www.konnexion.io/home/usps/verification/
301 Moved Permanently 339 B URL HTTP/1.1 www.konnexion.io/home/usps/verification/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 71fd9553d5e45fdeb7753f2f543375a3
e2a37bdbf895517f520d227cf9b4fd1e3115e71c
2c91a59011eafc7b66c46adc6367ee8ec318d57e528e46916b660bcc81f0f37c
Analyzer Verdict Alert fortinet Phishing
GET /home/usps/verification/ HTTP/1.1
Host: www.konnexion.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Oct 2022 15:34:47 GMT
Server: Apache/2.4.25 (Debian)
Location: https://www.konnexion.io//home/usps/verification/
Content-Length: 339
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5454
Expires: Tue, 04 Oct 2022 17:05:41 GMT
Date: Tue, 04 Oct 2022 15:34:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 14:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZRIVr-utaqI2uGFkUkNC4nvp72YOcZdk-5hebEHs22FTjpiQ9pMRLA==
Age: 2863
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IfnbdVrKMjDmPQho_3bfObg3_Vc9R3x2Q7aVlwbTiyXrbLRI9csdaA==
age: 36380
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 15:34:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash b872f0d9ccc3ebc925a78fa8dd76deae
a991272f8490cb9500aac2c917a8fe2435190793
615fae48fca4c738c50178d82aeee5d6b2d0eb9b89fd6cb0b905ce23fb63d522
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:34:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 07:11:57 GMT
Expires: Tue, 11 Oct 2022 07:11:56 GMT
Etag: "a991272f8490cb9500aac2c917a8fe2435190793"
Cache-Control: max-age=574028,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754efbd59a3db506-OSL
www.konnexion.io//home/usps/verification/
301 Moved Permanently 0 B URL HTTP/1.1 www.konnexion.io//home/usps/verification/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET //home/usps/verification/ HTTP/1.1
Host: www.konnexion.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Oct 2022 15:34:48 GMT
Server: Apache/2.4.25 (Debian)
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.konnexion.io/home/usps/verification/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 15:29:33 GMT
Expires: Tue, 04 Oct 2022 16:18:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MfxYpjwLL_7dfPwPjlU8dNAz5ZcleECpB-uRtNnJBgkhbrtTYdqfhg==
Age: 315
www.konnexion.io/home/usps/verification/
404 Not Found 42 kB URL HTTP/1.1 www.konnexion.io/home/usps/verification/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 0723bdc8c6d7a41e3593d5fa4cd97cc4
541c897e3567c4614e423a285cb94afb74875cf7
68d9d95fbfb311f12c80d2bed48df314fc118a19fdf75cfef5369c9e5394dea7
Analyzer Verdict Alert fortinet Phishing
GET /home/usps/verification/ HTTP/1.1
Host: www.konnexion.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Tue, 04 Oct 2022 15:34:48 GMT
Server: Apache/2.4.25 (Debian)
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.konnexion.io/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.konnexion.io/wp-content/uploads/2022/06/Logo-texte@3x.png
200 OK 11 kB URL HTTP/1.1 www.konnexion.io/wp-content/uploads/2022/06/Logo-texte@3x.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0680e709f05b64f0b6bd5944694f967f
ae3aa129d3cc66c43b7e08c6d47d12bc3d564eb6
a9ec3bade2462b376adc6bc7df37e24d61957594e5be2b0c59696f286e6f6056
GET /wp-content/uploads/2022/06/Logo-texte@3x.png HTTP/1.1
Host: www.konnexion.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/home/usps/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:34:48 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Wed, 08 Jun 2022 17:38:20 GMT
ETag: "2be6-5e0f32bceeaf3"
Accept-Ranges: bytes
Content-Length: 11238
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/webp
ocsp.digicert.com/
200 OK 471 B IP
Hash 16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6343
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:34:48 GMT
Last-Modified: Tue, 04 Oct 2022 13:49:05 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
www.konnexion.io/wp-content/uploads/themify-concate/2164317601/themify-3702182379.css
200 OK 13 kB URL HTTP/1.1 www.konnexion.io/wp-content/uploads/themify-concate/2164317601/themify-3702182379.css
IP
File type Unicode text, UTF-8 text, with very long lines (12215)
Hash c8b274c66c2577e42f3ead76b5b16202
0104a04525fd6f0e0271d537ad144c930dd4f7dd
2f27743657c21eed2db95d68e031c9ef8092a1fb2c7247e513dd963278de63ba
GET /wp-content/uploads/themify-concate/2164317601/themify-3702182379.css HTTP/1.1
Host: www.konnexion.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/home/usps/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:34:48 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Tue, 21 Jun 2022 14:27:23 GMT
ETag: "fad3-5e1f604da2a32-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13324
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:34:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 195d162678034c3ab84daffa4c4a5723
85fab036e8ab318c51b5c05ff33f2388e5716acd
03e8ce6aa80a44c5f2abf860c3bbf25d8e56fc49458a3f8c11fbe2130b71bb6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:34:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.konnexion.io/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.3.0-b-modified-1655298234
200 OK 1.9 kB URL HTTP/1.1 www.konnexion.io/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.3.0-b-modified-1655298234
IP
File type ASCII text, with very long lines (8428), with no line terminators
Hash e8806d395b05deb31eab5523e7b92875
2a876249c7b2db5e55140b5875769be9dc44df4b
3e322e8c743b02323313cbda6dc54ad261013a4ed6c2aac2a172af40486b5a76
GET /wp-content/plugins/cookie-notice/js/front.min.js?ver=2.3.0-b-modified-1655298234 HTTP/1.1
Host: www.konnexion.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/home/usps/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:34:48 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Wed, 15 Jun 2022 13:03:54 GMT
ETag: "20ec-5e17c2748722b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1933
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.konnexion.io/wp-content/plugins/convertkit/resources/frontend/css/broadcasts.css?ver=1.9.7.9-b-modified-1656427655
200 OK 404 B URL HTTP/1.1 www.konnexion.io/wp-content/plugins/convertkit/resources/frontend/css/broadcasts.css?ver=1.9.7.9-b-modified-1656427655
IP
Hash e7b83c2752477bd8d5964274ec7134d9
3d565a0fba452dd0101cfe9c30753dc3225a2610
2a1465167757a9c4bedb8446f9a624723bf014c7601b4e691aede89d7f30cdfe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/convertkit/resources/frontend/css/broadcasts.css?ver=1.9.7.9-b-modified-1656427655 HTTP/1.1
