41c4d472ebc748b650253f66cd81966c2fe77c6b5d316c
GET /universal/scripts-compressed/performance-0f5642c830ad27845ce87-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.financialf.com
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Length: 68743
Server: UploadServer
Last-Modified: Tue, 24 Jan 2023 17:18:53 GMT
ETag: "0aabe7e7cfdb64b60fe8a714d627a462"
Content-Type: text/javascript
Cache-Control: public, max-age=3600
Expires: Mon, 30 Jan 2023 14:43:33 GMT
Date: Mon, 30 Jan 2023 13:43:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
assets.squarespace.com/universal/scripts-compressed/common-vendors-232ea070335df80d4cbe6-min.en-US.js
104.88.26.232200 OK 208 kB URL HTTP/1.1 assets.squarespace.com/universal/scripts-compressed/common-vendors-232ea070335df80d4cbe6-min.en-US.js
IP 104.88.26.232:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 208 kB (208529 bytes)
Hash 37bb360943cd7fcc23830497b6687337
c34d9260516e9e93a23220fb6271f23ec287a1d8
6cc0096deaf29ccc12dc7e8bdf86775ab758d9f1566a5c86bca92719b5568924
GET /universal/scripts-compressed/common-vendors-232ea070335df80d4cbe6-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.financialf.com
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Server: UploadServer
Last-Modified: Fri, 27 Jan 2023 18:16:51 GMT
ETag: W/"672b98ce7a18a6cb652a1e5f2c6d4e26"
Content-Type: text/javascript
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=3600
Expires: Mon, 30 Jan 2023 14:43:32 GMT
Date: Mon, 30 Jan 2023 13:43:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.84.138.44101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.84.138.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: O27aA8g09KPZM5S2VWMfaQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QI/OFEgYXiW8rbX8JhG83j1T17M=
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6de2c2e35bb57238d02da558bef735a2
26bf80be54a0729dcb4554e0b6ee504294330c92
966f1222d595b0641a0c636f678b4facf29e256bdab08eb207093f9ecc294d8c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 13:43:33 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 12:26:08 GMT
Expires: Sun, 05 Feb 2023 12:26:07 GMT
Etag: "26bf80be54a0729dcb4554e0b6ee504294330c92"
Cache-Control: max-age=513153,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791aa3207a65b515-OSL
images.squarespace-cdn.com/content/v1/55a57a20e4b081289a661f82/1445930500486-4R0NC3799ECBR1DOIVQP/financial-fitness-logo-v1.0.png?format=1500w
151.101.128.238200 OK 59 kB URL HTTP/2 images.squarespace-cdn.com/content/v1/55a57a20e4b081289a661f82/1445930500486-4R0NC3799ECBR1DOIVQP/financial-fitness-logo-v1.0.png?format=1500w
IP 151.101.128.238:0
File type PNG image data, 1500 x 292, 8-bit/color RGBA, non-interlaced\012- data
Hash aba1bec06f34d9701e31f79ddb8c5fe9
c45b1ec551c15ee6a792d753bd84caf14524bcd0
c116379a77bec8020908dc6a18ed18c97787ba442a0802a6f3641bb058ba278f
GET /content/v1/55a57a20e4b081289a661f82/1445930500486-4R0NC3799ECBR1DOIVQP/financial-fitness-logo-v1.0.png?format=1500w HTTP/1.1
Host: images.squarespace-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
timing-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
content-type: image/png
access-control-allow-origin: *
etag: COzonOTgxesCEAE=
cache-control: max-age=604800
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 30 Jan 2023 13:43:33 GMT
age: 63484
x-served-by: cache-iad-kjyo7100158-IAD, cache-bma1673-BMA
x-cache: HIT, MISS
x-cache-hits: 3, 0
x-timer: S1675086213.177670,VS0,VE296
vary: Accept-Encoding
tracepoint: Fastly
content-length: 58778
X-Firefox-Spdy: h2
app.birdseed.io/widget.js
3.218.243.195301 Moved Permanently 169 B URL HTTP/2 app.birdseed.io/widget.js
IP 3.218.243.195:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1d7e105f6929fa04f2ec0e8cc2bf18d3
9259ce376f72bf5861e0b455712baca565235602
9e5fe1fc9fb5e65dbb0af3bc4fcd3443a2dbf812bcd75f2bf7b17c3d7524b8fe
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /widget.js HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:33 GMT
content-type: text/html
content-length: 169
location: https://cdn.birdseed.io/widget.js
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
X-Firefox-Spdy: h2
use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?subset_id=2&fvd=n4&v=3
95.101.11.120200 OK 17 kB URL HTTP/2 use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?subset_id=2&fvd=n4&v=3
IP 95.101.11.120:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 16560, version 1.0\012- data
Hash 21776237ce9fa23dd98ad23252d6a3fa
bedf8f707c96c0cdb609c652828e797dcd214308
b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5
GET /af/efe4a5/00000000000000007735e609/30/l?subset_id=2&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.financialf.com
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 16560
etag: "e7ff55a2dbd9793a0025734c0419ed962aadab55"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 30 Jan 2023 13:43:33 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/78aca8/00000000000000007735e60d/30/l?subset_id=2&fvd=n6&v=3
95.101.11.120200 OK 17 kB URL HTTP/2 use.typekit.net/af/78aca8/00000000000000007735e60d/30/l?subset_id=2&fvd=n6&v=3
IP 95.101.11.120:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 16744, version 1.0\012- data
Hash c34e4b3d18f559ba9b9d10bac63b3557
8b218af2d391d3169b113deff9f8a9b2e59f4cef
5c9f600b175a870a39e534669ba425e642b0e3b79946273b04f36278fb14c89d
GET /af/78aca8/00000000000000007735e60d/30/l?subset_id=2&fvd=n6&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.financialf.com
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 16744
etag: "f7ba7c34d63f92790ab459c7b134839b4c87ad09"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 30 Jan 2023 13:43:33 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/1be3c2/00000000000000007735e606/30/l?subset_id=2&fvd=n3&v=3
95.101.11.120200 OK 16 kB URL HTTP/2 use.typekit.net/af/1be3c2/00000000000000007735e606/30/l?subset_id=2&fvd=n3&v=3
IP 95.101.11.120:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 16488, version 1.0\012- data
Hash b857497e8429ca88e683c76a00e806ff
a4bcc09c57a07d30735011ccfaa02d0984da1654
f1096de525ecd4549a0dea1507686fd365db607cddc697686b0f7ce81a9bdbab
GET /af/1be3c2/00000000000000007735e606/30/l?subset_id=2&fvd=n3&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.financialf.com
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 16488
etag: "a17c0961becf60ba50f5bf6f83483b71ca33505e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 30 Jan 2023 13:43:33 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash a00f674facffebf251bb5e1529ab462e
5ff3e4b9b0cbb78e38386e27823108c73be444b0
645fed030d6b90eeb2ba7ec8a1499c8f3a1498a605777afd1b114daf757c4c1f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 13:43:33 GMT
Etag: "63d6b2e9-1d7"
Server: ECS (dcb/7EC7)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DyZzxnFdpczz_Zj25CrDmlbfQ1fslfKH5wp-RtDxGGW9ACgiBxaJrA==
assets.squarespace.com/universal/scripts-compressed/announcement-bar-3a4da96869484cea25005-min.en-US.js
104.88.26.232200 OK 46 kB URL HTTP/2 assets.squarespace.com/universal/scripts-compressed/announcement-bar-3a4da96869484cea25005-min.en-US.js
IP 104.88.26.232:0
File type ASCII text, with very long lines (32878)
Hash 5f6af390ad75b1e669afba741af868ac
6d105669475430634d0b94726781f996ce5f50de
d45d23b7bf74ebc89954099bcc90f87fee3442a7c241018c7e89886a9194ab3f
GET /universal/scripts-compressed/announcement-bar-3a4da96869484cea25005-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
content-length: 45953
server: UploadServer
last-modified: Tue, 24 Jan 2023 17:18:43 GMT
etag: "5f6af390ad75b1e669afba741af868ac"
content-type: text/javascript
cache-control: public, max-age=3600
expires: Mon, 30 Jan 2023 14:43:34 GMT
date: Mon, 30 Jan 2023 13:43:34 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
assets.squarespace.com/universal/styles-compressed/pinterest-3d55c64c25996c7633fc2-min.en-US.css
104.88.26.232200 OK 23 B URL HTTP/2 assets.squarespace.com/universal/styles-compressed/pinterest-3d55c64c25996c7633fc2-min.en-US.css
IP 104.88.26.232:0
Hash f0d79988b7772c003d04a28bd7417a62
58423a999eec2997bcfffb247e9ecd3dfd0abf44
30e6fa98fb48c2b132824d1ac5e2243c0be9e9082ff32598d34d7687ca7f6c7f
GET /universal/styles-compressed/pinterest-3d55c64c25996c7633fc2-min.en-US.css HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 12 Mar 2021 21:49:06 GMT
etag: "f0d79988b7772c003d04a28bd7417a62"
content-type: text/css
content-encoding: gzip
accept-ranges: bytes
content-length: 23
server: UploadServer
cache-control: public, max-age=3600
expires: Mon, 30 Jan 2023 14:43:34 GMT
date: Mon, 30 Jan 2023 13:43:34 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
assets.squarespace.com/universal/scripts-compressed/pinterest-9cefbbe26f708563cfd58-min.en-US.js
104.88.26.232200 OK 30 kB URL HTTP/2 assets.squarespace.com/universal/scripts-compressed/pinterest-9cefbbe26f708563cfd58-min.en-US.js
IP 104.88.26.232:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a27013f7a4ceba4ece9991f64fd71667
a23e1833f384d4361caf6de17e743c618c3b08f1
143755137a8dc7aae279a9ab7565e91965825c518b7b063868228f3f6e833b67
GET /universal/scripts-compressed/pinterest-9cefbbe26f708563cfd58-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 24 Jan 2023 17:17:36 GMT
etag: "a27013f7a4ceba4ece9991f64fd71667"
content-type: text/javascript
content-encoding: gzip
accept-ranges: bytes
content-length: 29668
server: UploadServer
cache-control: public, max-age=3600
expires: Mon, 30 Jan 2023 14:43:34 GMT
date: Mon, 30 Jan 2023 13:43:34 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
use.typekit.net/af/2555e1/00000000000000007735e603/30/l?subset_id=2&fvd=n7&v=3
95.101.11.120200 OK 17 kB URL HTTP/2 use.typekit.net/af/2555e1/00000000000000007735e603/30/l?subset_id=2&fvd=n7&v=3
IP 95.101.11.120:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 16832, version 1.0\012- data
Hash 99cfcab4e91c1bc97731bcfe27ac5b29
740fcbaba11d23a5b9daa66fbd99ed8c4250fe6d
81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e
GET /af/2555e1/00000000000000007735e603/30/l?subset_id=2&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.financialf.com
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 16832
etag: "d6bfc4d27afeb61a1128d9c149ee5ed369aa27c3"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 30 Jan 2023 13:43:34 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/8738d8/00000000000000007735e611/30/l?subset_id=2&fvd=n8&v=3
95.101.11.120200 OK 17 kB URL HTTP/2 use.typekit.net/af/8738d8/00000000000000007735e611/30/l?subset_id=2&fvd=n8&v=3
IP 95.101.11.120:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 16880, version 1.0\012- data
Hash 6a1d05018e31f55e279ffe04ec9ea9c1
0c2fb9790414353667bf93757473893fbe404e2a
5d8f24de649d274c051960845b51a0407362d6b4c80de23985e648d3378708f5
GET /af/8738d8/00000000000000007735e611/30/l?subset_id=2&fvd=n8&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.financialf.com
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 16880
etag: "b104e817dea8b2a2bec04efdbe3f94cc937adda4"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 30 Jan 2023 13:43:34 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/40d372/00000000000000007735e607/30/l?subset_id=2&fvd=i3&v=3
95.101.11.120200 OK 17 kB URL HTTP/2 use.typekit.net/af/40d372/00000000000000007735e607/30/l?subset_id=2&fvd=i3&v=3
IP 95.101.11.120:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 16988, version 1.0\012- data
Hash ecf54e6f7907c8faf1382f1ce554c927
a3686c421ea7736a59fd9afdebd1b9c3888889a7
0ac75b515902d4a9c871724d8da779aaf77108660db9987a1fe1ab789ac95d4b
GET /af/40d372/00000000000000007735e607/30/l?subset_id=2&fvd=i3&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.financialf.com
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 16988
etag: "6ef0d08855713d86077ceb4099e5542a326ee5e8"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 30 Jan 2023 13:43:34 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/3322cc/00000000000000007735e616/30/l?subset_id=2&fvd=i4&v=3
95.101.11.120200 OK 17 kB URL HTTP/2 use.typekit.net/af/3322cc/00000000000000007735e616/30/l?subset_id=2&fvd=i4&v=3