Host: www.konnexion.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/home/usps/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:34:48 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Tue, 28 Jun 2022 14:47:35 GMT
ETag: "587-5e2831e02358a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 404
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.konnexion.io
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 504040
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.konnexion.io/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6-b-modified-1655884972
200 OK 972 B URL HTTP/1.1 www.konnexion.io/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6-b-modified-1655884972
IP
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6-b-modified-1655884972 HTTP/1.1
Host: www.konnexion.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/home/usps/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:34:48 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Wed, 22 Jun 2022 08:02:52 GMT
ETag: "aab-5e204c398dffe-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 972
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
fonts.gstatic.com/s/publicsans/v14/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/publicsans/v14/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 25320, version 1.0\012- data
Hash 098efcdd0d179610154999da1cefedb4
8c61253b07f5833a6c8b0d30c654113f02660774
ecd01d6ed5d492148e9ba9ead2db0ee09b8664e9e6cda3150ad7d31977c2e702
GET /s/publicsans/v14/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.konnexion.io
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 22:06:30 GMT
expires: Tue, 03 Oct 2023 22:06:30 GMT
cache-control: public, max-age=31536000
age: 62898
last-modified: Mon, 18 Jul 2022 19:46:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.konnexion.io/wp-content/uploads/js_composer/custom.css?ver=6.8.0
200 OK 491 B URL HTTP/1.1 www.konnexion.io/wp-content/uploads/js_composer/custom.css?ver=6.8.0
IP
File type ASCII text, with CRLF line terminators
Hash bca2dbc544820d424d41b5d48635350c
9588f2a3d046290e37fdf67f53fda5322fac8e42
4b2397376a4ea84faee9d3d9d959bac94dea33278425d88d62c6b6f46476ec21
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/js_composer/custom.css?ver=6.8.0 HTTP/1.1
Host: www.konnexion.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/home/usps/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:34:48 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Fri, 17 Jun 2022 09:19:10 GMT
ETag: "58d-5e1a13f3e12a6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 491
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.konnexion.io/wp-content/plugins/cookie-notice/css/front.min.css?ver=-b-modified-1655298234
200 OK 1.1 kB URL HTTP/1.1 www.konnexion.io/wp-content/plugins/cookie-notice/css/front.min.css?ver=-b-modified-1655298234
IP
File type ASCII text, with very long lines (5326), with no line terminators
Hash 4765930cff445835166053fb1163ba5e
412d4bd3997de7b1a501ce3c7a39633d5c8ac0bf
40ca85a39a9fbf5f22b8b5f59acff8f62cc80d9e0eea370d4a96e53401a07530
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cookie-notice/css/front.min.css?ver=-b-modified-1655298234 HTTP/1.1
Host: www.konnexion.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/home/usps/verification/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:34:48 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Wed, 15 Jun 2022 13:03:54 GMT
ETag: "14ce-5e17c274881cb-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1106
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:34:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:34:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/publicsans/v14/ijwTs572Xtc6ZYQws9YVwnNDTJzaxw.woff2
200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/publicsans/v14/ijwTs572Xtc6ZYQws9YVwnNDTJzaxw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 26988, version 1.0\012- data
Hash f9c92892c1464c03fb5f2f1c9f4cdb0f
99c19bccb8b00acb0be046d90a24e38ae29ff39a
ebca5d315224a0c777691e529227971de2175a03a5183ec4ff705124f2cdf1b6
GET /s/publicsans/v14/ijwTs572Xtc6ZYQws9YVwnNDTJzaxw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.konnexion.io
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26988
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 07:22:25 GMT
expires: Wed, 04 Oct 2023 07:22:25 GMT
cache-control: public, max-age=31536000
age: 29543
last-modified: Mon, 18 Jul 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:34:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.konnexion.io/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
200 OK 31 kB URL HTTP/1.1 www.konnexion.io/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.konnexion.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/home/usps/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:34:48 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Tue, 21 Jun 2022 14:22:09 GMT
ETag: "15db1-5e1f5f227d436-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30908
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.konnexion.io/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6-b-modified-1655884972
200 OK 6.5 kB URL HTTP/1.1 www.konnexion.io/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6-b-modified-1655884972
IP
File type ASCII text, with very long lines (21821), with no line terminators
Hash 935b2704ae65c0ae9e160f6801c1a586
b044bbd09f47ac4f5defafb667a6a283116275b5
3d5ef8e4d2685ea539cdd441135f714411d666010e88de82228dee8b8a578346
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6-b-modified-1655884972 HTTP/1.1
Host: www.konnexion.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/home/usps/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:34:48 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Wed, 22 Jun 2022 08:02:52 GMT
ETag: "553d-5e204c398c0be-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6538
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:34:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.konnexion.io
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 01:31:40 GMT
expires: Mon, 02 Oct 2023 01:31:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 223388
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.konnexion.io/wp-content/themes/themify-ultra/themify/js/main.js?ver=1662624588
200 OK 14 kB URL HTTP/1.1 www.konnexion.io/wp-content/themes/themify-ultra/themify/js/main.js?ver=1662624588
IP
Hash 77da39e51d75896a8059bf1802ffa7cf
b47f983cfd91939c80d9b368eaf3c99e68cca074
aa7e3eb02aa20ef938de302ab3c5b23029128dad859ce98a048bfbe6d57a2207