IP 95.101.11.120:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 17212, version 1.0\012- data
Hash 133a3f4bada71d50c6dba1e84cd2f86e
89387c1bedc41f76e4234e623eee894b3e06fc52
fdcb74f626ef8f1059c0e3bd503017b8fdda4a54afcc26a4da734f5fd5c7a87a
GET /af/3322cc/00000000000000007735e616/30/l?subset_id=2&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.financialf.com
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 17212
etag: "31a7aafb713ac5501e62f6db8e298b8d73b421d2"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 30 Jan 2023 13:43:34 GMT
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Oswald:wght@700&family=PT+Serif:ital,wght@1,400
142.250.74.138200 OK 18 kB URL HTTP/2 fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Oswald:wght@700&family=PT+Serif:ital,wght@1,400
IP 142.250.74.138:0
Hash 08393c4ec2039f895d5af881b69c4d06
722997c67087f10ef2a0772dac3ce8c8315974f7
a17512de8c76b43b9747afcf62ced130a6f788cf891504e4ffb3e5a9483dce20
GET /css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Oswald:wght@700&family=PT+Serif:ital,wght@1,400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 13:43:32 GMT
date: Mon, 30 Jan 2023 13:43:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.financialf.com/api/census/RecordHit
198.49.23.145200 OK 17 B URL HTTP/2 www.financialf.com/api/census/RecordHit
IP 198.49.23.145:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /api/census/RecordHit HTTP/1.1
Host: www.financialf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
X-CSRF-Token: BVCyyhA6b7zDMzQ2ZmM5NDhhY2M4YTMyMDQ3N2MwNDIyYTYzZTZj
Content-Length: 794
Origin: https://www.financialf.com
Connection: keep-alive
Referer: https://www.financialf.com/support
Cookie: crumb=BVCyyhA6b7zDMzQ2ZmM5NDhhY2M4YTMyMDQ3N2MwNDIyYTYzZTZj; _gcl_au=1.1.171011080.1675086226; ss_cvr=8efd08c1-abc3-40a5-af41-ef619c8a30f3|1675086226358|1675086226358|1675086226358|1; ss_cvt=1675086226358
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: application/json;charset=utf-8
date: Mon, 30 Jan 2023 13:43:34 GMT
server: Squarespace
strict-transport-security: max-age=0
x-content-type-options: nosniff
x-contextid: TM11ApY7/Y5DdfEuz
content-length: 17
X-Firefox-Spdy: h2
www.financialf.com/api/census/button-render
198.49.23.145200 OK 17 B URL HTTP/2 www.financialf.com/api/census/button-render
IP 198.49.23.145:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /api/census/button-render HTTP/1.1
Host: www.financialf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-CSRF-Token: BVCyyhA6b7zDMzQ2ZmM5NDhhY2M4YTMyMDQ3N2MwNDIyYTYzZTZj
Content-Length: 416
Origin: https://www.financialf.com
Connection: keep-alive
Referer: https://www.financialf.com/support
Cookie: crumb=BVCyyhA6b7zDMzQ2ZmM5NDhhY2M4YTMyMDQ3N2MwNDIyYTYzZTZj; _gcl_au=1.1.171011080.1675086226; ss_cvr=8efd08c1-abc3-40a5-af41-ef619c8a30f3|1675086226358|1675086226358|1675086226358|1; ss_cvt=1675086226358
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: application/json;charset=utf-8
date: Mon, 30 Jan 2023 13:43:34 GMT
server: Squarespace
strict-transport-security: max-age=0
x-content-type-options: nosniff
x-contextid: TM11ApY7/xAjSlB5e
content-length: 17
X-Firefox-Spdy: h2
www.financialf.com/api/1/performance/settings
198.49.23.145200 OK 53 B URL HTTP/2 www.financialf.com/api/1/performance/settings
IP 198.49.23.145:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4e2e1a51a7fc7d9bc62e062d7ead541c
c0d2f37baf97ac2004da781d1fe0a574c4faba66
053ec8863dd159c447b9e9eb9cf078de81d35f62d87d6fad54afd1bb5fbcf7d4
GET /api/1/performance/settings HTTP/1.1
Host: www.financialf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/support
Cookie: crumb=BVCyyhA6b7zDMzQ2ZmM5NDhhY2M4YTMyMDQ3N2MwNDIyYTYzZTZj; _gcl_au=1.1.171011080.1675086226; ss_cvr=8efd08c1-abc3-40a5-af41-ef619c8a30f3|1675086226358|1675086226358|1675086226358|1; ss_cvt=1675086226358
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Mon, 30 Jan 2023 13:43:34 GMT
server: Squarespace
vary: Accept-Encoding, User-Agent
x-contextid: TM11ApY7/lLa0G6m1
content-length: 53
X-Firefox-Spdy: h2
www.financialf.com/api/census/form-render
198.49.23.145200 OK 17 B URL HTTP/2 www.financialf.com/api/census/form-render
IP 198.49.23.145:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /api/census/form-render HTTP/1.1
Host: www.financialf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-CSRF-Token: BVCyyhA6b7zDMzQ2ZmM5NDhhY2M4YTMyMDQ3N2MwNDIyYTYzZTZj
Content-Length: 264
Origin: https://www.financialf.com
Connection: keep-alive
Referer: https://www.financialf.com/support
Cookie: crumb=BVCyyhA6b7zDMzQ2ZmM5NDhhY2M4YTMyMDQ3N2MwNDIyYTYzZTZj; _gcl_au=1.1.171011080.1675086226; ss_cvr=8efd08c1-abc3-40a5-af41-ef619c8a30f3|1675086226358|1675086226358|1675086226358|1; ss_cvt=1675086226358
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: application/json;charset=utf-8
date: Mon, 30 Jan 2023 13:43:34 GMT
server: Squarespace
strict-transport-security: max-age=0
x-content-type-options: nosniff
x-contextid: TM11ApY7/bGqVwWVw
content-length: 17
X-Firefox-Spdy: h2
cdn.birdseed.io/widget.js
54.230.111.72200 OK 205 kB URL HTTP/2 cdn.birdseed.io/widget.js
IP 54.230.111.72:0
Size 205 kB (205034 bytes)
Hash c58a7047ea1b55175bd205bef57c5c42
79477d58264d278298ad8763fb5a5e6167ae6668
b38deb5f1b8cd44da2b026c0d1a10b7f3a56896dc2e90d89dba1f409bea2aac4
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /widget.js HTTP/1.1
Host: cdn.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.financialf.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 09 Dec 2022 17:39:26 GMT
x-amz-version-id: 2Q78UvWsk7iGJmdEsezf93FTFsre2X9t
server: AmazonS3
content-encoding: gzip
date: Sat, 28 Jan 2023 02:06:56 GMT
cache-control: max-age=1296000
etag: W/"c4c8237c382e5098bab5618b5a45d9b6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: e-R2pshkkiP3W0W2TcDUHnDijbmmcjxCbyb6pSjY928xwqCR-Uz4Fw==
age: 214598
X-Firefox-Spdy: h2
www.transfernow.net/cdn/_next/static/chunks/webpack-5a7cdf110b2ec1f3.js
104.26.15.166200 OK 65 kB URL HTTP/2 www.transfernow.net/cdn/_next/static/chunks/webpack-5a7cdf110b2ec1f3.js
IP 104.26.15.166:0
File type ASCII text, with very long lines (20682), with no line terminators
Hash 40692bba5c89ebc4f002c075c4cdcc1b
3a68b42a53fa75893608e1512629f147ee170ef2
7991ef98fd1d41bc2b5b1a6369c3bd942ea83ad020a0d02cc763e25a1ae058e1
GET /cdn/_next/static/chunks/webpack-5a7cdf110b2ec1f3.js HTTP/1.1
Host: www.transfernow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.transfernow.net/en/widgets/d301ce7e-05dd-4f53-a0dc-b23c71b84785
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:34 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"18250770806f51e99981f11ebc62b4ea"
expires: Mon, 30 Jan 2023 13:50:29 GMT
last-modified: Thu, 26 Jan 2023 19:52:26 GMT
x-goog-generation: 1674762746476825
x-goog-hash: crc32c=qriL7w==, md5=GCUHcIBvUemZgfEevGK06g==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 20682
x-guploader-uploadid: ADPycdtERBrTmq6qkr6mXn9E2QJ5NogQUSU3EsyX8BqEo5bidTTkbam5XCQ15gnxzq0lXxkL9FsUWBAtCAhE8m7_VUsX
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VA8%2FXfdcbA23W4tM0HULJqtXF9MrOkuIY6ICOmhpSmCHgRyN4Hxqd8WKd2E6SYte3nIuKUnOkW2%2Fhpm3zNmeg%2Bu19Ops8O0ihKvyX1xnBHFEsvgSUR33QxcxXSzcR%2BWboW17vRI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791aa327eced0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
images.squarespace-cdn.com/content/v1/55a57a20e4b081289a661f82/8757e8d7-b81a-4b7f-9cae-0ffbe5d16583/ConnectWise+logo.png?format=500w
151.101.128.238200 OK 12 kB URL HTTP/2 images.squarespace-cdn.com/content/v1/55a57a20e4b081289a661f82/8757e8d7-b81a-4b7f-9cae-0ffbe5d16583/ConnectWise+logo.png?format=500w
IP 151.101.128.238:0
File type PNG image data, 390 x 129, 8-bit/color RGB, non-interlaced\012- data
Hash 4be8daa9afdef94d88cc77e44756ce74
c2f674b9a02bc0a4cc1697778244319d5aabdbfb
c420d5d3d18f3767f097120816db38cd48d665105427132a174921e3bd106410
GET /content/v1/55a57a20e4b081289a661f82/8757e8d7-b81a-4b7f-9cae-0ffbe5d16583/ConnectWise+logo.png?format=500w HTTP/1.1
Host: images.squarespace-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
content-type: image/png
access-control-allow-origin: *
etag: CNjUsPSCqvwCEAE=
cache-control: max-age=604800
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 30 Jan 2023 13:43:34 GMT
age: 0
x-served-by: cache-iad-kjyo7100022-IAD, cache-bma1673-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675086214.150383,VS0,VE272
vary: Accept-Encoding
tracepoint: Fastly
content-length: 12277
X-Firefox-Spdy: h2
p.typekit.net/p.gif?s=2&k=646866_55a57a20e4b081289a661f82&ht=tk&h=www.financialf.com&f=5474.175.173.139.169.5475.176.140&a=646866&js=1.21.0&app=typekit&e=js&_=1675086226540
95.101.11.112200 OK 35 B URL HTTP/2 p.typekit.net/p.gif?s=2&k=646866_55a57a20e4b081289a661f82&ht=tk&h=www.financialf.com&f=5474.175.173.139.169.5475.176.140&a=646866&js=1.21.0&app=typekit&e=js&_=1675086226540
IP 95.101.11.112:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=2&k=646866_55a57a20e4b081289a661f82&ht=tk&h=www.financialf.com&f=5474.175.173.139.169.5475.176.140&a=646866&js=1.21.0&app=typekit&e=js&_=1675086226540 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
date: Mon, 30 Jan 2023 13:43:34 GMT
X-Firefox-Spdy: h2
www.transfernow.net/widgets/d301ce7e-05dd-4f53-a0dc-b23c71b84785
104.26.15.166307 Temporary Redirect 480 kB URL HTTP/2 www.transfernow.net/widgets/d301ce7e-05dd-4f53-a0dc-b23c71b84785
IP 104.26.15.166:0
Size 480 kB (480041 bytes)
Hash af2e665dd853110b3cd7716b75644399
d0efe247d7536012b51bb75609075f7681170f7b
215f8d199906b3c521659e9df8edca940ee31041ec76389a8f4a7bf7fd31f248
GET /widgets/d301ce7e-05dd-4f53-a0dc-b23c71b84785 HTTP/1.1
Host: www.transfernow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Mon, 30 Jan 2023 13:43:34 GMT
content-type: text/html
location: https://www.transfernow.net/en/widgets/d301ce7e-05dd-4f53-a0dc-b23c71b84785
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-frame-options:
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
x-cloud-trace-context: c0b4d8d4978b8d2da06afdcd69cbb159
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdQKv96yDOO8kNe4Ei3K4RyBlm6Iz0HDzrgL17Q%2BKkZAcAg1vwzBqSR%2BmzKOEnhowfkHJ557PMd%2BSl2wY9MF0QGBJrsthp7B%2Bm1PeAUwNSfFDBEedRnjpvjmkWMQYn%2F4L%2Bzueoc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791aa32479f60b69-OSL
X-Firefox-Spdy: h2
d31qbv1cthcecs.cloudfront.net/atrk.js
54.230.111.31200 OK 1.6 kB URL HTTP/1.1 d31qbv1cthcecs.cloudfront.net/atrk.js
IP 54.230.111.31:0
File type ASCII text, with very long lines (4255), with no line terminators
Hash d861bd1e6fc385523d9964b18cd6e726
3d176742cb672d8e12ec7e660ff27e26ea9157e8
9e9d714bf8bcf8564e062eb121f376bf0d0141b09941a420fb32ded933f5e316
GET /atrk.js HTTP/1.1
Host: d31qbv1cthcecs.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 08 Jan 2023 04:50:57 GMT
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Cache-Control: max-age=26920000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZRmt0MleOD1TLWv1lf9mYPMSf3Taj5mDrO8-59bF6HkVEWBr51dslQ==
Age: 1932758
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4533
Expires: Mon, 30 Jan 2023 14:59:07 GMT
Date: Mon, 30 Jan 2023 13:43:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4533
Expires: Mon, 30 Jan 2023 14:59:07 GMT
Date: Mon, 30 Jan 2023 13:43:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:08:57 GMT
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
age: 56077
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static1.squarespace.com/static/sitecss/55a57a20e4b081289a661f82/96/503ba86de4b04953d0f49846/55a57a20e4b081289a661f8b/1670/site.css
104.88.26.232200 OK 63 kB URL HTTP/2 static1.squarespace.com/static/sitecss/55a57a20e4b081289a661f82/96/503ba86de4b04953d0f49846/55a57a20e4b081289a661f8b/1670/site.css
IP 104.88.26.232:0
Hash b104384e032dd43bbb93880f0f636f5a
811c3a57c0c0aa444b1d553705467d745aff69bb
4e35337adac99062a33ba96d0fd80cec37ba6a778c0e6e6ea7aac4638bcbd8a7
GET /static/sitecss/55a57a20e4b081289a661f82/96/503ba86de4b04953d0f49846/55a57a20e4b081289a661f8b/1670/site.css HTTP/1.1
Host: static1.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css; charset=UTF-8
pragma: cache
server: Squarespace
strict-transport-security: max-age=0
timing-allow-origin: *
x-content-type-options: nosniff
x-contextid: zItz3Oz8/bcwq36Ph
cache-control: public, max-age=94607968
date: Mon, 30 Jan 2023 13:43:33 GMT
vary: Accept-Encoding, "Accept-Encoding"
tracepoint: "Akamai"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:27 GMT
age: 56647
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 57132
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
assets.calendly.com/assets/external/widget.js
172.66.40.230200 OK 24 kB URL HTTP/2 assets.calendly.com/assets/external/widget.js
IP 172.66.40.230:0
File type Unicode text, UTF-8 text, with very long lines (44677), with no line terminators
Hash 1b57f2e44363848f4923ea72755ac977
f8ef1afdc33d4b974f711eaf8b613d4c02a769a1
266d97cd25cff1536340cc0c204ffce2a1e0bc641276e06dea21318b9dd0ce85
GET /assets/external/widget.js HTTP/1.1
Host: assets.calendly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:33 GMT
content-type: application/javascript
cf-ray: 791aa31ebe29b4f1-OSL
age: 205
cache-control: public, max-age=300
etag: W/"c30e8b97d12c7710012f00f92bcd9de5"
expires: Tue, 31 Jan 2023 13:43:33 GMT
last-modified: Fri, 20 Jan 2023 19:21:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
cf-bgj: minify
x-content-type-options: nosniff
set-cookie: __cf_bm=SG21M_FWwaz83ZEFOC.fq.or7H5At6XGJ_AZp7lvEek-1675086213-0-AfyOGTHCR8IFw0amJMYyhrwSE1gsEKYobuA1wA3cK+GsCnkzLA0cZfjE0iOBJ7xo6djWQm4X0y8b2b8tdsWsGWA=; path=/; expires=Mon, 30-Jan-23 14:13:33 GMT; domain=.calendly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.transfernow.net/cdn/_next/static/chunks/pages/widgets/%5BwidgetId%5D-0fba5eff7abaa057.js
104.26.15.166200 OK 10 kB URL HTTP/2 www.transfernow.net/cdn/_next/static/chunks/pages/widgets/%5BwidgetId%5D-0fba5eff7abaa057.js
IP 104.26.15.166:0
File type ASCII text, with very long lines (845), with no line terminators
Hash 717a62a92afb139113ed1a38bb558be6
a4ce3a657e451cdf82482824e58428e2a6eff839
b25e57831473f37f21eeb453778e43f077783adc0877763cba33df97bf8c7182
GET /cdn/_next/static/chunks/pages/widgets/%5BwidgetId%5D-0fba5eff7abaa057.js HTTP/1.1
Host: www.transfernow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.transfernow.net/en/widgets/d301ce7e-05dd-4f53-a0dc-b23c71b84785
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:34 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"1829c0748fffba6003bc122f2cae4e19"
expires: Mon, 30 Jan 2023 14:40:31 GMT
last-modified: Thu, 26 Jan 2023 07:35:49 GMT
x-goog-generation: 1674718549679902
x-goog-hash: crc32c=MUKJGw==, md5=GCnAdI//umADvBIvLK5OGQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 845
x-guploader-uploadid: ADPycdtvnxKEIROFTdT7BPiH3e6x4auTfBozGWeGgEI00KI0URiyfhFbTnDTqSoeAspCLIp5-278K_zkS6U1_U54cMSRjw
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5zHbLRYUmATT4U%2BbIhjxEggt3geU2ZMwnltIWDkj77jf0JnBF9%2Fna76wuEVyxxDvr%2FO66XSNstwI7LFAQEBrMB4UyHgPNN9y1Mq7lPwN5ZTqn4N9w3Uq9sSn%2FsHC0ErHsqMHLM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791aa327dce10b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
assets.squarespace.com/universal/scripts-compressed/commerce-14eea42e89cc9799588b3-min.en-US.js
104.88.26.232200 OK 12 kB URL HTTP/1.1 assets.squarespace.com/universal/scripts-compressed/commerce-14eea42e89cc9799588b3-min.en-US.js
IP 104.88.26.232:0
Hash 5190c0bdc6abe0ee258e9f8c20ddaf51
d60f280f8a742480527dbc32d08f321f972d4fcf
874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58
GET /universal/scripts-compressed/commerce-14eea42e89cc9799588b3-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.financialf.com
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 27 Jan 2023 18:44:24 GMT
ETag: "32d996f0d996969e26167539c8ac78dc"
Content-Type: text/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Length: 255804
Server: UploadServer
Cache-Control: public, max-age=3600
Expires: Mon, 30 Jan 2023 14:43:32 GMT
Date: Mon, 30 Jan 2023 13:43:32 GMT
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
ocsp.pki.goog/s/gts1d4/raRVPOI4L3s
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/raRVPOI4L3s
IP 142.250.74.131:0
Hash 3effc1b83b158511cbb6916fa2594fd8
873444b47b4da25d5ad8d373cfe10cdb2967b4a7
c4536aa6801daf7e2b27d1a50bea8558d17d62071930bca805bb694effa96618
POST /s/gts1d4/raRVPOI4L3s HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/wcm/loader.js
142.250.74.35200 OK 1.3 kB URL HTTP/2 www.gstatic.com/wcm/loader.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (1123)
Hash 22300d54ba7faf32360c95915053014c
ea83f097bd99413f9d8fcb08d0312ba7ba1be99f
2c4c9c9d6af1ad12556ab11c8021eb5c254025ce04500bc885b69984dd562ce5
GET /wcm/loader.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1339
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 13:20:58 GMT
expires: Mon, 30 Jan 2023 14:20:58 GMT
cache-control: public, max-age=3600
age: 1356
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b9943d0ede56f4621a69e0c208f0f00
0aab9fec24b3b22055cb7e2be40712c2cb885927
b2c45fa40739c489125fb9150a94900f1ab59b8e2bf646e69c77ef3ee17ba9f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B2C45FA40739C489125FB9150A94900F1AB59B8E2BF646E69C77EF3EE17BA9F0"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16474
Expires: Mon, 30 Jan 2023 18:18:08 GMT
Date: Mon, 30 Jan 2023 13:43:34 GMT
Connection: keep-alive
googleads.g.doubleclick.net/pagead/viewthroughconversion/962116671/?random=1675086226220&cv=11&fst=1675086226220&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.financialf.com%2Fsupport&tiba=Support%20%E2%80%94%20Financial%20Fitness%20Consulting&auid=171011080.1675086226&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.34200 OK 896 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/962116671/?random=1675086226220&cv=11&fst=1675086226220&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.financialf.com%2Fsupport&tiba=Support%20%E2%80%94%20Financial%20Fitness%20Consulting&auid=171011080.1675086226&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (1927), with no line terminators
Hash 23b996857092e8c3e08858c65657575e
46cd605b7b9bcf4bcebc2dcdeafb3a0b529c12bf
ce55a8e1e3c4f133098529d004e1a90bdd18a30554dd503ec99eef11a76e6b45
GET /pagead/viewthroughconversion/962116671/?random=1675086226220&cv=11&fst=1675086226220&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.financialf.com%2Fsupport&tiba=Support%20%E2%80%94%20Financial%20Fitness%20Consulting&auid=171011080.1675086226&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 13:43:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 896
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 30-Jan-2023 13:58:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.transfernow.net/cdn/_next/static/chunks/main-1cf3ea48a05a343c.js
104.26.15.166200 OK 96 kB URL HTTP/2 www.transfernow.net/cdn/_next/static/chunks/main-1cf3ea48a05a343c.js
IP 104.26.15.166:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c194ce35ad2f8a196c9c0277b192638e
d6470f9f7686f2a2525c9d0cefdeef826b1aa967
b9749df8ea9ac188d8f7abee6c85f0fa3a72e726f245e20091830d134430f09d
GET /cdn/_next/static/chunks/main-1cf3ea48a05a343c.js HTTP/1.1
Host: www.transfernow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.transfernow.net/en/widgets/d301ce7e-05dd-4f53-a0dc-b23c71b84785
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:34 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"30a47184e6824fd1b33f8fbacdaf82c6"
expires: Mon, 30 Jan 2023 13:51:32 GMT
last-modified: Tue, 24 Jan 2023 15:12:29 GMT
x-goog-generation: 1673437204246278
x-goog-hash: crc32c=2Um6jQ==, md5=MKRxhOaCT9GzP4+6za+Cxg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 92215
x-guploader-uploadid: ADPycdtvpfeFFbx4dTePCVbBomEpai44zfxLKU9WxCOGcChQkGavotXgu1lql175AzF5k0u1-JJ87wH4AvzX1yUsMkmjyg
cf-cache-status: HIT
age: 866
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAnfrtT43GnSkKGTmJ9AHoXprL4QWPS1Zindu3LWNvj6JwU6AMq%2Ffu3rvPoMmG23YHRig4UXxxSysnZetDFD9szSmFt7vj7uqigVyoFscq1gzKRQzNDI64glanvirUjzJsacGCw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791aa327dce90b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
o914678.ingest.sentry.io/api/5874099/envelope/?sentry_key=70970c0b707144faae3c08ebadbc3af5&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.29.0
34.120.195.249200 OK 2 B URL HTTP/2 o914678.ingest.sentry.io/api/5874099/envelope/?sentry_key=70970c0b707144faae3c08ebadbc3af5&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.29.0
IP 34.120.195.249:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/5874099/envelope/?sentry_key=70970c0b707144faae3c08ebadbc3af5&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.29.0 HTTP/1.1
Host: o914678.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.transfernow.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.transfernow.net
Content-Length: 441
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:43:34 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://www.transfernow.net
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/raRVPOI4L3s
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/raRVPOI4L3s
IP 142.250.74.131:0
Hash 3effc1b83b158511cbb6916fa2594fd8
873444b47b4da25d5ad8d373cfe10cdb2967b4a7
c4536aa6801daf7e2b27d1a50bea8558d17d62071930bca805bb694effa96618
POST /s/gts1d4/raRVPOI4L3s HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b9943d0ede56f4621a69e0c208f0f00
0aab9fec24b3b22055cb7e2be40712c2cb885927
b2c45fa40739c489125fb9150a94900f1ab59b8e2bf646e69c77ef3ee17ba9f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B2C45FA40739C489125FB9150A94900F1AB59B8E2BF646E69C77EF3EE17BA9F0"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16474
Expires: Mon, 30 Jan 2023 18:18:08 GMT
Date: Mon, 30 Jan 2023 13:43:34 GMT
Connection: keep-alive
assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-5082e2dab696b020ac83a-min.en-US.js
104.88.26.232200 OK 6.3 kB URL HTTP/1.1 assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-5082e2dab696b020ac83a-min.en-US.js
IP 104.88.26.232:0
Hash ac5ff1e5b28ad20417b8904f35b680f7
f3f468ff7fb4d6db11f5fb2037791093755b84c9
aec197bb9d182fdf064a5f168db57b0d3342d09470c4e1d94e9ac923c0351b2c
GET /universal/scripts-compressed/extract-css-moment-js-vendor-5082e2dab696b020ac83a-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.financialf.com
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Mon, 21 Nov 2022 16:43:30 GMT
ETag: "77a546c78e5335ac223ce347591cf662"
Content-Type: text/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Length: 113227
Server: UploadServer
Cache-Control: public, max-age=3600
Expires: Mon, 30 Jan 2023 14:43:32 GMT
Date: Mon, 30 Jan 2023 13:43:32 GMT
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 61f0191a24989967cf0eb7b7a0e00052
830955d96a2170b469ac4fd9fff99309a9f7737a
0d3d753518611ef9587765c4a5f8bbfd61ab826e7ce833b5db4da2738abf0a29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D3D753518611EF9587765C4A5F8BBFD61AB826E7CE833B5DB4DA2738ABF0A29"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16620
Expires: Mon, 30 Jan 2023 18:20:34 GMT
Date: Mon, 30 Jan 2023 13:43:34 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b67335a8e235eacf68e4b7f98cc5dc40
887a9b34cf2ba9371bbe8c93e362c174668cf812