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/themify-ultra/themify/js/main.js?ver=1662624588 HTTP/1.1
Host: www.konnexion.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/home/usps/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:34:48 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Thu, 16 Jun 2022 10:14:38 GMT
ETag: "12e6d-5e18de7c84b0f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14346
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.konnexion.io/wp-content/plugins/convertkit/resources/frontend/js/broadcasts.js?ver=1.9.7.9-b-modified-1656427655
200 OK 884 B URL HTTP/1.1 www.konnexion.io/wp-content/plugins/convertkit/resources/frontend/js/broadcasts.js?ver=1.9.7.9-b-modified-1656427655
IP
Hash fdce07f5c893a9a935d58996227a49d6
54307d38f5604e8ab7399599ce9ce1c28a03247d
5931c21e3194cf44fe48efb6abb328b1a45d181f3028a88c6148c64272f15844
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/convertkit/resources/frontend/js/broadcasts.js?ver=1.9.7.9-b-modified-1656427655 HTTP/1.1
Host: www.konnexion.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/home/usps/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:34:48 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Tue, 28 Jun 2022 14:47:35 GMT
ETag: "9bf-5e2831e02358a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 884
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.konnexion.io
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 504040
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.konnexion.io/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
200 OK 2.5 kB URL HTTP/1.1 www.konnexion.io/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
File type ASCII text, with very long lines (6475), with no line terminators
Hash 27cbbd0a9d7c5ad9402118c4afc36035
7659d08a005f5ecfa6c779e3cda45c30007fd059
ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.konnexion.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/home/usps/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:34:48 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Tue, 21 Jun 2022 14:22:09 GMT
ETag: "194b-5e1f5f229d7d6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2457
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.konnexion.io/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
200 OK 7.1 kB URL HTTP/1.1 www.konnexion.io/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 2f4fcc5a628b379672d76b7e91cbdf07
9d72f2c9cbc1e9b036360acfce8c8ccc8b832b8c
a360f715a418026d2e1acd81c02c83233d0c0b60fdf4ce0b4d33562925d6a0b5
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.konnexion.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/home/usps/verification/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:34:48 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Tue, 21 Jun 2022 14:22:09 GMT
ETag: "4ac6-5e1f5f229d7d6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7095
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.konnexion.io/wp-content/uploads/2021/02/logo-konnexion.png
200 OK 40 kB URL HTTP/1.1 www.konnexion.io/wp-content/uploads/2021/02/logo-konnexion.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5349f7e490d38f36468eb54873c86b38
4cc85c64898de049babd334ef29f25077c294e6e
7d45428ca0d706e5bd0dd21148d85791db38b7e3496f8a20a0ba59bed0b1d873
GET /wp-content/uploads/2021/02/logo-konnexion.png HTTP/1.1
Host: www.konnexion.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/home/usps/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:34:48 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Thu, 01 Apr 2021 07:14:18 GMT
ETag: "9acc-5bee3facac680"
Accept-Ranges: bytes
Content-Length: 39628
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/webp
fonts.gstatic.com/s/publicsans/v13/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/publicsans/v13/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 25300, version 1.0\012- data
Hash 49fa93b58a51993333b8a10308b207ef
b617548f28f0fa3295e273df5581788369d96989
a6848cc32e00efb8879283cac5cc7e3d4b6bc1fd69d1612b4e8e2a42e40bd4c8
GET /s/publicsans/v13/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.konnexion.io
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Sep 2022 07:14:48 GMT
expires: Sat, 30 Sep 2023 07:14:48 GMT
cache-control: public, max-age=31536000
age: 375600
last-modified: Thu, 26 May 2022 21:09:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/publicsans/v13/ijwTs572Xtc6ZYQws9YVwnNDTJzaxw.woff2
200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/publicsans/v13/ijwTs572Xtc6ZYQws9YVwnNDTJzaxw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 26860, version 1.0\012- data
Hash 79c72024225bc4b6bc8943b9d63a75db
ba66a8662a6029a35f4086f3b6c90ac18d39e29a
8bc820632d8e0f986a20b529d276a9b411311c0ea091fa39f362844760f011d8
GET /s/publicsans/v13/ijwTs572Xtc6ZYQws9YVwnNDTJzaxw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.konnexion.io
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Sep 2022 21:11:27 GMT
expires: Sat, 30 Sep 2023 21:11:27 GMT
cache-control: public, max-age=31536000
age: 325401
last-modified: Thu, 26 May 2022 21:09:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DhBQuxdWydTttCRsJj+nng==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PE5WYrQ5wYn7lmfNjeumpLhDfsU=
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 60dea52abe2437132a0387ad8becc0ac
61e9fb41f1fc795ef7204b8948621d4dbc6d3052
ac998fb48810aeb183ec2d19cfd58b81f2243207add4c553e1e87f00fa6d5f3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:34:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-KGLDXFQ
200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KGLDXFQ
IP
File type ASCII text, with very long lines (2039)
Hash 692c6d10e298c660f758c797f70700a7
50fee214501d2dc7150e8ca457a195dec263a2e0
433840638e1a15a920a6fdf282d20ccf8ae7bf0a3c435754abc90dbe12373ff7
GET /gtm.js?id=GTM-KGLDXFQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 15:34:48 GMT
expires: Tue, 04 Oct 2022 15:34:48 GMT
cache-control: private, max-age=900
last-modified: Tue, 04 Oct 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44618
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:34:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.konnexion.io/wp-content/uploads/2021/03/favicon_SiteWeb-1.png
200 OK 1.8 kB URL HTTP/1.1 www.konnexion.io/wp-content/uploads/2021/03/favicon_SiteWeb-1.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 366aa8efa17ac8efc62d02d449ad38d5
e05dbf3fe16d50baade7ebde4fb54d52ea261a69
28f91e0aec78de10aa0f76a9cf5aa1e0142c9317e553b4348384ea8e02aaa266
GET /wp-content/uploads/2021/03/favicon_SiteWeb-1.png HTTP/1.1
Host: www.konnexion.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/home/usps/verification/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:34:48 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Thu, 01 Apr 2021 09:46:09 GMT
ETag: "6d6-5bee619d99a40"
Accept-Ranges: bytes
Content-Length: 1750
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/webp
static.hotjar.com/c/hotjar-2749364.js?sv=5
200 OK 3.1 kB URL HTTP/2 static.hotjar.com/c/hotjar-2749364.js?sv=5
IP
File type ASCII text, with very long lines (3790)
Hash 07a5c0e6f01df5d9262950917b86d341
cffb59d7ba0cafcd9240a67b6f0c8bd82e7e9b66
cf9be266d091870aac200b5dd4d099eabccde4cd141a9a1ef9a9a2dbc60848a6
GET /c/hotjar-2749364.js?sv=5 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 04 Oct 2022 15:34:49 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/f32b60189d9e69f707a96378cff258b0
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vk1sR4NKG2dZ1yb9Xd6HBxzB0mycAUUv6VKZkP5vWhuQCyicvEDaDg==
X-Firefox-Spdy: h2
script.hotjar.com/modules.21c2ce197b1deec7582e.js
200 OK 66 kB URL HTTP/2 script.hotjar.com/modules.21c2ce197b1deec7582e.js
IP
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 4fb85c520d1f9c1576ffa3692f55f082
a7f3a0d9d36b611b0718b5f1233740b4221f4c60
d795f3312ca5f96077a04a0dfeb745c2634f4beb27c197cd3e3960c5634fe6df
GET /modules.21c2ce197b1deec7582e.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 66175
date: Tue, 04 Oct 2022 15:02:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "4fb85c520d1f9c1576ffa3692f55f082"
last-modified: Tue, 04 Oct 2022 15:02:04 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xb85cnnGi29x_T2qjZ1l4mgePitdeB3nIwAFoQ8dMo5nVyGuVi8dAA==
age: 1963
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 04 Oct 2022 14:41:09 GMT
expires: Tue, 04 Oct 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 3220
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:34:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-213008989-1&cid=590170322.1664897689&jid=1762866002&gjid=468130726&_gid=513353934.1664897689&_u=YADAAEAAAAAAACAAI~&z=1079548094
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-213008989-1&cid=590170322.1664897689&jid=1762866002&gjid=468130726&_gid=513353934.1664897689&_u=YADAAEAAAAAAACAAI~&z=1079548094
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-213008989-1&cid=590170322.1664897689&jid=1762866002&gjid=468130726&_gid=513353934.1664897689&_u=YADAAEAAAAAAACAAI~&z=1079548094 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.konnexion.io
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.konnexion.io
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 04 Oct 2022 15:34:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 1e661f69596ae8f4c9bb890b9b03576b
3140da34d5bd6c319bff5ab5b0685f4c881b5d9a
2969b941f6e6f984f563f606d11728734cd5f7f0e3a5da7614d59bf0ec91e116
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 15:34:49 GMT
Last-Modified: Tue, 04 Oct 2022 14:26:18 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tKNGkCYDGT__4pPJoNxfR4s72fmtogSCbpqUXXb3HfmjawwQ5esYjw==
Age: 4111
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:34:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e13df37c7a0102aa69d97512e4f3bad4
2c3019bef2f4bc34b3f3dc212b30d4fad04f8b37
cfbc8bfd83a8eb63bf5d189e398e1373222f1d1bde223fba70e3c7b560c708aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:34:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b45b15bb651cc185ea82d91a51f06b5a
44987727be72bb12b4e4fc4fac50145835512750
f0b61426de169cf2efde87ac98d5123ea785004ad05c05932a099b644b2fdf64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:34:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-213008989-1&cid=590170322.1664897689&jid=1762866002&_u=YADAAEAAAAAAACAAI~&z=1336712730
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-213008989-1&cid=590170322.1664897689&jid=1762866002&_u=YADAAEAAAAAAACAAI~&z=1336712730
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-213008989-1&cid=590170322.1664897689&jid=1762866002&_u=YADAAEAAAAAAACAAI~&z=1336712730 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 15:34:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-213008989-1&cid=590170322.1664897689&jid=1762866002&_u=YADAAEAAAAAAACAAI~&z=1336712730
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-213008989-1&cid=590170322.1664897689&jid=1762866002&_u=YADAAEAAAAAAACAAI~&z=1336712730
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-213008989-1&cid=590170322.1664897689&jid=1762866002&_u=YADAAEAAAAAAACAAI~&z=1336712730 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 15:34:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e13df37c7a0102aa69d97512e4f3bad4
2c3019bef2f4bc34b3f3dc212b30d4fad04f8b37
cfbc8bfd83a8eb63bf5d189e398e1373222f1d1bde223fba70e3c7b560c708aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:34:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-57RFCLXX7H>m=2oe9s0&_p=1805932662&cid=590170322.1664897689&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664897688&sct=1&seg=0&dl=https%3A%2F%2Fwww.konnexion.io%2Fhome%2Fusps%2Fverification%2F&dt=Page%20non%20trouv%C3%A9e%20%E2%80%93%20Konnexion&en=page_view&_fv=1&_nsi=1&_ss=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-57RFCLXX7H>m=2oe9s0&_p=1805932662&cid=590170322.1664897689&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664897688&sct=1&seg=0&dl=https%3A%2F%2Fwww.konnexion.io%2Fhome%2Fusps%2Fverification%2F&dt=Page%20non%20trouv%C3%A9e%20%E2%80%93%20Konnexion&en=page_view&_fv=1&_nsi=1&_ss=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-57RFCLXX7H>m=2oe9s0&_p=1805932662&cid=590170322.1664897689&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664897688&sct=1&seg=0&dl=https%3A%2F%2Fwww.konnexion.io%2Fhome%2Fusps%2Fverification%2F&dt=Page%20non%20trouv%C3%A9e%20%E2%80%93%20Konnexion&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.konnexion.io
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.konnexion.io
date: Tue, 04 Oct 2022 15:34:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f936b953fdf91692463e6745f5151375
9f94b177ba59497086040cbec72f9e26e22a54c3
21c4c1a25e3f41ea5d0262216d19cb081023a79500eae7dab8b8c1f5022ad18e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:34:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ws7.hotjar.com/api/v2/client/ws
101 Switching Protocols 0 B URL HTTP/1.1 ws7.hotjar.com/api/v2/client/ws
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v2/client/ws HTTP/1.1