1ad2f6328af6d819acd85f4e4646afcafd945e17e555d5eeb54244db83cd48fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/962116671/?random=1675086226220&cv=11&fst=1675083600000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.financialf.com%2Fsupport&tiba=Support%20%E2%80%94%20Financial%20Fitness%20Consulting&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3145761221&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/962116671/?random=1675086226220&cv=11&fst=1675083600000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.financialf.com%2Fsupport&tiba=Support%20%E2%80%94%20Financial%20Fitness%20Consulting&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3145761221&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/962116671/?random=1675086226220&cv=11&fst=1675083600000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.financialf.com%2Fsupport&tiba=Support%20%E2%80%94%20Financial%20Fitness%20Consulting&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3145761221&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 13:43:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/962116671/?random=1675086226220&cv=11&fst=1675083600000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.financialf.com%2Fsupport&tiba=Support%20%E2%80%94%20Financial%20Fitness%20Consulting&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3145761221&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/962116671/?random=1675086226220&cv=11&fst=1675083600000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.financialf.com%2Fsupport&tiba=Support%20%E2%80%94%20Financial%20Fitness%20Consulting&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3145761221&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/962116671/?random=1675086226220&cv=11&fst=1675083600000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.financialf.com%2Fsupport&tiba=Support%20%E2%80%94%20Financial%20Fitness%20Consulting&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3145761221&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 13:43:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 182a042b540b8842b8cd01a62dc6f49b
c2487eb2021dadb35e6f20669d89d7a4f1222da7
fd0262f1d23070a5e44cea3e6f5ca1e7cfe5b1e7efe89660d912776ad7e1384f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=120840
Date: Mon, 30 Jan 2023 13:43:35 GMT
Etag: "63d6f957-1d7"
Expires: Tue, 31 Jan 2023 23:17:35 GMT
Last-Modified: Sun, 29 Jan 2023 22:55:19 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yDrkg59hnI7XPGaaYsUibFZOdigG41kbLiT01_TIEjWXAbWMbqUimg==
Age: 1336
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
3.23.57.200204 No Content 0 B URL HTTP/2 redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
IP 3.23.57.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x.png HTTP/1.1
Host: redirect.prod.experiment.routing.cloudfront.aws.a2z.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 30 Jan 2023 13:43:35 GMT
server: Server
X-Firefox-Spdy: h2
calendly.com/financialfitness?embed_domain=www.financialf.com&embed_type=Inline
172.66.40.230200 OK 22 kB URL HTTP/2 calendly.com/financialfitness?embed_domain=www.financialf.com&embed_type=Inline
IP 172.66.40.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (64235)
Hash 7cd4e561312268aa7a3cf868ff7d9e0c
395793048e3cd24a40507ca5d758ea85f9efb1b9
5fd9dc81bdb8d6e3c5332b3bbe5b8e7ffe2090eb7339e06101a3df6079e6c8e9
GET /financialfitness?embed_domain=www.financialf.com&embed_type=Inline HTTP/1.1
Host: calendly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Cookie: __cf_bm=SG21M_FWwaz83ZEFOC.fq.or7H5At6XGJ_AZp7lvEek-1675086213-0-AfyOGTHCR8IFw0amJMYyhrwSE1gsEKYobuA1wA3cK+GsCnkzLA0cZfjE0iOBJ7xo6djWQm4X0y8b2b8tdsWsGWA=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:34 GMT
content-type: text/html; charset=utf-8
cf-ray: 791aa3275bf1b4f1-OSL
cache-control: max-age=0, private, must-revalidate
link: <https://assets.calendly.com/assets/booking/css/booking-537a6a72.css>; rel=preload; as=style; nopush
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-request-id: 653484c25e14d862fca86b558a38856c
x-runtime: 0.085597
vary: Accept-Encoding
set-cookie: _calendly_session=DqNK1gfx00o0H1eiznmsbk1fQOmADZZozjEUW7VCX5NCjkXb9igva0WgUPekGhiaK24iyKp0e5LS7JuOFsyh8L7xf7E8boBQ%2Fdgcwss2jmN1zMUa3V7%2FgU4XiH%2B4KQUyxThKw23tbIWuN1XQMBN2oAWc55drMKbG5%2Fg4tmRKi8lTp7GSqGd3fsmeFdF%2Bf6tdIdbV0Xc327PHE2JStKiUazJ4zve%2Fg2P%2BA7uJiONkdXwTg534Et3bxbVKE5ukji4j%2BFDf2ojaPqm22644BgQX4i720XvjsICzaJSWpaAosCTINSe8tIpkp0iULooAoOzS4gENVi4viqPykj2y%2FtxCkMcBPw7C6gUWwsUzZuCkFWIh10XxEeC10%2BY%2FR%2BK%2BQv%2FeweRLftbsIVWS8dVuIxKclK9po6oXY%2FxlNsyMwalcP4loKnWoRS9IRrSSuK6gB3XlcljC%2B9eH9yhMJc3gl%2Boc45QjPvN8f057AN6TMVZNz01jYknxeWPHo0kx7XOBeuqf0WR5QiOOxUG1ip5Ycts0W4KEgZATcy52JSGIEYuU%2BVHqGUpFh9PbGyVpapk6jVnOjQ4INgSnvoi4ue9t%2FmQWll0yAWN29P6J3duGOa5Bustp1QGn2fgUYWOcprOCkd3fEIsWHYqD%2FocHuPTp6TrYcoKdyDtoyKGS0NjlogeW6x9a3Qaqbor%2Fj%2FDUYNxWj0SpIumecKihvA%3D%3D--3eJgIM%2BjGflhqHP0--SgsCv1p1thxFoD%2BClpY%2Fhw%3D%3D; path=/; expires=Mon, 20 Feb 2023 13:43:34 GMT; secure; HttpOnly; SameSite=Lax
__cfruid=dd9e2d91898e363af1b8936847a5ca316eea2976-1675086214; path=/; domain=.calendly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 61f0191a24989967cf0eb7b7a0e00052
830955d96a2170b469ac4fd9fff99309a9f7737a
0d3d753518611ef9587765c4a5f8bbfd61ab826e7ce833b5db4da2738abf0a29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D3D753518611EF9587765C4A5F8BBFD61AB826E7CE833B5DB4DA2738ABF0A29"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16619
Expires: Mon, 30 Jan 2023 18:20:34 GMT
Date: Mon, 30 Jan 2023 13:43:35 GMT
Connection: keep-alive
o914678.ingest.sentry.io/api/5874099/envelope/?sentry_key=70970c0b707144faae3c08ebadbc3af5&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.29.0
34.120.195.249200 OK 41 B URL HTTP/2 o914678.ingest.sentry.io/api/5874099/envelope/?sentry_key=70970c0b707144faae3c08ebadbc3af5&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.29.0
IP 34.120.195.249:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6a09be5caebe7ada7c08d8f6eeb8d9f6
9c89b3f90f8b6e48a50c0f3126413f03f404f576
a6b2529334d4ff0e81158a5b4553fa09b9648d512084a07dfa65928cb8e5ee59
POST /api/5874099/envelope/?sentry_key=70970c0b707144faae3c08ebadbc3af5&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.29.0 HTTP/1.1
Host: o914678.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.transfernow.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.transfernow.net
Content-Length: 7903
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:43:35 GMT
content-type: application/json
content-length: 41
access-control-allow-origin: https://www.transfernow.net
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2aeb375d07c6797557862a1e95e25902
8d9a4232f162756acee686c8bc130f96b9800889
80b36ee610a970ba64d36a42cfb9ee93f44c1eea03b7da2257f5a85e68055bf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.transfernow.net/cdn-cgi/challenge-platform/h/g/cv/result/791aa325db0e0b69
104.26.15.166200 OK 6 B URL HTTP/2 www.transfernow.net/cdn-cgi/challenge-platform/h/g/cv/result/791aa325db0e0b69
IP 104.26.15.166:0
File type ASCII text, with no line terminators
Hash 7d14c6d06a6075d413d43d381c992eba
49bdfc1145f7c7a7bf870f069b9d23a97966cb30
f48bd14f1f30b485d99a2904d06cbd9fa03ccaa5779105a3d3cf963edb2ac385
POST /cdn-cgi/challenge-platform/h/g/cv/result/791aa325db0e0b69 HTTP/1.1
Host: www.transfernow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12472
Origin: https://www.transfernow.net
Connection: keep-alive
Referer: https://www.transfernow.net/en/widgets/d301ce7e-05dd-4f53-a0dc-b23c71b84785
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:35 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=qKvNExwhRfxdgxH3BMURYULINSDB_dvkg81b9r8xWS4-1675086215-0-AZKOrDTaqBj0hkv7Tcr3/lBi8Sy4FLFFLcpB93GCbAu+bWLkjY7eFszDsQb21BOAIJIz1L7bhTNUpwtzBSNLj8aKNe0JKWkq7mgxz3FAjcqoF5Z5K3RT2KQ5PPiDiNN0Rn0/M45Dct+N/w6EKfs4eSY=; path=/; expires=Mon, 30-Jan-23 14:13:35 GMT; domain=.transfernow.net; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8cUm3H9nRAQvPoVOxG5nipU8sW%2FhB2F3k0xav0paiEiqEl4XTw%2BKVf2sKBI4uB%2Bio6EOy4ixNnYkBC%2FkSK5KRog2%2FYg0EkoS0LK4eo5JxMBrYR8CclmuC9rW0FU3%2FL84QM%2BvN0A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791aa32f5d010b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3cdf7a37df5fd660125c11f6c7f44064
929c5ec370ad00ff0508f86174d450407ac680bd
22ffbbc922da324c956478cfd8cb5bcc269831ac5c85e22ef6ecdd69e3512a7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
log.pinterest.com/?guid=93NhE7FPgaXo&type=pidget&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0&via=https%3A%2F%2Fwww.financialf.com%2Fsupport&callback=PIN_1675086226488.f.callback[0]
151.101.192.84200 OK 0 B URL HTTP/2 log.pinterest.com/?guid=93NhE7FPgaXo&type=pidget&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0&via=https%3A%2F%2Fwww.financialf.com%2Fsupport&callback=PIN_1675086226488.f.callback[0]
IP 151.101.192.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?guid=93NhE7FPgaXo&type=pidget&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0&via=https%3A%2F%2Fwww.financialf.com%2Fsupport&callback=PIN_1675086226488.f.callback[0] HTTP/1.1
Host: log.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-envoy-upstream-service-time: 0
server: envoy
x-pinterest-rid: 1609917520925730
accept-ranges: bytes
date: Mon, 30 Jan 2023 13:43:35 GMT
via: 1.1 varnish
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675086216.715519,VS0,VE40
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash f00a5e099baa6fb6de03dd876b13a8cd
f504f7260f35dd528cf26a83aa18f343561382e9
1126ad2cd65349b69fee3d133a5438e66e6bc466e10d346237076544baebc1fc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144348
Date: Mon, 30 Jan 2023 13:43:35 GMT
Etag: "63d74d85-1d7"
Expires: Wed, 01 Feb 2023 05:49:23 GMT
Last-Modified: Mon, 30 Jan 2023 04:54:29 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: abjDwsiC_NJy7-hk59Ih4l3F8rbY267Cg4OyJpIY6eRBuT4FAxdBxw==
Age: 3294
w.usabilla.com/dc9688c7588b.js?lv=1
52.213.193.212200 OK 13 kB URL HTTP/2 w.usabilla.com/dc9688c7588b.js?lv=1
IP 52.213.193.212:0
File type ASCII text, with very long lines (12232)
Hash 22b79f9617c33311ee925b4c464f1931
f800582b462c216abbefdbbd83140dda247fdaa8
307f86068894f624bc37848542e5a8090669c60806133c50deb529f5c7a48161
GET /dc9688c7588b.js?lv=1 HTTP/1.1
Host: w.usabilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://calendly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:35 GMT
content-type: text/javascript
content-length: 13286
cache-control: public,max-age=0
content-encoding: gzip
etag: "9c459bab06a8a1de0a5012393562f395"
pragma: no-cache
x-widget-server: 2.1
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8d206904c0a2237b487d447f8d2efe52
d6c26108f8ba0e93f643e07abdd7f1fa914fbec9
d1118ba9f0f1751fe564559d8a1fd775524e78a848003c5d3cc8e48f332f7f14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2502
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:36 GMT
Last-Modified: Mon, 30 Jan 2023 13:01:54 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8d206904c0a2237b487d447f8d2efe52
d6c26108f8ba0e93f643e07abdd7f1fa914fbec9
d1118ba9f0f1751fe564559d8a1fd775524e78a848003c5d3cc8e48f332f7f14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2502
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:36 GMT
Last-Modified: Mon, 30 Jan 2023 13:01:54 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5c5bc701375ee726e789d906137c3327
82ae36f943c89e5b60c12f2b09ab2e6b866b3c75
6efceb2ae05906e09732571d3e9a00ede94c80404ca0c99a51cc498497c9012b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6389
Cache-Control: max-age=134536
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:36 GMT
Etag: "63d71b1b-1d7"
Expires: Wed, 01 Feb 2023 03:05:52 GMT
Last-Modified: Mon, 30 Jan 2023 01:19:23 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
app.birdseed.io/assets/loading_50px.gif
3.218.243.195200 OK 39 kB URL HTTP/2 app.birdseed.io/assets/loading_50px.gif
IP 3.218.243.195:0
File type GIF image data, version 89a, 50 x 50\012- data
Hash e946a556fab6505ae9716109496d0178
8ac7647807bd278229a3d9f8023c266a01814f7b
0544442e4842a08a9af344eccd39f0456f4f95b5aa81cbd02c35d07b8c36848e
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /assets/loading_50px.gif HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/widget/panel.html?referrer=none&available=true&token=3a5b0292b4f39e186dfdec9ea9190881&live_url=https://www.financialf.com/support&preview=null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:36 GMT
content-type: image/gif
content-length: 38708
last-modified: Mon, 23 Jan 2023 21:13:54 GMT
etag: "63cef892-9734"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
assets.calendly.com/assets/booking/js/booking-runtime-409dce49.js
172.66.40.230200 OK 4.5 kB URL HTTP/2 assets.calendly.com/assets/booking/js/booking-runtime-409dce49.js
IP 172.66.40.230:0
File type ASCII text, with very long lines (2620)
Hash 65c555b53ae87d8af83d4553bab6b526
4d6b238e7eb12620994600533417ecc384b76637
b52e97fb7e50a4e628d6693f0f077045c076fc1ab8469c754c17f44e366063fa
GET /assets/booking/js/booking-runtime-409dce49.js HTTP/1.1
Host: assets.calendly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Cookie: __cf_bm=SG21M_FWwaz83ZEFOC.fq.or7H5At6XGJ_AZp7lvEek-1675086213-0-AfyOGTHCR8IFw0amJMYyhrwSE1gsEKYobuA1wA3cK+GsCnkzLA0cZfjE0iOBJ7xo6djWQm4X0y8b2b8tdsWsGWA=; __cfruid=dd9e2d91898e363af1b8936847a5ca316eea2976-1675086214
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:35 GMT
content-type: application/javascript
cf-ray: 791aa32f5f65b4f1-OSL
age: 843312
cache-control: public, max-age=31536000
etag: W/"8de687b3243040bdd91866aecc8bc180"
expires: Tue, 31 Jan 2023 13:43:35 GMT
last-modified: Fri, 20 Jan 2023 19:21:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=19551
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
app.birdseed.io/assets/footer-logo-62d2c97c63579fe6d03650da87872527c5fa86c8d4941084a69513e84a28f5ef.svg
3.218.243.195200 OK 15 kB URL HTTP/2 app.birdseed.io/assets/footer-logo-62d2c97c63579fe6d03650da87872527c5fa86c8d4941084a69513e84a28f5ef.svg
IP 3.218.243.195:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (21753)
Hash 9b4ff462aa302aabc4216b58ca524469
c09a76844f3f5a7ff50a408842be4fdfc0896b16
835015d046d47e416813f40b1268d296edf6112f4418d74f361eecd8af9f9aea
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /assets/footer-logo-62d2c97c63579fe6d03650da87872527c5fa86c8d4941084a69513e84a28f5ef.svg HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/widget/panel.html?referrer=none&available=true&token=3a5b0292b4f39e186dfdec9ea9190881&live_url=https://www.financialf.com/support&preview=null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:36 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 21:13:52 GMT
vary: Accept-Encoding
etag: W/"63cef890-50d6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 291eb343f680f52674b4a3eb6dba6b56
ed4182b7e4c11cc523ed7de0d6b35e90df69f2dd
67887356a99866517f404e5b5d8385dd24568e1dcb34b41c6ec3d09917354eff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.recaptcha.net/recaptcha/enterprise.js?render=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n
142.250.74.131200 OK 619 B URL HTTP/2 www.recaptcha.net/recaptcha/enterprise.js?render=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n
IP 142.250.74.131:0
File type ASCII text, with very long lines (977), with no line terminators
Hash 8518eb088a5aa16bd158dcf8055c4eab
dfba5e35feb12c6c3e1ef0dd42ed0b91e76538c9
6c0916ced2b1f982d70f2e84d6ed09bf7c21b755018431d8730d579350afa6a6
GET /recaptcha/enterprise.js?render=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 30 Jan 2023 13:43:36 GMT
date: Mon, 30 Jan 2023 13:43:36 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 619
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 291eb343f680f52674b4a3eb6dba6b56
ed4182b7e4c11cc523ed7de0d6b35e90df69f2dd
67887356a99866517f404e5b5d8385dd24568e1dcb34b41c6ec3d09917354eff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:43:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
app.birdseed.io/assets/baseline-phone.svg
3.218.243.195200 OK 288 B URL HTTP/2 app.birdseed.io/assets/baseline-phone.svg
IP 3.218.243.195:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text
Hash 4f459fd8fc92db25e1825336ac78f637
ead6e5c1e8c4677206b0a0297509edda5f13eb30
8ea51b7769f289aaca1eb577588bf70f1c3a435337a867434f79061fda39cccf
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /assets/baseline-phone.svg HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/widget/panel.html?referrer=none&available=true&token=3a5b0292b4f39e186dfdec9ea9190881&live_url=https://www.financialf.com/support&preview=null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:36 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 21:13:54 GMT
vary: Accept-Encoding
etag: W/"63cef892-1a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/a838c8e4-e3ce-442e-8f96-c88d0af98990.json
104.16.149.64200 OK 1.8 kB URL HTTP/2 cdn.cookielaw.org/consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/a838c8e4-e3ce-442e-8f96-c88d0af98990.json
IP 104.16.149.64:0
File type JSON data\012- , ASCII text, with very long lines (4860), with no line terminators
Hash ab808bb2591aabfecd0ecf1d6e1fa47c
e171ff9edfea2e76039c53d3bb07b871a5221a5a
5cb9457e8018bb8e388037fc094869f74a39c6fe2b6189ee322f545eac1e9574
GET /consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/a838c8e4-e3ce-442e-8f96-c88d0af98990.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Origin: https://calendly.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:36 GMT
content-type: application/x-javascript
content-length: 1767
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: q4CLslkaq/7NDs8dbh+kfA==
last-modified: Fri, 23 Sep 2022 14:23:04 GMT
etag: 0x8DA9D6F20AE7912
x-ms-request-id: 9cf98986-a01e-015f-0e77-cf6c4d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 51715
expires: Tue, 31 Jan 2023 13:43:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791aa3362aaf1c12-OSL
X-Firefox-Spdy: h2
app.birdseed.io/widget-styles.css?token=3a5b0292b4f39e186dfdec9ea9190881
3.218.243.195200 OK 24 kB URL HTTP/2 app.birdseed.io/widget-styles.css?token=3a5b0292b4f39e186dfdec9ea9190881
IP 3.218.243.195:0
Hash 40688a3126d920d6dd68696845aee36f
df8e9f4f65a4ded239773ce2ec8abc013da92dd0
968b544e9cb4db7978ae888fccc74f9e8c2caeac51b695a7ebe901a02da760a7
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /widget-styles.css?token=3a5b0292b4f39e186dfdec9ea9190881 HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/widget/panel.html?referrer=none&available=true&token=3a5b0292b4f39e186dfdec9ea9190881&live_url=https://www.financialf.com/support&preview=null
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:36 GMT
content-type: text/css; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
access-control-request-method: GET,POST,OPTIONS
etag: W/"b17abfa286f4a26de17c24fec1f5109d"
cache-control: max-age=0, private, must-revalidate
set-cookie: birdseed_id=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0--; path=/; expires=Tue, 30 Jan 2024 13:43:36 GMT; SameSite=Lax; secure
x-request-id: e770bac2-dc6d-4e00-b026-8853490ae221
x-runtime: 0.009061
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding, Origin
content-encoding: gzip
X-Firefox-Spdy: h2
app.birdseed.io/assets/jquery/jquery.min.js
3.218.243.195200 OK 116 kB URL HTTP/2 app.birdseed.io/assets/jquery/jquery.min.js
IP 3.218.243.195:0
File type ASCII text, with very long lines (32023), with CRLF line terminators
Size 116 kB (116490 bytes)
Hash f4de3e1e3f5500d86f0f8270926c61ae
93867c34f0badf0192616a08590364b9c205cfce
4a2e06c9490eca10afde37ea4a19d0b4a9fb62ff705bc3a28f848c3cfa0a25a8
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /assets/jquery/jquery.min.js HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/widget/panel.html?referrer=none&available=true&token=3a5b0292b4f39e186dfdec9ea9190881&live_url=https://www.financialf.com/support&preview=null
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:36 GMT
content-type: application/javascript
last-modified: Mon, 23 Jan 2023 21:13:54 GMT
vary: Accept-Encoding
etag: W/"63cef892-1469c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
d3v0px0pttie1i.cloudfront.net/uploads/user/avatar/75472/f47caf91.png
54.230.245.86200 OK 7.2 kB URL HTTP/1.1 d3v0px0pttie1i.cloudfront.net/uploads/user/avatar/75472/f47caf91.png
IP 54.230.245.86:0
File type PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash ff793a3c7589131dcf1b12105b9d51aa
d21c9c5e650a0eb7d2df3ddabf22891e45356dc6
e2e424692812ad16bf038cc0c38e7d5e877cc39e832d75da692790721502d929
GET /uploads/user/avatar/75472/f47caf91.png HTTP/1.1
Host: d3v0px0pttie1i.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 7156
Connection: keep-alive
Date: Mon, 30 Jan 2023 13:43:37 GMT
Last-Modified: Thu, 10 Dec 2015 03:53:50 GMT
ETag: "ff793a3c7589131dcf1b12105b9d51aa"
Cache-Control: max-age=315576000
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HAGl-nFfhb0aEdwFW0SylIsV0aTKRn4lBsFCjM6YvOc8k-DlQDTMKA==
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
104.18.26.85200 OK 25 kB URL HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP 104.18.26.85:0
File type ASCII text, with very long lines (56403), with no line terminators
Hash a42c6333a13e5376af95f46fd9c7b627
57a98e519a44915e39a0cb6f23812adfa6611e67
62bff9dd0379da44f9d7f739af671bb6b243c016b49c7146b431ae9e6b9cb41b
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Origin: https://calendly.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:36 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791aa337ba8fb51e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/5951f320-20c6-4a8b-af0f-fd8407279735/en.json
104.16.149.64200 OK 21 kB URL HTTP/2 cdn.cookielaw.org/consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/5951f320-20c6-4a8b-af0f-fd8407279735/en.json
IP 104.16.149.64:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Hash 53c569621461f0386d693c493281e2a1
5c689aca672259108d4e6d3346973f229f308f38
99e7bf0855166fa1881fee477c05906fe832677584a62507e57d7a774f76fe4b
GET /consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/5951f320-20c6-4a8b-af0f-fd8407279735/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Origin: https://calendly.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:37 GMT
content-type: application/x-javascript
content-length: 20906
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: U8VpYhRh8DhtaTxJMoHioQ==
last-modified: Fri, 23 Sep 2022 14:23:26 GMT
etag: 0x8DA9D6F2E2A99CC
x-ms-request-id: 1008f8a9-201e-0128-685f-cfe90c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 51715
expires: Tue, 31 Jan 2023 13:43:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791aa338ad551c12-OSL
X-Firefox-Spdy: h2
js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
54.230.111.108200 OK 200 B URL HTTP/2 js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
IP 54.230.111.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 93afeeb17bc37e711759584dbfc50d47
bbbc9e5d68854172c90b993064df560996a2a433
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
GET /v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 200
last-modified: Thu, 26 Jan 2023 15:39:05 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Mon, 30 Jan 2023 12:44:31 GMT
cache-control: max-age=31536000
etag: "93afeeb17bc37e711759584dbfc50d47"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0b7IjRNfFFceYIpWoQwjUfkITl09KZrYZAcy1HvCAlD0DSVufKbRMg==
age: 3552
X-Firefox-Spdy: h2
notifier-configs.airbrake.io/2020-06-18/config/90109/config.json?¬ifier_name=airbrake-js%2Fbrowser¬ifier_version=2.1.5&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=JavaScript
54.230.111.92200 OK 0 B URL HTTP/2 notifier-configs.airbrake.io/2020-06-18/config/90109/config.json?¬ifier_name=airbrake-js%2Fbrowser¬ifier_version=2.1.5&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=JavaScript
IP 54.230.111.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /2020-06-18/config/90109/config.json?¬ifier_name=airbrake-js%2Fbrowser¬ifier_version=2.1.5&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=JavaScript HTTP/1.1
Host: notifier-configs.airbrake.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control
Referer: https://calendly.com/
Origin: https://calendly.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Mon, 30 Jan 2023 13:43:38 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: cache-control
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TdaMsDFMlyHDI4K0Pdx7ce65NBCoIBQXUprGt7J78bVPZPMPSBIUwQ==
X-Firefox-Spdy: h2
www.transfernow.net/cdn/_next/static/chunks/pages/_app-424f4fbafb2246f6.js
104.26.15.166200 OK 316 kB URL HTTP/2 www.transfernow.net/cdn/_next/static/chunks/pages/_app-424f4fbafb2246f6.js
IP 104.26.15.166:0
File type ASCII text, with very long lines (39132)
Size 316 kB (316315 bytes)
Hash 87099ac21d3faa14ceddd8551cfcf621
cd8ee85562cceec3822532004595a5a907531e16