Host: ws7.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.konnexion.io
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: G1XtYMRU0O2O29cmyPEwSQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 04 Oct 2022 15:34:49 GMT
Content-Type: application/octet-stream
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: O/7VAT5LCYFPLseyudHfKschrUA=
Sec-WebSocket-Extensions: permessage-deflate
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5917
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 15:34:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5917
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 15:34:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5917
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 15:34:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5917
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 15:34:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5917
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 15:34:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bf68975-a099-4d4b-9abd-6e684653439d.webp
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bf68975-a099-4d4b-9abd-6e684653439d.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f62719b24a32198c6f462a0a0412ac98
d893d8035379e06e53e365b9f47f5da40bff932b
ca863affca1559e92e415a4de2e78e4b4c1ec4cf8e8549693499c6f79bd27975
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bf68975-a099-4d4b-9abd-6e684653439d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10878
x-amzn-requestid: a849d918-ec40-47d4-93cb-e938b010bd50
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpJKGAPIAMFSiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556d-242a8d2208b6574c34063c1f;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7ZaoEBhn_F_zDvoalcEpb4PtdGMuU9stAktSCviy5SsaaBaxYUJ6Fg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 64230
etag: "d893d8035379e06e53e365b9f47f5da40bff932b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 64217
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54b3ef7aa50273b78b59c24511b0c1f9
e2ea2ef6805e391c497e62e101e76a0bdecfce64
296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 44jC1Ww19YUJjZHw9_3cSSR5Y7nw5df412G-RxWFTcbRz1XDKaT3zQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:35 GMT
age: 64215
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 64230
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:51 GMT
age: 39119
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 64230
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
js-eu1.usemessages.com/conversations-embed.js
200 OK 21 kB URL HTTP/2 js-eu1.usemessages.com/conversations-embed.js
IP
File type C source, ASCII text, with very long lines (65536), with no line terminators
Hash 0e833aa07bfd4c6c7fd79524329d1b63
1417f17f7f13d6525fb521ee57cf3ed1945ec56c
952f28d30fe459fd32d2d40681b0943a1efc33c1796571055068d7f572bc1be6
GET /conversations-embed.js HTTP/1.1
Host: js-eu1.usemessages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:34:50 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Fri, 30 Sep 2022 03:28:22 UTC
etag: W/"8f72896eff8de085fc34d4ab80d97463"
x-amz-server-side-encryption: AES256
x-amz-version-id: y24q1zYP7BjLwmSbcrvN2WI7ANyjR6Yj
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: FVihY9Va90EKpUz6LFofY3BIimOqYtYIhSMQHZw2AOpPq1OJh6l4YA==
cache-control: max-age=600
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10873/bundles/project.js&cfRay=752e0bce3d3410c1-FRA
x-hs-target-asset: conversations-embed/static-1.10873/bundles/project.js
x-hs-cache-status: MISS
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 3
server: cloudflare
cf-ray: 754efbe2b9ceb4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
api-eu1.hubspot.com/livechat-public/v1/message/public?portalId=25673195&conversations-embed=static-1.10873&mobile=false&messagesUtk=9ded1fab7869414ca8650179d4c9ff83&traceId=9ded1fab7869414ca8650179d4c9ff83
200 OK 1.5 kB URL HTTP/2 api-eu1.hubspot.com/livechat-public/v1/message/public?portalId=25673195&conversations-embed=static-1.10873&mobile=false&messagesUtk=9ded1fab7869414ca8650179d4c9ff83&traceId=9ded1fab7869414ca8650179d4c9ff83
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (2976), with no line terminators
Hash addc4f0085667b74db659c759d9e7e0e
88eff7cc9c3147f8c64cb1305e1bf14767234b2e
a0334dbbfbdb89692322c06d5f6aecd5ed0456e6b2b455430adb214f22c5f0ae
GET /livechat-public/v1/message/public?portalId=25673195&conversations-embed=static-1.10873&mobile=false&messagesUtk=9ded1fab7869414ca8650179d4c9ff83&traceId=9ded1fab7869414ca8650179d4c9ff83 HTTP/1.1
Host: api-eu1.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-HubSpot-Messages-Uri: https://www.konnexion.io/home/usps/verification/
Origin: https://www.konnexion.io
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:34:51 GMT
content-type: application/json;charset=utf-8
content-length: 1482
x-trace: 2B7B8633F766CEF442A88F1D88FC68DFC4393F6FA0000000000000000000
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
vary: origin
x-hubspot-correlation-id: d6f6e76a-1484-4981-87d4-04a9733bac24
content-encoding: gzip
access-control-allow-credentials: false
access-control-allow-origin: https://www.konnexion.io
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=XA.dlPfensNZzyFt_6xCpVUj_IsakCGAh_svgdEayao-1664897691-0-AUFdQ85VEwB+nsdQGfKfkiKaErUcynvSi0DiBE/lwoCNv4RK/qMnZsI+75zYQPutjVuQLkiufn4ukcBhTfMEpr4=; path=/; expires=Tue, 04-Oct-22 16:04:51 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPe8CWuqX4QSkg6652rFhgNHcUyknlgd0Ab52vy9YhN%2BS1pAkhTaQ%2Bmypwcl0GLcJWurSyfNDV9TNYIqSrYcjpR%2BvJwVotarWq0R8lL4P9Jroz63MgmLdBPYMDTMxaK1oTIxlYE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 754efbea0c079938-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.hsappstatic.net/conversations-visitor-ui/static-1.13325/bundles/visitor.js
200 OK 156 kB URL HTTP/2 static.hsappstatic.net/conversations-visitor-ui/static-1.13325/bundles/visitor.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 156 kB (156050 bytes)
Hash 8ce505db572fc1f71a4f612d9d3cc88f
0b633861105c570b42d887845750cb3d56dd27a4
1c79a3d47371a59f33a22cb281ba606ba0e4f3bef2a9d4750c0142a0cbf4e2b7
GET /conversations-visitor-ui/static-1.13325/bundles/visitor.js HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app-eu1.hubspot.com
Connection: keep-alive
Referer: https://app-eu1.hubspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:34:52 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Fri, 30 Sep 2022 15:00:58 GMT