9b23acaa78cc328c55d8fb900b9141ae68552712fb24a9871b89336eb11254ff
GET /cdn/_next/static/chunks/pages/_app-424f4fbafb2246f6.js HTTP/1.1
Host: www.transfernow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.transfernow.net/en/widgets/d301ce7e-05dd-4f53-a0dc-b23c71b84785
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:34 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=1057179
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"378631e68bae670748e7238e3bb10f32"
expires: Mon, 30 Jan 2023 13:53:41 GMT
last-modified: Fri, 27 Jan 2023 16:26:47 GMT
x-goog-generation: 1674836807609007
x-goog-hash: crc32c=Ic8Zew==, md5=N4Yx5ouuZwdI5yOOO7EPMg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1057179
x-guploader-uploadid: ADPycdtkTOctoh_kHvMmtmh3Gckxnqz6TZLJf9sPC1-ZON9SpIYov8-ncegBKzn_XRTDp0pe_fpZLrSjOOx3zARIcIPq
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VwuQkeZLZH3y0VCll4yDriVC%2Bo9E2RVe3D4TuPZWgac49BdM4eGiOZ%2B6Lgo4D6PSTtIsmMzCwNWse%2F9YNEiuDeWJKClD1mBVTyQRcQKXXlpch73pRN0ybf6oGZrguyizx144UPU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791aa327dce80b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
notifier-configs.airbrake.io/2020-06-18/config/90109/config.json?¬ifier_name=airbrake-js%2Fbrowser¬ifier_version=2.1.5&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=JavaScript
54.230.111.92200 OK 218 B URL HTTP/2 notifier-configs.airbrake.io/2020-06-18/config/90109/config.json?¬ifier_name=airbrake-js%2Fbrowser¬ifier_version=2.1.5&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=JavaScript
IP 54.230.111.92:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 539c4cea4ea951c45968ba49186e20a9
d8baf2ba9eb73882d56d77d4b776d144d789958f
8acee54f6a0177511da9094fe528e7a359d5acc11e062cd7d370be3051ecd961
GET /2020-06-18/config/90109/config.json?¬ifier_name=airbrake-js%2Fbrowser¬ifier_version=2.1.5&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=JavaScript HTTP/1.1
Host: notifier-configs.airbrake.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Cache-Control: no-cache,no-store
Origin: https://calendly.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 218
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Mon, 02 Jan 2023 22:00:27 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 30 Jan 2023 03:38:02 GMT
etag: "539c4cea4ea951c45968ba49186e20a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U7C-LjD9jUhg7b_7BC-3SvJyJF8v4p9_HnVtcOp_Zd4HXiGrOGW5MQ==
age: 36338
X-Firefox-Spdy: h2
d6tizftlrpuof.cloudfront.net/themes/production/calendly-button-9e30fd77312fabb2823bda5a1bb5dd0a.png
54.230.245.32200 OK 18 kB URL HTTP/1.1 d6tizftlrpuof.cloudfront.net/themes/production/calendly-button-9e30fd77312fabb2823bda5a1bb5dd0a.png
IP 54.230.245.32:0
File type PNG image data, 124 x 346, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e30fd77312fabb2823bda5a1bb5dd0a
d73fe248de520eb1feb1f59b5d0b81d0d08b1373
cb9e8d97338c770b63b0dd38c1db7545366cfda8771250766cb7f495e8e7917e
GET /themes/production/calendly-button-9e30fd77312fabb2823bda5a1bb5dd0a.png HTTP/1.1
Host: d6tizftlrpuof.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://calendly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 17809
Connection: keep-alive
Date: Tue, 03 May 2022 04:17:22 GMT
Last-Modified: Wed, 02 Dec 2020 14:10:43 GMT
ETag: "9e30fd77312fabb2823bda5a1bb5dd0a"
Cache-Control: max-age=315360000, no-transform, public
x-amz-version-id: cz0L5pUEg4OXaPVwxdi7ClxwVHgB4x1_
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: D4drc_ki2IKgPGpCsOLP6O7npD057eAlXlhV_h9XBiJIGy4QC9Ds3w==
Age: 23534775
cdn.cookielaw.org/scripttemplates/6.35.0/assets/otFlat.json
104.16.149.64200 OK 3.0 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.35.0/assets/otFlat.json
IP 104.16.149.64:0
File type JSON data\012- , ASCII text, with very long lines (10856)
Hash cc948eb637569cf77ed166fd88c3725f
1f4a0b0572bec956b6cf690649a2d02b84bb57e2
33dfefa3180070c5a5006930180d07fd4248aa69b6b82d81e246db42ce82bb26
GET /scripttemplates/6.35.0/assets/otFlat.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Origin: https://calendly.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:37 GMT
content-type: application/json
content-length: 2959
content-encoding: gzip
content-md5: zJSOtjdWnPd+0Wb9iMNyXw==
last-modified: Mon, 06 Jun 2022 06:20:56 GMT
etag: 0x8DA4784B7908BBB
x-ms-request-id: 76124876-a01e-0176-5b81-791a0f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 51715
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791aa33a6ee01c12-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.35.0/assets/v2/otPcPanel.json
104.16.149.64200 OK 13 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.35.0/assets/v2/otPcPanel.json
IP 104.16.149.64:0
File type JSON data\012- , ASCII text, with very long lines (51572)
Hash 9246cb73c01d3b10b1067a8b4e7010a6
5565240d8384405f853a078aa9c436d33748caa0
5aca462cb4e9f0fd04a42f030a23531e9a8f937d0aaa697b25af883e92a94841
GET /scripttemplates/6.35.0/assets/v2/otPcPanel.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Origin: https://calendly.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:37 GMT
content-type: application/json
content-length: 13040
content-encoding: gzip
content-md5: kkbLc8AdOxCxBnqLTnAQpg==
last-modified: Mon, 06 Jun 2022 06:20:59 GMT
etag: 0x8DA4784B91103B6
x-ms-request-id: e6607447-f01e-016e-6a82-79379a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 51715
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791aa33a6ee41c12-OSL
X-Firefox-Spdy: h2
js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
54.230.111.108200 OK 631 B URL HTTP/2 js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
IP 54.230.111.108:0
File type ASCII text, with very long lines (526)
Hash f8f6a4584135f737b26927596ce6e0a7
609ea9e9c46563fb1dc78a7967c926394e73ffab
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
GET /v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 631
last-modified: Thu, 26 Jan 2023 15:39:05 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
date: Mon, 30 Jan 2023 12:44:21 GMT
cache-control: max-age=31536000
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nJAiB8jLXf4iAcWMlI-Bq4HOW3j3K_xc8qqQnDOoZBNezkIDfYT96A==
age: 3556
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ramda/0.25.0/ramda.min.js
104.17.25.14200 OK 11 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ramda/0.25.0/ramda.min.js
IP 104.17.25.14:0
File type Unicode text, UTF-8 text, with very long lines (44705)
Hash be8b1a250fee69e4af50fc3699a4d2e0
a50ff4ee1b5dff6328737c1ca8d7fe47ab81277c
c19e70df8dc29d7dd1553a6e24665ffc2da2f9f3ab3e386d2b521cc55c466868
GET /ajax/libs/ramda/0.25.0/ramda.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 10820
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fb4-aec7"
last-modified: Mon, 04 May 2020 16:15:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 20526636
expires: Sat, 20 Jan 2024 13:43:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdmoGUMRSCQ1GEFF%2FHKHzKwbLMEaZQR4VWPDPTF7nXFpDiWu2VXlcUXj9%2F%2Fx7fOFWFjOLvgvgErKCXdpXgQXN5fY%2FDk7j%2F4PO5A%2FN%2FNksWqxXneXN60IFwJN6zg8dfW55G%2B03S58"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 791aa33bfeb9b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
104.16.149.64200 OK 2.5 kB URL HTTP/2 cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
IP 104.16.149.64:0
Hash 63c98bf32001362eeaea7c1cd04ff468
d6cd7b14aced1232b8177c5734b865181f53bb72
80f9c2425550af930b068ae1333b19a9a78962df4d49430c71331406982a641e
GET /logos/static/poweredBy_ot_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:37 GMT
content-type: image/svg+xml
content-md5: LpuayL42jB78xRllx0vkOw==
last-modified: Fri, 27 Jan 2023 07:38:17 GMT
x-ms-request-id: b23dbcb2-c01e-0166-0fa4-322ce9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 56100
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791aa33ade3db503-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ion-sound/3.0.7/js/ion.sound.min.js
104.17.25.14200 OK 2.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ion-sound/3.0.7/js/ion.sound.min.js
IP 104.17.25.14:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (535), with CRLF line terminators
Hash da740f7f50239ba8e2cacacb514a569c
ff4f8eda4bcc2a4713a7498cce0d6b459a6ee6c4
5c3c94dc5453e359b08bf4ac69593d05c962da1b79a1b5c9c30b285385fd9957
GET /ajax/libs/ion-sound/3.0.7/js/ion.sound.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 2837
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ea7-323c"
last-modified: Mon, 04 May 2020 16:11:19 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 17938887
expires: Sat, 20 Jan 2024 13:43:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlKrzKNUkfzSDtm%2BogVGmV%2F8KhsKl%2B9O9KP5lEUelo%2FQsf6CqyUa%2F2%2F6XgDW2og5mx2p2OSK0lfHAkZ92L%2F68VEtVFkYWJ%2FRHo68mUuyHn50kUPt6W9RA2XEJuPTE8Zkdsb14Aol"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 791aa33c0ec9b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://app.birdseed.io
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:52:41 GMT
expires: Tue, 23 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 586256
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
216.58.207.227200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://app.birdseed.io
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:28:49 GMT
expires: Thu, 25 Jan 2024 19:28:49 GMT
cache-control: public, max-age=31536000
age: 411288
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
216.58.207.227200 OK 128 kB URL HTTP/2 fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size 128 kB (128352 bytes)
Hash 53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://app.birdseed.io
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 12:51:13 GMT
expires: Sat, 27 Jan 2024 12:51:13 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
content-type: font/woff2
age: 262344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
app.birdseed.io/load-widget-settings
3.218.243.195200 OK 4.4 kB URL HTTP/2 app.birdseed.io/load-widget-settings
IP 3.218.243.195:0
Hash 4a5c51422eff09a854631e56ddf62a1f
6d57dcca59e0fd443d2cdfea673e6a2eb00238b4
035c980a7ed5f1caccb49db162fd3c588ee2b23bab214d09d709523ed6706c19
Analyzer Verdict Alert mnemonic_dns Sinkholed
POST /load-widget-settings HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/widget/panel.html?referrer=none&available=true&token=3a5b0292b4f39e186dfdec9ea9190881&live_url=https://www.financialf.com/support&preview=null
content-type: application/json
Content-Length: 185
Origin: https://app.birdseed.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:37 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.birdseed.io
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-request-method: GET,POST,OPTIONS
etag: W/"8b9d56a6549c74345db29c5f7f7698e6"
cache-control: max-age=0, private, must-revalidate
set-cookie: birdseed_id=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0--; path=/; expires=Tue, 30 Jan 2024 13:43:37 GMT; SameSite=Lax; secure
x-request-id: 13c46ac5-a93d-48d8-a877-622243014a0f
x-runtime: 0.059982
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding, Origin
content-encoding: gzip
X-Firefox-Spdy: h2
app.birdseed.io/assets/widget-button-e992459bc444d92d02793b47dc6716bc4ddff95f34722e68f1a7e102160a487f.svg
3.218.243.195200 OK 805 B URL HTTP/2 app.birdseed.io/assets/widget-button-e992459bc444d92d02793b47dc6716bc4ddff95f34722e68f1a7e102160a487f.svg
IP 3.218.243.195:0
Hash c98cd5bd36274c478469caba41361102
09d9476b5d1e60886d19185044db11c6bec9a4b6
b140bd55823eda80a7b9ed8ab7bd42cb610e5f2d50c5ad721a60dd300eecfa16
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /assets/widget-button-e992459bc444d92d02793b47dc6716bc4ddff95f34722e68f1a7e102160a487f.svg HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/widget-styles.css?token=3a5b0292b4f39e186dfdec9ea9190881
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:37 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 21:13:52 GMT
vary: Accept-Encoding
etag: W/"63cef890-47f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
app.birdseed.io/assets/tool-icon-call-request1-8b2c97cedbce0fdc6d2ef47e3ec4072575dd25f2d2f9a78f0f64d4a30028b449.svg