etag: W/"b7314e5c2ccf63c800c5119b6c75b721"
x-amz-server-side-encryption: AES256
x-amz-version-id: alCi0ss_LCvbn4fkk1UpshgP1giGWdic
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 f13ebb34b9ca74b5ffe9e85709c21a7c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: b-jgA6jEGyhGp4ZHgBNw29syAlskLl8YSLDlaFeZSH8Ulo1O7PvSUQ==
cf-cache-status: HIT
age: 345970
expires: Wed, 04 Oct 2023 15:34:52 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIpHB2t6V3NJ9LqDjtou3koQnCYyhiLGKlajNdzgeXVkRr%2BeqIWsSj2a%2Fx04N140Tci8%2FZJbhQNwXY80dDTNewISqLgr%2FnzBFd7mVd4sybeWJbnWP8LAC2DIpmb1UXu885Yt17LELbc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 754efbf24af40af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.konnexion.io/wp-content/themes/themify-ultra/themify/js/modules/themify.sidemenu.js?ver=5.6.2
200 OK 1.4 kB URL HTTP/1.1 www.konnexion.io/wp-content/themes/themify-ultra/themify/js/modules/themify.sidemenu.js?ver=5.6.2
IP
Hash 5d06a104ecefd4535850a990d078dd95
a87531cc50628c23c5c782cc7a77d427529b3c56
db182124c577687e32c5896b9adb08d6d9070f7623efc202b66d4de95402d5c7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/themify-ultra/themify/js/modules/themify.sidemenu.js?ver=5.6.2 HTTP/1.1
Host: www.konnexion.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/home/usps/verification/
Cookie: _ga_57RFCLXX7H=GS1.1.1664897688.1.0.1664897688.0.0.0; _ga=GA1.2.590170322.1664897689; _gid=GA1.2.513353934.1664897689; _gat_UA-213008989-1=1; _hjSessionUser_2749364=eyJpZCI6ImJjNDhjNjFlLWI0YzUtNWIyNC1hYzM4LTc5YjlmNzQ3Y2I5ZSIsImNyZWF0ZWQiOjE2NjQ4OTc2ODg3ODEsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=1; _hjSession_2749364=eyJpZCI6IjRiNjYzODAwLWUyMTctNDgyZC1hY2NlLWI0NmNlMWYwYWM0MiIsImNyZWF0ZWQiOjE2NjQ4OTc2ODg4MjMsImluU2FtcGxlIjp0cnVlfQ==; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; __hstc=231229632.39b482892e45f985e03cc319321541e2.1664897692223.1664897692223.1664897692223.1; hubspotutk=39b482892e45f985e03cc319321541e2; __hssrc=1; __hssc=231229632.1.1664897692223
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:34:52 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Thu, 16 Jun 2022 10:14:38 GMT
ETag: "118f-5e18de7c84b0f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1427
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
ws7.hotjar.com/api/v2/sites/2749364/recordings/content
200 OK 26 kB URL HTTP/2 ws7.hotjar.com/api/v2/sites/2749364/recordings/content
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 82c66d7ea18399c9e6af53c6609d569d
5abbc37f13f623ca7d5d21f1fb8484b70751b365
d5c8697d32dfab47174cd043dfd40254e26294ae07ec8b594a2630224aae1ed7
POST /api/v2/sites/2749364/recordings/content HTTP/1.1
Host: ws7.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 74581
Origin: https://www.konnexion.io
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:34:49 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
f.hubspotusercontent-eu1.net/hub/25673195/hubfs/icone-konnexion.png?width=108&height=108
200 OK 8.1 kB URL HTTP/2 f.hubspotusercontent-eu1.net/hub/25673195/hubfs/icone-konnexion.png?width=108&height=108
IP
Hash f0f11c5fbbfbcfe0a1a911256e476887
1a88329745ef4d91793f52c661d9d64d49af8b17
14930387cd9039eda1d43580ff864cfd1cba491eed47c3ea5ed158c33c253819
GET /hub/25673195/hubfs/icone-konnexion.png?width=108&height=108 HTTP/1.1
Host: f.hubspotusercontent-eu1.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-eu1.hubspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:34:53 GMT
content-type: image/png
content-length: 3526
cf-ray: 754efbf52848b51d-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
etag: "121627d78eae7781969cc3b57e005b0b"
expires: Tue, 18 Oct 2022 15:34:53 GMT
last-modified: Fri, 12 Aug 2022 14:17:59 GMT
vary: Accept-Encoding
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cf-cache-status: MISS
access-control-allow-methods: GET
cache-tag: F-51776204250,P-25673195,FLS-ALL
edge-cache-tag: F-51776204250,P-25673195,FLS-ALL
x-amz-cf-id: icw6a22bzV0WnkyynZ2He43xr_Fe5Z2_e-CleqD6LVllBCK2uW5W8g==
x-amz-cf-pop: FRA53-C1
x-amz-meta-created-unix-time-millis: 1660313878607
x-amz-meta-index-tag: none
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: RefreshHit from cloudfront
x-hs-alternate-content-type: text/plain
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
x-robots-tag: none
server: cloudflare
X-Firefox-Spdy: h2
app-eu1.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.13325
204 No Content 368 B URL HTTP/2 app-eu1.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.13325
IP
Hash 454a787d6294b8d3e234e17b269ff7c1
be7721b8e591d4fbf6d92d488d61070677d4c266
e4c8aae0200a42f8bce18e57d6d64af42e5c1e9c8323cc56becf088c60562f28
POST /api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.13325 HTTP/1.1
Host: app-eu1.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 247
Origin: https://app-eu1.hubspot.com
Connection: keep-alive
Referer: https://app-eu1.hubspot.com/conversations-visitor/25673195/threads/utk/9ded1fab7869414ca8650179d4c9ff83?uuid=cb129a38db7b49c78eac9820b9f9c8fa&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=konnexion.io&inApp53=false&messagesUtk=9ded1fab7869414ca8650179d4c9ff83&url=https%3A%2F%2Fwww.konnexion.io%2Fhome%2Fusps%2Fverification%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hubspotUtk=39b482892e45f985e03cc319321541e2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Tue, 04 Oct 2022 15:34:53 GMT
cf-ray: 754efbf8ce7298ee-ARN
access-control-allow-origin: https://app-eu1.hubspot.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet
access-control-max-age: 604800
timing-allow-origin: *
x-hubspot-correlation-id: 54390a5f-db8b-4ba3-b29f-76e528ca7088
set-cookie: __cf_bm=fdYKYJk4XpFQuES0nWLoa.iCprva8FVqRqdNUn_nUnU-1664897693-0-ASJuaSV0fG7ZifI3umhx+Gz5iHvJZfg4T/N44Y+GpnXsI47OK93e3bqyqH2MfaRcDFq30b7403Az9Kbtr9qRPVc=; path=/; expires=Tue, 04-Oct-22 16:04:53 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0wiM32vPBLKRgCdM3XfIQWLoDkr%2FlJioVPmvWTbT3iEwyUSlPOSV0Neqzo9QJviL9vXdK6%2FuET%2BONohi8B79b6BLyu9Odlvb9g5%2BC3%2BhdEc9h4Y%2BbSIYk21OithDpW1ef%2Fu2XQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.konnexion.io/wp-content/themes/themify-ultra/styles/modules/filters/none.css?ver=5.6.6
200 OK 182 B URL HTTP/1.1 www.konnexion.io/wp-content/themes/themify-ultra/styles/modules/filters/none.css?ver=5.6.6
IP
Hash 3e010f149a7312f87eac7ea593424991
75e39b3d8fb6185602ed453eff5e926520cd6627
a0c5464237cdcaef41d92e3f030d21c8954eff448ec62416ced3d4826e6ee108
GET /wp-content/themes/themify-ultra/styles/modules/filters/none.css?ver=5.6.6 HTTP/1.1
Host: www.konnexion.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/home/usps/verification/
Cookie: _ga_57RFCLXX7H=GS1.1.1664897688.1.0.1664897688.0.0.0; _ga=GA1.2.590170322.1664897689; _gid=GA1.2.513353934.1664897689; _gat_UA-213008989-1=1; _hjSessionUser_2749364=eyJpZCI6ImJjNDhjNjFlLWI0YzUtNWIyNC1hYzM4LTc5YjlmNzQ3Y2I5ZSIsImNyZWF0ZWQiOjE2NjQ4OTc2ODg3ODEsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=1; _hjSession_2749364=eyJpZCI6IjRiNjYzODAwLWUyMTctNDgyZC1hY2NlLWI0NmNlMWYwYWM0MiIsImNyZWF0ZWQiOjE2NjQ4OTc2ODg4MjMsImluU2FtcGxlIjp0cnVlfQ==; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; __hstc=231229632.39b482892e45f985e03cc319321541e2.1664897692223.1664897692223.1664897692223.1; hubspotutk=39b482892e45f985e03cc319321541e2; __hssrc=1; __hssc=231229632.1.1664897692223; messagesUtk=9ded1fab7869414ca8650179d4c9ff83
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:34:53 GMT
Server: Apache/2.4.25 (Debian)
Last-Modified: Thu, 16 Jun 2022 10:14:38 GMT
ETag: "26a-5e18de7c5ab30-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 182
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/css
app-eu1.hubspot.com/conversations-visitor/25673195/threads/utk/9ded1fab7869414ca8650179d4c9ff83?uuid=cb129a38db7b49c78eac9820b9f9c8fa&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=konnexion.io&inApp53=false&messagesUtk=9ded1fab7869414ca8650179d4c9ff83&url=https%3A%2F%2Fwww.konnexion.io%2Fhome%2Fusps%2Fverification%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
200 OK 16 kB URL HTTP/2 app-eu1.hubspot.com/conversations-visitor/25673195/threads/utk/9ded1fab7869414ca8650179d4c9ff83?uuid=cb129a38db7b49c78eac9820b9f9c8fa&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=konnexion.io&inApp53=false&messagesUtk=9ded1fab7869414ca8650179d4c9ff83&url=https%3A%2F%2Fwww.konnexion.io%2Fhome%2Fusps%2Fverification%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (30721)
Hash 5ba374c196571267787519299682ffcd
9d85aa121beec2e1d540675c1cf4df9627770bb4
48edf0111a5f28c101158580b5911bd8b0e8531b1b9427ba3448ac1521a66d38
GET /conversations-visitor/25673195/threads/utk/9ded1fab7869414ca8650179d4c9ff83?uuid=cb129a38db7b49c78eac9820b9f9c8fa&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=konnexion.io&inApp53=false&messagesUtk=9ded1fab7869414ca8650179d4c9ff83&url=https%3A%2F%2Fwww.konnexion.io%2Fhome%2Fusps%2Fverification%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false HTTP/1.1
Host: app-eu1.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:34:52 GMT
content-type: text/html; charset=utf-8
cf-ray: 754efbf17b8998ee-ARN
age: 2970
cache-control: max-age=600
etag: W/"f436886d761cb4742d741787ff9099c7"
last-modified: Fri, 30 Sep 2022 03:28:22 UTC
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.13325/html/index.html&cfRay=754efbf17b8998ee&reqUrl=https%3A%2F%2Fapp-eu1.hubspot.com%2Fconversations-visitor%2F25673195%2Fthreads%2Futk%2F9ded1fab7869414ca8650179d4c9ff83%3Fuuid%3Dcb129a38db7b49c78eac9820b9f9c8fa%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dkonnexion.io%26inApp53%3Dfalse%26messagesUtk%3D9ded1fab7869414ca8650179d4c9ff83%26url%3Dhttps%253A%252F%252Fwww.konnexion.io%252Fhome%252Fusps%252Fverification%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fwww.konnexion.io%2F&cfenv=prod&pdt=2022-10-04&csp=ro
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
reporting-endpoints: default="https://exceptions.hubspot.com/csp/reports?cfRay=754efbf17b8998ee&resource=conversations-visitor-ui/static-1.13325/html/index.html"
x-amz-cf-id: rO6WLi6qXUm578VFiKY3NmxtMhRxKYgW1l4599rwiNfYLvs9BS0iyA==
x-amz-cf-pop: FRA6-C1
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: S7BtrQzF8liyMMy.DQCNxOKIyEoXr8OF
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.13325/html/index.html
x-hs-worker-debug-mode: false
set-cookie: __cf_bm=hd28.vwq5WMCScMnHWLtUd_jvjmEqrBIkeu.cvza6wc-1664897692-0-AWSqUVgNWTbAyzgN7RKTou02z5PHwpEnaYamFgqFHQmb/mQWbmfTLwr3/xVXYH4yBldM497RtR7kTTlHhWRuxWA=; path=/; expires=Tue, 04-Oct-22 16:04:52 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js-eu1.hs-scripts.com/25673195.js?integration=WordPress&ver=8.13.58
200 OK 0 B URL HTTP/2 js-eu1.hs-scripts.com/25673195.js?integration=WordPress&ver=8.13.58
IP
GET /25673195.js?integration=WordPress&ver=8.13.58 HTTP/1.1
Host: js-eu1.hs-scripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:34:49 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2BCFC51F88E62F2B57AE9041290BF04EE1B58839FC000000000000000000
cache-control: public, max-age=30
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 39668105-8517-4b59-94e9-c93e1ba832d0
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://www.konnexion.io
cf-cache-status: MISS
last-modified: Tue, 04 Oct 2022 15:34:49 GMT
server: cloudflare
cf-ray: 754efbdfafa2993e-ARN
content-encoding: br
X-Firefox-Spdy: h2
js-eu1.hs-banner.com/25673195.js
200 OK 0 B URL HTTP/2 js-eu1.hs-banner.com/25673195.js
IP
GET /25673195.js HTTP/1.1
Host: js-eu1.hs-banner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:34:51 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: CTfnP6te2LoY9MBKK4v/jLTLhENmIY+GwP4cAObLUIbk8WQFjDZZltjy+WodW90N2sg6vz2CnRk=
x-amz-request-id: GAVJVT1F0RF882Q5
last-modified: Fri, 02 Sep 2022 15:30:57 GMT
etag: W/"7be7988fb60e7ba04b832bd028a384da"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: vUjteyfUXsjd0LGDaNLumBn7GtiNX_lj
access-control-allow-origin: https://www.konnexion.io
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
expires: Tue, 04 Oct 2022 15:39:51 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 754efbe9599415e8-ARN
content-encoding: br
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/2749364/visit-data?sv=5
200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/2749364/visit-data?sv=5
IP
POST /api/v2/client/sites/2749364/visit-data?sv=5 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 112
Origin: https://www.konnexion.io
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:34:49 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
js-eu1.hs-analytics.net/analytics/1664897400000/25673195.js
200 OK 0 B URL HTTP/2 js-eu1.hs-analytics.net/analytics/1664897400000/25673195.js
IP
GET /analytics/1664897400000/25673195.js HTTP/1.1
Host: js-eu1.hs-analytics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.konnexion.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:34:51 GMT
content-type: text/javascript
x-amz-id-2: J1ENhFyfORpp/cEquDsK/kl1ydYJOwoGbK2k0MMqr6QwnyetaAifstbc4tsZ3QWxj8gEhZPVZH4=
x-amz-request-id: GAVTP96HPGYEYWD2