3.218.243.195200 OK 0 B URL HTTP/2 app.birdseed.io/assets/tool-icon-call-request1-8b2c97cedbce0fdc6d2ef47e3ec4072575dd25f2d2f9a78f0f64d4a30028b449.svg
IP 3.218.243.195:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /assets/tool-icon-call-request1-8b2c97cedbce0fdc6d2ef47e3ec4072575dd25f2d2f9a78f0f64d4a30028b449.svg HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/widget/panel.html?referrer=none&available=true&token=3a5b0292b4f39e186dfdec9ea9190881&live_url=https://www.financialf.com/support&preview=null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:37 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 21:13:52 GMT
vary: Accept-Encoding
etag: W/"63cef890-3e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
app.birdseed.io/init-widget
3.218.243.195200 OK 0 B URL HTTP/2 app.birdseed.io/init-widget
IP 3.218.243.195:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
POST /init-widget HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/widget/panel.html?referrer=none&available=true&token=3a5b0292b4f39e186dfdec9ea9190881&live_url=https://www.financialf.com/support&preview=null
content-type: application/json
Content-Length: 185
Origin: https://app.birdseed.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:37 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.birdseed.io
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-request-method: GET,POST,OPTIONS
etag: W/"fa80a0199351ec2fdefa834fcf1ce90b"
cache-control: max-age=0, private, must-revalidate
set-cookie: birdseed_id=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0--; path=/; expires=Tue, 30 Jan 2024 13:43:37 GMT; SameSite=Lax; secure
x-request-id: 5e6e15c9-d4ac-4dc9-9c67-bf905b05fe30
x-runtime: 0.095668
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding, Origin
content-encoding: gzip
X-Firefox-Spdy: h2
app.birdseed.io/css/birdseed-embed.css
3.218.243.195200 OK 0 B URL HTTP/2 app.birdseed.io/css/birdseed-embed.css
IP 3.218.243.195:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /css/birdseed-embed.css HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:35 GMT
content-type: text/css
last-modified: Mon, 23 Jan 2023 21:13:54 GMT
vary: Accept-Encoding
etag: W/"63cef892-93d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.birdseed.io/widget.bundle.js
54.230.111.72200 OK 0 B URL HTTP/2 cdn.birdseed.io/widget.bundle.js
IP 54.230.111.72:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /widget.bundle.js HTTP/1.1
Host: cdn.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 09 Dec 2022 17:39:25 GMT
x-amz-version-id: DaAuAlNM99_Dr3T_ximgKLiNJPZN2iyI
server: AmazonS3
content-encoding: gzip
date: Wed, 25 Jan 2023 01:13:55 GMT
cache-control: max-age=1296000
etag: W/"6d217d286a737908dbb6b244dc0a86d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: erZYrtQcjKggeYjOphhS6keISw3uTs1vJyrP3xO7fW_kYcQ_Kz_hDg==
age: 476982
X-Firefox-Spdy: h2
app.birdseed.io/assets/sentiment5-17c6c237a73d61b82fc4309f6fb2c01ebe041a6f3d86cedc3f6c07e2c1d9a980.svg
3.218.243.195200 OK 0 B URL HTTP/2 app.birdseed.io/assets/sentiment5-17c6c237a73d61b82fc4309f6fb2c01ebe041a6f3d86cedc3f6c07e2c1d9a980.svg
IP 3.218.243.195:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /assets/sentiment5-17c6c237a73d61b82fc4309f6fb2c01ebe041a6f3d86cedc3f6c07e2c1d9a980.svg HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/widget/panel.html?referrer=none&available=true&token=3a5b0292b4f39e186dfdec9ea9190881&live_url=https://www.financialf.com/support&preview=null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:36 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 21:13:52 GMT
vary: Accept-Encoding
etag: W/"63cef890-728"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
app.birdseed.io/assets/tool-icon-live-chat1-186238118500006e221ccd7307e9e32763df295643ea4307f3c28ab99aefc7ba.svg
3.218.243.195200 OK 0 B URL HTTP/2 app.birdseed.io/assets/tool-icon-live-chat1-186238118500006e221ccd7307e9e32763df295643ea4307f3c28ab99aefc7ba.svg
IP 3.218.243.195:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /assets/tool-icon-live-chat1-186238118500006e221ccd7307e9e32763df295643ea4307f3c28ab99aefc7ba.svg HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/widget/panel.html?referrer=none&available=true&token=3a5b0292b4f39e186dfdec9ea9190881&live_url=https://www.financialf.com/support&preview=null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:37 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 21:13:52 GMT
vary: Accept-Encoding
etag: W/"63cef890-89e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
app.birdseed.io/assets/tool-icon-phone1-0b96799f339bed4e5b08629d3140e2c718015d8265feff0fa9174febc23927b1.svg
3.218.243.195200 OK 0 B URL HTTP/2 app.birdseed.io/assets/tool-icon-phone1-0b96799f339bed4e5b08629d3140e2c718015d8265feff0fa9174febc23927b1.svg
IP 3.218.243.195:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /assets/tool-icon-phone1-0b96799f339bed4e5b08629d3140e2c718015d8265feff0fa9174febc23927b1.svg HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/widget/panel.html?referrer=none&available=true&token=3a5b0292b4f39e186dfdec9ea9190881&live_url=https://www.financialf.com/support&preview=null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:37 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 21:13:52 GMT
vary: Accept-Encoding
etag: W/"63cef890-575"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
www.transfernow.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
104.26.15.166200 OK 0 B URL HTTP/2 www.transfernow.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 104.26.15.166:0
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.transfernow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.transfernow.net/en/widgets/d301ce7e-05dd-4f53-a0dc-b23c71b84785
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:34 GMT
content-type: application/javascript
last-modified: Mon, 23 Jan 2023 11:05:52 GMT
etag: W/"63ce6a10-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtPf2DNtHQO6VZYDoViKEEuQtTg9pPy1OkEFqZJkhzCGxUIfadsjx%2FP6n95QTSh1mDFwRdB%2FR61wV1JOC%2BNVw%2BEvijjGdVZiwcKti5Y3bxT4n90YgGtouV2nXkW3VnerzLCwmiA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791aa3277c990b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 01 Feb 2023 13:43:34 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
assets.calendly.com/assets/booking/css/booking-537a6a72.css
172.66.40.230200 OK 0 B URL HTTP/2 assets.calendly.com/assets/booking/css/booking-537a6a72.css
IP 172.66.40.230:0
GET /assets/booking/css/booking-537a6a72.css HTTP/1.1
Host: assets.calendly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Cookie: __cf_bm=SG21M_FWwaz83ZEFOC.fq.or7H5At6XGJ_AZp7lvEek-1675086213-0-AfyOGTHCR8IFw0amJMYyhrwSE1gsEKYobuA1wA3cK+GsCnkzLA0cZfjE0iOBJ7xo6djWQm4X0y8b2b8tdsWsGWA=; __cfruid=dd9e2d91898e363af1b8936847a5ca316eea2976-1675086214
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:35 GMT
content-type: text/css
cf-ray: 791aa32b59ceb4f1-OSL
age: 843312
cache-control: public, max-age=31536000
etag: W/"0cc035441023ca0b9062c025ccdd1f7e"
expires: Tue, 31 Jan 2023 13:43:35 GMT
last-modified: Fri, 20 Jan 2023 19:21:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=353141
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
app.birdseed.io/assets/button-icon-chat-1d87bcd4221e0054639c34af32d595025f8a1073d5d9ceacea13315f9d18a104.svg
3.218.243.195200 OK 0 B URL HTTP/2 app.birdseed.io/assets/button-icon-chat-1d87bcd4221e0054639c34af32d595025f8a1073d5d9ceacea13315f9d18a104.svg
IP 3.218.243.195:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /assets/button-icon-chat-1d87bcd4221e0054639c34af32d595025f8a1073d5d9ceacea13315f9d18a104.svg HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/widget/panel.html?referrer=none&available=true&token=3a5b0292b4f39e186dfdec9ea9190881&live_url=https://www.financialf.com/support&preview=null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:37 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 21:13:52 GMT
vary: Accept-Encoding
etag: W/"63cef890-1ab8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
app.birdseed.io/assets/intl-tel-input/js/intlTelInput.min.js
3.218.243.195200 OK 0 B URL HTTP/2 app.birdseed.io/assets/intl-tel-input/js/intlTelInput.min.js
IP 3.218.243.195:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /assets/intl-tel-input/js/intlTelInput.min.js HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/widget/panel.html?referrer=none&available=true&token=3a5b0292b4f39e186dfdec9ea9190881&live_url=https://www.financialf.com/support&preview=null
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:37 GMT
content-type: application/javascript
last-modified: Mon, 23 Jan 2023 21:13:54 GMT
vary: Accept-Encoding
etag: W/"63cef892-6f10"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
app.birdseed.io/assets/star-5d03e86b5d66eb7da5d34a57fe3475b2a6c808ade3de1793ad50f31b29c133de.svg
3.218.243.195200 OK 0 B URL HTTP/2 app.birdseed.io/assets/star-5d03e86b5d66eb7da5d34a57fe3475b2a6c808ade3de1793ad50f31b29c133de.svg
IP 3.218.243.195:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /assets/star-5d03e86b5d66eb7da5d34a57fe3475b2a6c808ade3de1793ad50f31b29c133de.svg HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/widget/panel.html?referrer=none&available=true&token=3a5b0292b4f39e186dfdec9ea9190881&live_url=https://www.financialf.com/support&preview=null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:36 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 21:13:52 GMT
vary: Accept-Encoding
etag: W/"63cef890-43b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
js.stripe.com/v3
54.230.111.108200 OK 0 B IP 54.230.111.108:0
GET /v3 HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Fri, 27 Jan 2023 18:33:56 GMT
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-encoding: br
date: Mon, 30 Jan 2023 13:43:36 GMT
cache-control: max-age=60
etag: W/"84b0eede224735da61e59f61888b10ca"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2o1bgusdt2ewQrOQShg9n5HKisyOGWFOrz3C7tsMVTamPMHHM8AHTg==
age: 21
X-Firefox-Spdy: h2
assets.calendly.com/assets/booking/js/booking-ab50ebda.js
172.66.40.230200 OK 0 B URL HTTP/2 assets.calendly.com/assets/booking/js/booking-ab50ebda.js
IP 172.66.40.230:0
GET /assets/booking/js/booking-ab50ebda.js HTTP/1.1
Host: assets.calendly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Connection: keep-alive
Cookie: __cf_bm=SG21M_FWwaz83ZEFOC.fq.or7H5At6XGJ_AZp7lvEek-1675086213-0-AfyOGTHCR8IFw0amJMYyhrwSE1gsEKYobuA1wA3cK+GsCnkzLA0cZfjE0iOBJ7xo6djWQm4X0y8b2b8tdsWsGWA=; __cfruid=dd9e2d91898e363af1b8936847a5ca316eea2976-1675086214
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:35 GMT
content-type: application/javascript
cf-ray: 791aa32f5f68b4f1-OSL
age: 843312
cache-control: public, max-age=31536000
etag: W/"efa3f24df5ca2aede260e42335c783e5"
expires: Tue, 31 Jan 2023 13:43:35 GMT
last-modified: Fri, 20 Jan 2023 19:21:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=1590709
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.transfernow.net/cdn/_next/static/chunks/framework-1aa899be9db520d4.js
104.26.15.166200 OK 0 B URL HTTP/2 www.transfernow.net/cdn/_next/static/chunks/framework-1aa899be9db520d4.js
IP 104.26.15.166:0
GET /cdn/_next/static/chunks/framework-1aa899be9db520d4.js HTTP/1.1
Host: www.transfernow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.transfernow.net/en/widgets/d301ce7e-05dd-4f53-a0dc-b23c71b84785
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:34 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=141078
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"163675fbe9970e3745dff6d34c604d02"
expires: Mon, 30 Jan 2023 13:47:36 GMT
last-modified: Thu, 26 Jan 2023 19:52:17 GMT
x-goog-generation: 1674762737423739
x-goog-hash: crc32c=xx5Z0Q==, md5=FjZ1++mXDjdF3/bTTGBNAg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 141078
x-guploader-uploadid: ADPycdsH-S77IV7OrB06CwvYVg_nTenHY-JJKAz083E23FRXYa_1HNb9oR6-Ut_jGN8ggC8f1qaHS3GrcY-so1cNFuQIMg
cf-cache-status: HIT
age: 866