last-modified: Fri, 02 Sep 2022 15:31:01 GMT
etag: W/"4d553df8fdfbebca287866794b19d52f"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Tue, 04 Oct 2022 15:39:51 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 754efbeb7ad515e4-ARN
content-encoding: br
X-Firefox-Spdy: h2
static.hsappstatic.net/head-dlb/static-1.234/bundle.production.js
200 OK 0 B URL HTTP/2 static.hsappstatic.net/head-dlb/static-1.234/bundle.production.js
IP
GET /head-dlb/static-1.234/bundle.production.js HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app-eu1.hubspot.com
Connection: keep-alive
Referer: https://app-eu1.hubspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:34:52 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Wed, 28 Sep 2022 17:07:56 GMT
etag: W/"af59323cc47b2bf2c3eeb0ed50217041"
x-amz-server-side-encryption: AES256
x-amz-version-id: YWDtvP_ZHgEUkBeD2cA0UllWA7dKrCQJ
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 954566f060b15d780520f7d4a3482500.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 59PxDYEnfSi2n5c-OMcK2OASusbR_Hp2L_KfNfFOY39j3ZTFN5WknA==
cf-cache-status: HIT
age: 510273
expires: Wed, 04 Oct 2023 15:34:52 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqSWTMVZgLiknmkHGwrz%2F%2Fdjk2gDi24LwsUsTQMFuWGyabPVd%2F53pz08o7moJ0N9FczOVWks%2BgDy0ogtT20Z0slMJKl8AG7TXx4QCr3ZCg7iNsaWIxImd63p2UY17MNerpgTwnE%2Bv5w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 754efbf24af00af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/visitor.css
200 OK 0 B URL HTTP/2 static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/visitor.css
IP
GET /conversations-visitor-ui/static-1.11843/sass/visitor.css HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-eu1.hubspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:34:52 GMT
content-type: text/css
x-amz-replication-status: PENDING
last-modified: Mon, 15 Nov 2021 19:50:41 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: LgyvJN0nZOCplqIYlCYJJ1cibXdW_3K_
etag: W/"370a89ea102d7b437eb549729472631f"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 ef25da0c32f918931915d02ad16016b9.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: sozNdfbKXPQ27W1Gh5_Ogz2KizWAagYWFHGF-Qbcer07dank0z_klg==
cf-cache-status: HIT
age: 1208080
expires: Wed, 04 Oct 2023 15:34:52 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRB11LxByKS2EJtOsqEjn8bkKzHNdkzG06YXvNcv30OZUOhaM6H3keBXSl%2BQ4i5FzrDgTmbgnfZP%2BfPyZVxqLK%2BpxSjY2exZeatZFNDPgjyYedJzxCKNAaApECk4Omp6zOmCBR9LQEw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 754efbf23a11b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.hsappstatic.net/hubspot-dlb/static-1.323/bundle.production.js
200 OK 0 B URL HTTP/2 static.hsappstatic.net/hubspot-dlb/static-1.323/bundle.production.js
IP
GET /hubspot-dlb/static-1.323/bundle.production.js HTTP/1.1
Host: static.hsappstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app-eu1.hubspot.com
Connection: keep-alive
Referer: https://app-eu1.hubspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:34:52 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Wed, 28 Sep 2022 19:48:57 GMT
etag: W/"935799ee774e355e90f1cbb52fd06f07"
x-amz-server-side-encryption: AES256
x-amz-version-id: Ln.tyCbqyOrowcoF3r7BJeIsSNnld2Qd
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 a7ccb4d80699d116fa5cf39b77f68f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: 18BTpewrmfnOsMeVIdiTFrW7m4t6IgAe1IPbO9VGKe3YEMk9eirV7g==
cf-cache-status: HIT
age: 438104
expires: Wed, 04 Oct 2023 15:34:52 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8btFEZ%2FCOQZyAiaTfICDihI8xA9RnDZ6BSXh34r7WTBBJcYugs3HsnrJOX0Ok4Um7JZtBiE%2BCzq7bMP3F7y0kvj2Wcfs%2FSnCJmF0kdEXsyf8nY0LNXSlPK2ZzTHQ3q9S664CRhRvt%2FI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 754efbf24afa0af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app-eu1.hubspot.com/api/livechat-public/v1/bots/public/bot/16223801/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.13325&conversations-visitor-ui=static-1.13325&traceId=9ded1fab7869414ca8650179d4c9ff83&sessionId=AG9vRP659Pv2C7xJFFFDTOzfRXhJLu6AZAN8KpcUfqk7IMxdnAog5x4N0_Jy89AE36yw4BBWM_Zj8n_rT59khVA8rp_I1ZhQvWM-N4qGhLjwZYynSUgBoWJvc1EdEXq1TdULG-W3MBW8FkY5TG3gd3TBmbvxochOGR06RQ8yCvtZeVU0EfgdxWg&hubspotUtk=39b482892e45f985e03cc319321541e2
200 OK 0 B URL HTTP/2 app-eu1.hubspot.com/api/livechat-public/v1/bots/public/bot/16223801/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.13325&conversations-visitor-ui=static-1.13325&traceId=9ded1fab7869414ca8650179d4c9ff83&sessionId=AG9vRP659Pv2C7xJFFFDTOzfRXhJLu6AZAN8KpcUfqk7IMxdnAog5x4N0_Jy89AE36yw4BBWM_Zj8n_rT59khVA8rp_I1ZhQvWM-N4qGhLjwZYynSUgBoWJvc1EdEXq1TdULG-W3MBW8FkY5TG3gd3TBmbvxochOGR06RQ8yCvtZeVU0EfgdxWg&hubspotUtk=39b482892e45f985e03cc319321541e2
IP
GET /api/livechat-public/v1/bots/public/bot/16223801/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.13325&conversations-visitor-ui=static-1.13325&traceId=9ded1fab7869414ca8650179d4c9ff83&sessionId=AG9vRP659Pv2C7xJFFFDTOzfRXhJLu6AZAN8KpcUfqk7IMxdnAog5x4N0_Jy89AE36yw4BBWM_Zj8n_rT59khVA8rp_I1ZhQvWM-N4qGhLjwZYynSUgBoWJvc1EdEXq1TdULG-W3MBW8FkY5TG3gd3TBmbvxochOGR06RQ8yCvtZeVU0EfgdxWg&hubspotUtk=39b482892e45f985e03cc319321541e2 HTTP/1.1
Host: app-eu1.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-eu1.hubspot.com/conversations-visitor/25673195/threads/utk/9ded1fab7869414ca8650179d4c9ff83?uuid=cb129a38db7b49c78eac9820b9f9c8fa&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=konnexion.io&inApp53=false&messagesUtk=9ded1fab7869414ca8650179d4c9ff83&url=https%3A%2F%2Fwww.konnexion.io%2Fhome%2Fusps%2Fverification%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hubspotUtk=39b482892e45f985e03cc319321541e2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:34:53 GMT
content-type: application/json;charset=utf-8
cf-ray: 754efbf5294198ee-ARN
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-hubspot-correlation-id: 8f732df9-e3af-43a3-bb10-ab891e5c9549
x-trace: 2B596BAD8D3C59353B8BA90E0DF5301E615B19A6E2000000000000000000
set-cookie: __cf_bm=AeFjfRh.0F_VhdpHowaBHtYOgkuqn1dkzP6SaQDrGNg-1664897693-0-ARoDNnZ9SPBB8RHq4tngXS9bYlHN7S4WpRg5ZCtceTFQ6+P6LhycurFtWuG/e3o/R65zkr99XEBVxrcJTSL4gRE=; path=/; expires=Tue, 04-Oct-22 16:04:53 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzTsJbqR3%2BpeZv5473sLJ7fyy%2BXpdq%2BhCHJcJtMfzC53tKk9Dq8X4p4qiIqRNtw%2Fuy2etdQ6QiBekPz5hnEXOO9ZtCGnnRxgdNppbq588cL%2Fi4uhPApaFllkvNp8w%2F4VXBcHoIU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
173.212.211.187
93.184.220.29
104.17.6.210
172.64.155.188
52.211.216.248
23.36.77.32