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsxB0rk6fXh18p0QT0DfoxM7ogTr4b9rQPIgHmKjOh0y718y8%2ByLVcw4HvFGkX3kLlwrsKnI9yJd9Pea6qr9RGqR7v6a5EPuZknMQQe9Skw9c%2F2xOtSoZ0kBcRoRHCmN5qtVSf0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791aa327eceb0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
app.birdseed.io/api/v2/accounts/check_account_load_on_scroll?token=3a5b0292b4f39e186dfdec9ea9190881
3.218.243.195200 OK 0 B URL HTTP/2 app.birdseed.io/api/v2/accounts/check_account_load_on_scroll?token=3a5b0292b4f39e186dfdec9ea9190881
IP 3.218.243.195:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /api/v2/accounts/check_account_load_on_scroll?token=3a5b0292b4f39e186dfdec9ea9190881 HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.financialf.com
Connection: keep-alive
Referer: https://www.financialf.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:34 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-request-method: GET,POST,OPTIONS
vary: Accept-Encoding, Accept, Origin
etag: W/"b6458df1f10416eae1e9d4dcf8b2ae98"
cache-control: max-age=0, private, must-revalidate
set-cookie: birdseed_id=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0--; path=/; expires=Tue, 30 Jan 2024 13:43:34 GMT; SameSite=Lax; secure
x-request-id: d49bb67c-bc4e-4b41-9832-3c52505ad41e
x-runtime: 0.008300
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
app.birdseed.io/assets/intl-tel-input/css/intlTelInput.min.css
3.218.243.195200 OK 0 B URL HTTP/2 app.birdseed.io/assets/intl-tel-input/css/intlTelInput.min.css
IP 3.218.243.195:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /assets/intl-tel-input/css/intlTelInput.min.css HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/widget/panel.html?referrer=none&available=true&token=3a5b0292b4f39e186dfdec9ea9190881&live_url=https://www.financialf.com/support&preview=null
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:36 GMT
content-type: text/css
last-modified: Mon, 23 Jan 2023 21:13:54 GMT
vary: Accept-Encoding
etag: W/"63cef892-4b25"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.1.0/css/brands.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.1.0/css/brands.css
IP 172.64.132.15:0
GET /releases/v5.1.0/css/brands.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:36 GMT
content-type: text/css
x-amz-id-2: LB1dDLmDE3RWKXadhL227+SGFiBEde4lI2UvI7E1haUQu1+ltFE6wOtBAfDnghbtvWRPTnIN6es=
x-amz-request-id: 0Y1N6BXRJHRRRDFM
last-modified: Wed, 30 Jun 2021 15:30:31 GMT
etag: W/"a3ceb4f1b808969cd8f1bb0aac1510c2"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1401503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ke1fKuF%2Bzz7bL7Oe5w5d5NyQEIif3n67AaMVqKPi4BxOaWLUJBKP4XDvWW4qiEvkSI4tF6WRyMuzfFNEmcUNtS5RQVmvuU9Swcn1KoKrayujzeYNIObMYddrmoadWsw9uQ5Puywv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791aa332d893779b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.birdseed.io/assets/tool-icon-live-chat1-186238118500006e221ccd7307e9e32763df295643ea4307f3c28ab99aefc7ba.svg
3.218.243.195200 OK 0 B URL HTTP/2 app.birdseed.io/assets/tool-icon-live-chat1-186238118500006e221ccd7307e9e32763df295643ea4307f3c28ab99aefc7ba.svg
IP 3.218.243.195:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /assets/tool-icon-live-chat1-186238118500006e221ccd7307e9e32763df295643ea4307f3c28ab99aefc7ba.svg HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/widget/panel.html?referrer=none&available=true&token=3a5b0292b4f39e186dfdec9ea9190881&live_url=https://www.financialf.com/support&preview=null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:37 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 21:13:52 GMT
vary: Accept-Encoding
etag: W/"63cef890-89e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
www.transfernow.net/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675080000
104.26.15.166200 OK 0 B URL HTTP/2 www.transfernow.net/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675080000
IP 104.26.15.166:0
GET /cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675080000 HTTP/1.1
Host: www.transfernow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:34 GMT
content-type: application/javascript; charset=UTF-8
x-control-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJ9gQaWzb6MdCnUWoiohL6yNZoEOs%2FZh5CL%2B9ltvI76UWiT1BzCiySZQGh0aErUJycbtEMamz1vvS4%2BJ804rn8OlRrB1Fwfd3pFxKeM2dZJDk%2BgCE5u5bVoovhkpn7UicHlbhgU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791aa327ecf10b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/leaflet@1.6.0/dist/leaflet.js
104.16.126.175200 OK 0 B URL HTTP/2 unpkg.com/leaflet@1.6.0/dist/leaflet.js
IP 104.16.126.175:0
GET /leaflet@1.6.0/dist/leaflet.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:36 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"22d09-HJo6tWuVO3o/u4lm8+IrxwxIyMk"
via: 1.1 fly.io
fly-request-id: 01G4XK9EW68CWC43QMS1K4B018-fra
cf-cache-status: HIT
age: 20530492
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791aa3329eb9b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
app.birdseed.io/assets/sentiment4-56efe792cca635568cc89c306ce29e236f70f5d7855fd6482a57cdeae16f3bb0.svg
3.218.243.195200 OK 0 B URL HTTP/2 app.birdseed.io/assets/sentiment4-56efe792cca635568cc89c306ce29e236f70f5d7855fd6482a57cdeae16f3bb0.svg
IP 3.218.243.195:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /assets/sentiment4-56efe792cca635568cc89c306ce29e236f70f5d7855fd6482a57cdeae16f3bb0.svg HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/widget/panel.html?referrer=none&available=true&token=3a5b0292b4f39e186dfdec9ea9190881&live_url=https://www.financialf.com/support&preview=null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:36 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 21:13:52 GMT
vary: Accept-Encoding
etag: W/"63cef890-7a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCommonStyles.css
104.16.149.64200 OK 0 B URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCommonStyles.css
IP 104.16.149.64:0
GET /scripttemplates/6.35.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://calendly.com/
Origin: https://calendly.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:37 GMT
content-type: text/css
content-md5: /wtHD+oYY7dZRzCx50GZrQ==
last-modified: Mon, 06 Jun 2022 06:21:12 GMT
x-ms-request-id: 56bfbd6c-f01e-00c0-7082-7952a2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 51715
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791aa33a6ee51c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
m.stripe.network/out-4.5.42.js
54.230.111.59200 OK 0 B URL HTTP/2 m.stripe.network/out-4.5.42.js
IP 54.230.111.59:0
GET /out-4.5.42.js HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.stripe.network/inner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Mon, 30 Jan 2023 13:38:45 GMT
cache-control: max-age=300, public
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ob0Sug9Uomuyxxj137bq5h9tAP9TcIGmXXlVx5OS-11klqbBwQ56qg==
age: 294
X-Firefox-Spdy: h2
www.transfernow.net/cdn/_next/static/Fyv5UwJJd_XjLXpZqriui/_buildManifest.js
104.26.15.166200 OK 0 B URL HTTP/2 www.transfernow.net/cdn/_next/static/Fyv5UwJJd_XjLXpZqriui/_buildManifest.js
IP 104.26.15.166:0
GET /cdn/_next/static/Fyv5UwJJd_XjLXpZqriui/_buildManifest.js HTTP/1.1
Host: www.transfernow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.transfernow.net/en/widgets/d301ce7e-05dd-4f53-a0dc-b23c71b84785
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:34 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"28b905182c24f5d02eeb9f75157919f4"
expires: Mon, 30 Jan 2023 13:55:13 GMT
last-modified: Fri, 27 Jan 2023 16:26:30 GMT
x-goog-generation: 1674836790909387
x-goog-hash: crc32c=DFrvoQ==, md5=KLkFGCwk9dAu6591FXkZ9A==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9357
x-guploader-uploadid: ADPycdsUhPKZTgssUvApYCrjmHb2IbVU6O-YuJZAny2nJyy8tXZ9pt7A2CW9uOM4YyrtscP_cN8RG_Fr8i2hO8uMK19rFQ
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pRjRV2RFxn5wv%2BHUVKLJ4U0A7eii9QCh4A8D8KDiZDqLC3arpKe2YVH5imstoxEqKMNcY0CEHzxPi95uLAoXQQZylB%2FvDVHqSrxkhCokhUTN%2FTT9NF%2FYaB0koURaemovpFfpmyU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791aa327dcdf0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/leaflet@1.6.0/dist/leaflet.css
104.16.126.175200 OK 0 B URL HTTP/2 unpkg.com/leaflet@1.6.0/dist/leaflet.css
IP 104.16.126.175:0
GET /leaflet@1.6.0/dist/leaflet.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:36 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"37bc-eNGUkCb3bhCXe6sFt0PSpUCo4lU"
via: 1.1 fly.io
fly-request-id: 01F3YGTBXDTB968XA00N58PKH3
cf-cache-status: HIT
age: 24397000
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 791aa3328eadb511-OSL
content-encoding: br
X-Firefox-Spdy: h2
app.birdseed.io/widget/panel.html?referrer=none&available=true&token=3a5b0292b4f39e186dfdec9ea9190881&live_url=https://www.financialf.com/support&preview=null
3.218.243.195200 OK 0 B URL HTTP/2 app.birdseed.io/widget/panel.html?referrer=none&available=true&token=3a5b0292b4f39e186dfdec9ea9190881&live_url=https://www.financialf.com/support&preview=null
IP 3.218.243.195:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /widget/panel.html?referrer=none&available=true&token=3a5b0292b4f39e186dfdec9ea9190881&live_url=https://www.financialf.com/support&preview=null HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.financialf.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:35 GMT
content-type: text/html; charset=utf-8
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
access-control-request-method: GET,POST,OPTIONS
etag: W/"d56707316697107ae16302fdd1f6f0af"
cache-control: max-age=0, private, must-revalidate
set-cookie: birdseed_id=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0--; path=/; expires=Tue, 30 Jan 2024 13:43:35 GMT; SameSite=Lax; secure
x-request-id: 264d7dc2-33f6-47d6-93de-ae5c02268fdb
x-runtime: 0.009656
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding, Origin
content-encoding: gzip
X-Firefox-Spdy: h2
app.birdseed.io/assets/sentiment3-1d81b499d6391f7254c48308792d6a1fbdde2457f8d08ba2287742e2340d75f7.svg
3.218.243.195200 OK 0 B URL HTTP/2 app.birdseed.io/assets/sentiment3-1d81b499d6391f7254c48308792d6a1fbdde2457f8d08ba2287742e2340d75f7.svg
IP 3.218.243.195:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /assets/sentiment3-1d81b499d6391f7254c48308792d6a1fbdde2457f8d08ba2287742e2340d75f7.svg HTTP/1.1
Host: app.birdseed.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.birdseed.io/widget/panel.html?referrer=none&available=true&token=3a5b0292b4f39e186dfdec9ea9190881&live_url=https://www.financialf.com/support&preview=null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.0
date: Mon, 30 Jan 2023 13:43:36 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 21:13:52 GMT
vary: Accept-Encoding
etag: W/"63cef890-7d2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
www.transfernow.net/cdn/_next/static/chunks/2962-cb71dad8cd6ea724.js
104.26.15.166200 OK 0 B URL HTTP/2 www.transfernow.net/cdn/_next/static/chunks/2962-cb71dad8cd6ea724.js
IP 104.26.15.166:0
GET /cdn/_next/static/chunks/2962-cb71dad8cd6ea724.js HTTP/1.1
Host: www.transfernow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.transfernow.net/en/widgets/d301ce7e-05dd-4f53-a0dc-b23c71b84785
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:43:34 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"1c4f616d13a4d70536f1bfd8bb233fb3"
expires: Mon, 30 Jan 2023 13:46:13 GMT
last-modified: Mon, 23 Jan 2023 09:53:21 GMT
x-goog-generation: 1673437203658407
x-goog-hash: crc32c=jepiZg==, md5=HE9hbROk1wU28b/YuyM/sw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 13809
x-guploader-uploadid: ADPycduz1mCSo_P10VL_DSSZ8nJu3HwucufoevwX6ckozkjr9mZceJ3V-ensEpdawXl6fACthcjlbPEl632LDeaTcVZHow
cf-cache-status: HIT
age: 866
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZaQ1%2BTiSE5lW9loAQPYwPnbdxWpwN87EHa0INt4slkcz9K1Pwv%2FBPedNC4v%2BLQ7MzKli5AC5S2Nv%2FH2zB8rVuJ4vpMOoSpoi2Hm5%2Bl1YCqP0pZU8emXKQz233mWcjhTnvHz8K4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791aa327dce30b69-OSL
content-encoding: br
X-Firefox-Spdy: h2